risu.io Open in urlscan Pro
2606:4700:3108::ac42:2902 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://risu.io/pfbSu
Effective URL:
https://risu.io/
Submission: On August 23 via api (August 23rd 2023, 8:20:27 pm UTC) from US — Scanned from US

Summary HTTP 442 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 79 IPs in 9 countries across 75 domains to perform 442 HTTP transactions. The main IP is 2606:4700:3108::ac42:2902, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.

This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 22	2606:4700:310... 2606:4700:3108::ac42:2902	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
8	34.98.102.251 34.98.102.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
42	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
3 20	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
19	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
7	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1 10	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
14	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
4 14	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
4 12	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
29	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
11 19	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
16	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 8	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2a00:1450:402... 2a00:1450:402a:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
8	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	2607:f8b0:401... 2607:f8b0:4017:3a::7	15169 (GOOGLE) (GOOGLE)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	20.114.74.38 20.114.74.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 34	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
2 2	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
3 4	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.23.107.16 52.23.107.16	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.204.243.99 54.204.243.99	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2 2	130.35.192.4 130.35.192.4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	207.198.113.87 207.198.113.87	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	64.74.236.127 64.74.236.127	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
6	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2 2	104.110.17.251 104.110.17.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	18.211.192.157 18.211.192.157	14618 (AMAZON-AES) (AMAZON-AES)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	2606:ae80:145... 2606:ae80:1451:18::1720	25751 (VALUECLICK) (VALUECLICK)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	52.72.213.198 52.72.213.198	14618 (AMAZON-AES) (AMAZON-AES)
1 3	23.52.160.7 23.52.160.7	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.81.191.174 34.81.191.174	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	184.28.206.17 184.28.206.17	16625 (AKAMAI-AS) (AKAMAI-AS)
8	96.17.65.140 96.17.65.140	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1	207.244.102.141 207.244.102.141	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
8 16	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
12	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:e00c:7c10:6fd8:d8f6	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
5 6	35.173.111.127 35.173.111.127	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.205.126.51 34.205.126.51	14618 (AMAZON-AES) (AMAZON-AES)
1 1	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
1	23.52.163.93 23.52.163.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.158.1.177 54.158.1.177	14618 (AMAZON-AES) (AMAZON-AES)
1	23.105.14.106 23.105.14.106	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	124.146.215.50 124.146.215.50	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	104.107.25.203 104.107.25.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
1 2	52.207.129.225 52.207.129.225	14618 (AMAZON-AES) (AMAZON-AES)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.203.128.117 34.203.128.117	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550a:ae19:cc5b:1b2b:71e3	14618 (AMAZON-AES) (AMAZON-AES)
1	35.174.68.73 35.174.68.73	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.237.181.95 54.237.181.95	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	100.25.87.174 100.25.87.174	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:9000:251... 2600:9000:2511:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	130.211.28.216 130.211.28.216	15169 (GOOGLE) (GOOGLE)
1 2	52.73.38.232 52.73.38.232	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.128.44 108.138.128.44	16509 (AMAZON-02) (AMAZON-02)
442	79

22 2606:4700:3108::ac42:2902 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com

assets.risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:822::2002 (United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:820::2004 (United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.210.196.208 (Fairfax, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a001::c (United States) 11 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.105.235.90 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:402a:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4017:3a::7 (United States)

ASN15169 (GOOGLE, US)

r2---sn-vgqsknek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.74.38 (San Antonio, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.251.40.226 (Newark, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.90.254.78 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.107.16 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-107-16.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.243.99 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-243-99.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.39 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.35.192.4 (Ashburn, United States) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.87 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.127 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.110.17.251 (Oslo, Norway) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-110-17-251.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.192.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-192-157.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:18::1720 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.213.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-213-198.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.52.160.7 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.81.191.174 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 174.191.81.34.bc.googleusercontent.com

pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.28.206.17 (Piscataway, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-206-17.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.17.65.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-140.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.244.102.141 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

us-east-ad-track.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 8.43.72.98 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:e00c:7c10:6fd8:d8f6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.87 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.76 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.173.111.127 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-111-127.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.205.126.51 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-126-51.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.102 (Victoria, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.1.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-1-177.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.14.106 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.106.rdns.racklot.com

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.107.25.203 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-25-203.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.129.225 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-129-225.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.128.117 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-128-117.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:ae19:cc5b:1b2b:71e3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.68.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-68-73.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.181.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-181-95.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.87.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-87-174.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2511:5000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 130.211.28.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.28.211.130.bc.googleusercontent.com

img.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.38.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-38-232.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-44.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com 2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com 4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com	706 KB
69	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 bid.g.doubleclick.net — Cisco Umbrella Rank: 825 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210	870 KB
49	criteo.com 12 redirects gum.criteo.com — Cisco Umbrella Rank: 435 bidder.criteo.com — Cisco Umbrella Rank: 784 mug.criteo.com — Cisco Umbrella Rank: 2707 cat.va.us.criteo.com — Cisco Umbrella Rank: 2781 ads.us.criteo.com — Cisco Umbrella Rank: 2725 widget.va.us.criteo.com — Cisco Umbrella Rank: 5684 dis.criteo.com — Cisco Umbrella Rank: 626	110 KB
32	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	909 KB
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 csm.us.criteo.net — Cisco Umbrella Rank: 2806	348 KB
30	risu.io 3 redirects risu.io assets.risu.io	1 MB
28	rubiconproject.com 12 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1075 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 617 pixel.rubiconproject.com — Cisco Umbrella Rank: 364	54 KB
23	aralego.com 5 redirects agent.aralego.com — Cisco Umbrella Rank: 259922 ads.aralego.com — Cisco Umbrella Rank: 39006 sync.aralego.com — Cisco Umbrella Rank: 2755 us-east-ad-track.aralego.com	19 KB
20	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 49608 gocm.c.appier.net — Cisco Umbrella Rank: 2451 pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 361845	9 KB
15	feebee.tw img.feebee.tw — Cisco Umbrella Rank: 289743 fsa-api.feebee.tw — Cisco Umbrella Rank: 248974	129 KB
15	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 166	4 KB
14	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14741	205 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 510	141 KB
10	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 89702 ssl.sitemaji.com — Cisco Umbrella Rank: 236857	56 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	599 B
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2828	4 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071 s.amazon-adsystem.com — Cisco Umbrella Rank: 320	4 KB
6	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1551	70 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 465	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	283 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 597	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 352	3 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	14 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 637 i6.liadm.com — Cisco Umbrella Rank: 2040	2 KB
3	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 248973	13 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	1 KB
3	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1339 criteo-sync.teads.tv — Cisco Umbrella Rank: 2419	766 B
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5239	980 B
3	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357	1 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1220 r2---sn-vgqsknek.c.2mdn.net — Cisco Umbrella Rank: 133928	947 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	211 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 783	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 688	874 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1623	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 391	739 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 803	699 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	1014 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 1944	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	888 B
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1695	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 553	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	973 B
2	pangle-ads.com 2 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 13525	2 KB
2	extend.tv 2 redirects sync.extend.tv — Cisco Umbrella Rank: 3289	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4673	1 KB
2	acuityplatform.com 2 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1274	1 KB
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2024	292 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 532	656 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2351
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	584 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 765	287 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1201	539 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 236	688 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1279	968 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3261	265 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 548	615 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 646	549 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 897	342 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1122	870 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1498	231 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 681	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 562	280 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 660	792 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3294	411 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 734	1 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 713	543 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1526	676 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4925	613 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 5973	732 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13661	520 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10942	292 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 6383	580 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
442	75

	Domain	Requested by
39	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com securepubads.g.doubleclick.net
37	pagead2.googlesyndication.com	risu.io pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
34	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net eus.rubiconproject.com
29	static.criteo.net	agent.aralego.com static.criteo.net ads.aralego.com risu.io
22	risu.io	3 redirects risu.io assets.risu.io static.cloudflareinsights.com
20	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
19	gum.criteo.com	11 redirects static.criteo.net
19	www.gstatic.com	www.recaptcha.net www.gstatic.com googleads.g.doubleclick.net
16	bidder.criteo.com	static.criteo.net
14	www.google.com	4 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
14	cdn.aralego.net	agent.aralego.com risu.io ads.aralego.com
12	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
12	ads.aralego.com	4 redirects agent.aralego.com ads.aralego.com
9	img.feebee.tw	ad.sitemaji.com
9	sync.aralego.com	ads.aralego.com eus.rubiconproject.com
9	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
9	fonts.googleapis.com	risu.io assets.risu.io googleads.g.doubleclick.net
8	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com risu.io
8	token.rubiconproject.com	4 redirects eus.rubiconproject.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
8	mug.criteo.com
8	gocm.c.appier.net	4 redirects risu.io ad2.apx.appier.net
8	ad2.apx.appier.net	4 redirects risu.io
8	assets.risu.io	risu.io assets.risu.io
7	ad.sitemaji.com	assets.risu.io risu.io ad.sitemaji.com
6	fsa-api.feebee.tw
6	partner.mediawallahscript.com	5 redirects
6	www.googleadservices.com
6	www.recaptcha.net	risu.io www.gstatic.com www.recaptcha.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	secure-assets.rubiconproject.com	4 redirects
4	pmp-beacon.apx.appier.net	ad2.apx.appier.net
4	c1.adform.net	4 redirects
4	x.bidswitch.net	3 redirects risu.io
4	csi.gstatic.com	imasdk.googleapis.com
3	cdnjs.cloudflare.com	ad.sitemaji.com
3	secure.adnxs.com	2 redirects
3	fsa-api.feebee.com.tw	ad.sitemaji.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	match.adsrvr.org	3 redirects
3	ssl.sitemaji.com	ad.sitemaji.com
3	an.yandex.ru	2 redirects
3	px.ads.linkedin.com	2 redirects eus.rubiconproject.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	risu.io www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	1 redirects
2	s.ad.smaato.net	1 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cat.va.us.criteo.com	1 redirects risu.io
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	dclk-match.dotomi.com	2 redirects
2	px.owneriq.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	analytics.pangle-ads.com	2 redirects
2	sync.extend.tv	2 redirects
2	ads.creative-serving.com	2 redirects
2	ums.acuityplatform.com	2 redirects
2	tr.blismedia.com	googleads.g.doubleclick.net
2	r2---sn-vgqsknek.c.2mdn.net	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
1	aa.agkn.com
1	trends.revcontent.com	risu.io
1	simage2.pubmatic.com	risu.io
1	sync.outbrain.com	risu.io
1	jadserve.postrelease.com	risu.io
1	c.bing.com	risu.io
1	exchange.mediavine.com	risu.io
1	i6.liadm.com
1	matching.ivitrack.com	risu.io
1	ads.stickyadstv.com	risu.io
1	tags.bluekai.com
1	visitor.omnitagjs.com	risu.io
1	tg.socdm.com	risu.io
1	ups.analytics.yahoo.com	risu.io
1	criteo-sync.teads.tv	risu.io
1	sync-t1.taboola.com	risu.io
1	rtb-csync.smartadserver.com	risu.io
1	match.sharethrough.com	risu.io
1	contextual.media.net	risu.io
1	ws.rqtrk.eu	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	csm.us.criteo.net	risu.io
1	widget.va.us.criteo.com	risu.io
1	4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	us-east-ad-track.aralego.com
1	ads.us.criteo.com	risu.io
1	sync.srv.stackadapt.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	t.adx.opera.com	1 redirects
1	fksnk.com	1 redirects
1	aep.mxptint.net	1 redirects
1	im.bluevoox.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	beacon.walmart.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	analytics.google.com	www.googletagmanager.com
1	agent.aralego.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	risu.io
442	114

This site contains links to these domains. Also see Links.

Domain
docs.risu.io
pqina.nl
lin.ee
m.me
docs.google.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
assets.risu.io GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-08` - `2023-10-17`	2 months	crt.sh
pmp-beacon.apx.appier.net GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.c.appier.net GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh

This page contains 75 frames:

Primary Page: https://risu.io/
Frame ID: 28A60E6C26BBF63706DE19D4122C5854
Requests: 57 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: B09FD46C8E7C7035866ADEB40BA974AF
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html
Frame ID: ECE2704C8AAAFDC9A856E744F0A403EF
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kqz1d1vhvov
Frame ID: 781BE58411BD3ABF09F70412FBBC75A0
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rw82zlbq7g2r
Frame ID: 03D53B1DA9DA1303B449DD1734B54951
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692858009&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822008152&bpp=11&bdt=1712&idt=1031&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5236486224718&frm=20&pv=2&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1096
Frame ID: 065436B59E7F421CD5591924A243163B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3428BA3543D24389AE2ABA0488CFBC1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FFF6282AFBEBFA40468AA8E49D94B35
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59
Frame ID: 0FBD8A98AABBD8677FBF7ADD217117EF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89
Frame ID: FEEB5609612E7EC03B85CCAB890EFBD8
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116
Frame ID: AAE4CFA8BD2279FF94924D563BBECA3D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132
Frame ID: 71566086B164974A80900F38EFB08BAF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3F4ED1BE23CD52AFA80D3205ED9CF21
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: A724B2D70889422C8C2F2D4A3DB3ECE7
Requests: 10 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 72CDF81867EEDCA6A588AF288BBCE799
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 3CAD6DB2E46842A56ADC7493A47C5EE0
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: C245A5CEA9AC598C625385230DF6CB44
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 31F1EBFAABEBE7F4EACD636253323C70
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 24A35653045ADDD52650A7ED7B249584
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61EAEA13034A699AB39721283C11C7B1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0675F87447BA3FA2FD4A0A25144F7A77
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 12FBBA7FE44BC12088C871CC2329D928
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6664AA7DB5E960F6FD2F61A8DA3E6D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA0F6250988125E1E2D4EDF4F737574E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D25167527E031735F8A343A7D206B6D1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B7B421FB4E567CAED89D7A3512A9B5A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 98951EC7BA41F1BE1D30AEC705ABE72C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: B93C39CCD27D22762A5743CF029F2BBE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 27D7471E5408224E601D9BA91CD84FF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C94FDAF253A5CB62BBB07902CC76F30E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 1803D3B03B5BAF1F3C70BDD513589B46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: A5FF9CC4A1D24D2E734A44263C8EDD26
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 3F736DEC34D8D8B4D0B3051CC8D769AF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: A68BE26352E80EE0707B84B26CE0B16F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 06D1313C79D990A245DB41CBAF5D57C1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: D4C82C45599E9D128B3024BBF421FB6D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 1EC5D951B143FFB3B3ADA4A2B1C9CAA1
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 85B9C1815ABFFC29342E81C57E18920D
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 8E50FA429F48E47BD1DDEC0C7ACF143A
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 0425EACA7B4D899E99E75AC5B74930AB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C86D99B1B908756816C66439C7B4765B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 37422729D58F90D110279CB9856EE414
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 5CFFE0ED2EEFADB11677F7A71745A61B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 7E2147303557ECC0F2573553A497BE9B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: AA4AFFA6DC7C49FA39468254F5B64F29
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 310FFBEE1E640B9B77866308083E104C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F1AF6F553F0E0DB02F8BB383B9C55021
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: A3896191506A46CF1F797795A27CE4B8
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0E75E686549AA38DDAEB39012F464BCE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: FC7BD4449D33DBCEE1F10929D4A7BE0F
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: C94C8C87916DAF9EBC0C511DFC2784E0
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 66A792908CF68015B2563886CBDC3124
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 650EEF831386DB9843224E6C7154EA63
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 40098CE850D7B43229A43E8C260629DF
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cdzS77PL8IejmZ5L4GbvsGGkvuewcnFAspJgCilDy0ic%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K106QuuzKXxaYuE1QstwS4ZjMiUFm9xAAF8BPrVsWMx6fLmvsRI9oO0UeKXc4O9QvOAz3YAWDuTjvdm2kCx1RYN2hSTJMdahds3BEWKo_a8Ymm78L9TJknRIoK9VyR3m5lz9ZEE4ESu-FHezRqiw7lkmoIRpbKQD7PanZotHCkvDptcyzAKvAWk0ApxVlbnmnOQEz_3YUgVGP5yQSw1Dv9yXpa5hEtzwkCJd0hAccXXUHbDUwfo4LWBa0_Q0S5qQ6CUtPZSqcnPHt6pYAbwuiXJpXs2lTnNb_r1qomEXnmq2E5OzMuV0aTHiSbEGnF6nstv1b_Aem5pezB3cCrs4Miu4nypXG2tJkmrQXl0eyeKXxm-EeTQzfO-pqrHgISQN4vBfnMgVXd-L3ChUAuYBS5SpyH992CUUG_O4T-sOfXC6hiewVAvRi6pB8u6WpbvNnXZlntGigkuTfrc0R2Apyjzg8tCIP04K28JwwNGUGlYhXsa_irnQkQ57eA1qzh4WM6onv4GtZkpeOEjsnjxWa2xZgkGBKU0wU66ReQXrDr4ZY
Frame ID: 703B0E827BC5636FE3368DF1CCADE018
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: F63F9AA7326D74841A60B9BD614B206A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: EFC148D8390DB7AC1FCD627E64E9DBDB
Requests: 2 HTTP requests in this frame

Frame: https://b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 2B60D410336E92941566F6AE6765EFB0
Requests: 1 HTTP requests in this frame

Frame: https://b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 7524902976FFEF9AEE42E620AA2933CB
Requests: 1 HTTP requests in this frame

Frame: https://2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 39C962081DB4DB1EA4DB8442AC9F4CB0
Requests: 1 HTTP requests in this frame

Frame: https://4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 7C68A83F46DB5844EC1AB786E0535DE2
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e669ffe848dac1af5210eb10a85b12&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Frame ID: 889D539888A1E845A0FFE50CBB8541CD
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/animejs/animejs.js
Frame ID: 35332210340BD48AEA30A6AAE7F50C79
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40877A8375EA67EDD64671F99266EC5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 439BFBD45A4B0386A95E5F194316B7E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E408E69680C994CF42BB1730B3590E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79DA6B6BFADAE91DED9D2BF67A215C90
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06E8212FAF35ED0E23C4C0EECBCAC199
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D96196669B17BA3F2D9D074709807609
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5655876DFC59B67D1358E2887FCCD6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8CBF6AF7D442CBD97CBEFC55777C5C8
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_gid=CAESEG6o3yaoUjtM8f9_Ws5yjPU&google_cver=1&google_ula=913071,0
Frame ID: 87D7752F14ECE7D8394C468904A95B9A
Requests: 30 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 01149FEABBCE76B90A4349F63E4AB5AA
Requests: 8 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: DC38D19A2523D6544A611B8461BF2A9B
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 049D52AD8DE1621C9AE2E26E529C460C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

短網址。行銷。分析 - Risu.io

Page URL History Show full URLs

https://risu.io/pfbSu HTTP 302
https://risu.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

442
Requests

84 %
HTTPS

34 %
IPv6

75
Domains

114
Subdomains

79
IPs

9
Countries

5552 kB
Transfer

14771 kB
Size

116
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.risu.io/xiao-ji-qiao-tooltip/guan-li-hou-tai/duan-wang-zhi-pian
Title: 教學

Search URL Search Domain Scan URL

URL: https://pqina.nl/
Title: Powered by PQINA

Search URL Search Domain Scan URL

URL: https://lin.ee/oFUOKCP

Search URL Search Domain Scan URL

URL: https://m.me/risuiotw
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSedWw6hNYi6Xg_VPatPmsfe7DOKPGg3ijSOvZuWu38FefIMCw/viewform?emailAddress=
Title: 問題回報

Search URL Search Domain Scan URL

URL: https://www.facebook.com/risuiotw
Title: 粉絲專頁

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://risu.io/pfbSu HTTP 302
https://risu.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 25

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 47

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 159

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=4SaZijjvDsufOUbq_WnmZA&id=ida4mlvgiastit93r

Request Chain 160

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=53fnCb02B2e6dryS_WnmZA&id=ida4mlvgiastit93r

Request Chain 161

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=KIhXz-gZAde1TXkk_WnmZA&id=ida4mlvgiastit93r

Request Chain 170

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5VOdynxudkJ4N0d4amk2NXJmdVNyVC94UUU1REtsMGFFOXVwREFMSVBjYmRUTFc5ZDRBaFNEUDk4WVlTK1RHbG9VMWNJeDFQVjdlYnFNZzNPSGJNMml0dUo2NExHYjFaOUMyNVRWdnVYSmpLYnFyOG9ubXdWNDA2bkZzcjQyeVJSQTZRVGUrUnMvM0RNdkZ0L0tpc3cyZVhrM3dBOERSY1JPYnZ0Q3FCdTRZSk94Z1k4UlhoQTdKR2hGdk9VeTJuZnJCaGNPYXJwSnVRT0FRV1h3WlR2amVNZksrM0c5TVVZcEFuU0w1RFIrK1RCMWZib1ZwZW5PQlZuTE92dU9IYTN4ZEprMGxEYzJ2WThwcVZtZ2JhMEVMTXdMdz09fA&cppv=2

Request Chain 177

https://gcdn.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/292DC57B9D4E8E58CB7F8217ED6D6ED9A8F9535E.938D21EC3C072C2DEFDFBFF99A1E68812D38CBAB/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/040082E2CAD19DC1DB449B04E908FA7EEF41E597.28274F1E3BC16DA2139E7E0CDB2CD105D9F51C3C/key/cms1/cms_redirect/yes/mh/JX/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsknek/ms/onc/mt/1692821144/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAEzgxwblXeuAOAv5tap7ysItog4PXtnlEESJESnI2kxQgH6mTLLAdaN0pUA9Ms6uxW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YBGT__Yo_VNR8xjoNqSbMc&tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAEzgxwblXeuAOAv5tap7ysItog4PXtnlEESJESnI2kxQgH6mTLLAdaN0pUA9Ms6uxW

Request Chain 182

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC1HIJ3_TeOJzcdLPsZKn-A&google_cver=1&google_push=AXcoOmSwBe47RR4pDfmu6fsn0dnW_OKKS-fAcRU4dtun-2LcNAtxPrZMKE6Ma2fR1i7FOLq-yKiBJTiu3ONAI5W9DbePLquFtgVd9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860304704

Request Chain 183

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAZyPvMwT8NGCqKkhY3Xmps&google_cver=1&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAZyPvMwT8NGCqKkhY3Xmps&google_cver=1&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=60fccb77-ed00-4c6b-82f8-a9dc7f5137db&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=60fccb77-ed00-4c6b-82f8-a9dc7f5137db&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=1d04d785-8efa-4683-869c-9fdb964f7fbd&ssp=google&expires=30&user_group=5&bsw_param=60fccb77-ed00-4c6b-82f8-a9dc7f5137db HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw&google_hm=YPzLd-0ATGuC-Kncf1E32w==

Request Chain 184

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEGaK-WL9GBWJvaSNUfIQR88&google_cver=1&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJBVM58Lff3ffLCkjFig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJBVM58Lff3ffLCkjFig

Request Chain 185

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAu4W9A-IPWQQ7nZzIH2GH4&google_cver=1&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWzT6KJl0Vmge9U0zUhNv_O HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAu4W9A-IPWQQ7nZzIH2GH4&google_cver=1&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWzT6KJl0Vmge9U0zUhNv_O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1MzgwOTE2NjA2MDIxMjU4NQ&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWzT6KJl0Vmge9U0zUhNv_O

Request Chain 186

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAAFa2Wom6Mq9EIa05XFrik&google_cver=1&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2ddiFY0x1qCD-CQQhIpkcj0pdmrDl2kgjwhPf-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2ddiFY0x1qCD-CQQhIpkcj0pdmrDl2kgjwhPf-Q

Request Chain 191

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKu2oPbwjxTLgWnXk1Y5J24&google_cver=1&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_awtkRrwpr7hk0SZg0QgpTmaakY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_awtkRrwpr7hk0SZg0QgpTmaakY

Request Chain 192

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPcWhDtGEd9_bFDzdy7PywQ&google_cver=1&google_push=AXcoOmRODz2pnDlF6FerGC5OyHbpdLQefwFKueA0-vnqi9LO0wl43dcs9bkB9YZSIDyvCTXUa--65sJbTs2MNOqcWgsjjNBCazQOuj0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEPcWhDtGEd9_bFDzdy7PywQ&google_cver=1&google_push=AXcoOmRODz2pnDlF6FerGC5OyHbpdLQefwFKueA0-vnqi9LO0wl43dcs9bkB9YZSIDyvCTXUa--65sJbTs2MNOqcWgsjjNBCazQOuj0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=E0Z3yvG1R4WGSFJBMuBTqmTmaf0

Request Chain 193

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEL7naPB-Hjfv7zvHv4FnzZs&google_cver=1&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2noQoYPxccR5l2NLRG5o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2noQoYPxccR5l2NLRG5o

Request Chain 194

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE8-lwOtIX2fiyEPpvZiVm8&google_cver=1&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdket-kTzVdk3Urj5RSjh-1UB8M HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE8-lwOtIX2fiyEPpvZiVm8&google_cver=1&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdket-kTzVdk3Urj5RSjh-1UB8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5ODIwNzI0MTY4OTMwNTQ5Mg&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdket-kTzVdk3Urj5RSjh-1UB8M

Request Chain 195

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIQ4i3KijccGvPGDSvX9Jxc&c_param1=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow

Request Chain 196

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDqaL4AsuWCac_rghk70ixo&google_cver=1&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDqaL4AsuWCac_rghk70ixo&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA&google_hm=RnZFOThPWElham5ZeEpzMm1TZHA=

Request Chain 197

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEqiahUBQs83-pWeCexyyDw&google_cver=1&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBznWj0apTsmxGsn5Fb_0gFSvKujLUrthGnkjjK7F9ulKoUOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBznWj0apTsmxGsn5Fb_0gFSvKujLUrthGnkjjK7F9ulKoUOA&google_hm=QlMuZWY3Yy0xMDY1LTQ0NzktYmI2OA==

Request Chain 199

https://googleads.g.doubleclick.net/pagead/adview?ai=CaG1v-mnmZLXULo_pzLUPhY-ImAryoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBM0BT9DnL3k772lGu0KCNMszU0Ym9EnTLmoBdF5r02GGAH6fh98O4vjdGWawQTG0iTNK9YplQZK_n0RwxKvTnn7gZmWxQFMqTUTbSaT12C59-urWe2wA1OCKPl0Iqzzb1LGz8EjuK8QRP8zjyebTDiuQ8DTtjgxCc5aUtB-bLEt8zDVeKSZrOQ3qhOAZtsUrqf9-_eyOGYDNfW55tbhYiJCXCa6DHB-kThrz8WtrNcli_UNHxOEICiD4Ls7vY3cJYhlNYHqwW2FHIHobxscLl8AE_JW9trcEiAXLvf-VTJIFBAgEGAGSBQQIBRgEoAZmgAfZ-aPcBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELGUAtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93YXRjaG15cGFnZS5jb20vgAoByAsB2gwRCgsQoKe_neWgidblARICAQPYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItOTIwODcwODE3MDc4MzE0MBgA&sigh=6VpACtFqTig&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWcfEz9Qs_SSc55oL1D0FUUTbYGqfstvWGlY_n9quUqSkJbxLfXlOnIxY6sVkaxXWFjUrCOGXEXBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2214438636958757793168%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228683858172471819153%22}&andc=true

Request Chain 202

https://px.owneriq.net/ecmg?google_gid=CAESEMS0XaiQsJOsXep2EA4FqYM&google_cver=1&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30 HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30%26google_cver%3d1%26google_gid%3dCAESEMS0XaiQsJOsXep2EA4FqYM%26google_hm%3dUTc0NjEwODQxMzE1OTEyNDQ2MTY%3d&uid=Q7461084131591244616&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30&google_cver=1&google_gid=CAESEMS0XaiQsJOsXep2EA4FqYM&google_hm=UTc0NjEwODQxMzE1OTEyNDQ2MTY=

Request Chain 203

https://aep.mxptint.net/sn.ashx?google_gid=CAESEM3gvVQ04PDjGLYC9aPD7fQ&google_cver=1&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ&google_hm=UjMzNjQ1XzEwN0UwNjk0OF9DMEU4MDU0RA%3D%3D

Request Chain 205

https://fksnk.com/cs/google?google_gid=CAESECzNy0OQk3A2Yz3S4uBlWVs&google_cver=1&google_push=AXcoOmTw4U3BgJIVcpeoSD4Oqjsnil9ZSXpkYjGjLZqUodl2gqm2lUq6EZ7qWXFVCMmoRU5h2-_iHSc4bjOug8ncIOup8V4DWjbfIjc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzQ0OEEwRTIzRURCRjJENQ==

Request Chain 206

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTL3Mv3xsdkZVERDH7lhBj8JxwSwjFY5vdguJISju8msMyqkyM7QGUSYNV-q-zyAqgByzSLtUVUtV8hfKOdOe_dhzToBpprFprK&google_gid=CAESEEwN78A9OaU0jZ_YlIweFq0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEwN78A9OaU0jZ_YlIweFq0&google_hm=T1BVYjhhNjlmMDEzYTJhNDBlZGFjMmFiNWJiNDQwM2E0ZjA&google_nid=opera_norway_as&google_push=AXcoOmTL3Mv3xsdkZVERDH7lhBj8JxwSwjFY5vdguJISju8msMyqkyM7QGUSYNV-q-zyAqgByzSLtUVUtV8hfKOdOe_dhzToBpprFprK

Request Chain 207

https://an.yandex.ru/mapuid/google/CAESEK_uI44nf3cHqhYUQ6vGXZ8?ext-param=AXcoOmSF0nq63BZlV5BJ8zHQeobkAaEP8MlK5B6b4SoZy7adZjlnNQFNiWR-ffw9E9GnXBJRsD5oWcoxMoPduGiclt-Dnrevgaz4vYeD&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEK_uI44nf3cHqhYUQ6vGXZ8?redir-setuniq=1&ext-param=AXcoOmSF0nq63BZlV5BJ8zHQeobkAaEP8MlK5B6b4SoZy7adZjlnNQFNiWR-ffw9E9GnXBJRsD5oWcoxMoPduGiclt-Dnrevgaz4vYeD&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK_uI44nf3cHqhYUQ6vGXZ8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 208

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEN2WRR6Ovjc2MiDRyqWZy7Q&google_cver=1&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzsm-H-4MmeZ28TVvjNzb0v5euCpPmyqRZ3K8wtO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzsm-H-4MmeZ28TVvjNzb0v5euCpPmyqRZ3K8wtO

Request Chain 211

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=EoOCnTlwAEmj8Ns9_WnmZA&id=ida4mlvgiastit93r

Request Chain 212

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 214

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_cver=1&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu1SYEFelZct22nxML_oKCjbwTrA5W1OK1KnpHZGbxEh3FbRh0 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=59778e7a8de72109&is_secure=true&networkId=14000&version=1&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_cver=1&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu1SYEFelZct22nxML_oKCjbwTrA5W1OK1KnpHZGbxEh3FbRh0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHZfoqEyD76QN41b6OAAAAAAA&expiration=1692908413&google_cver=1&is_secure=true&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu1SYEFelZct22nxML_oKCjbwTrA5W1OK1KnpHZGbxEh3FbRh0

Request Chain 215

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFYRKUCxD1k9lxSTWaIAbRA&google_cver=1&google_push=AXcoOmQbihnBxNc2WfyYhnGRge4TddwWL41o3MuvSS2P3kM9z9c8fKffTzpxFGo1b8jn8TiA9dT3Moenm8exL38-GbgF7frcQGN-SkI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFYRKUCxD1k9lxSTWaIAbRA&google_push=AXcoOmQbihnBxNc2WfyYhnGRge4TddwWL41o3MuvSS2P3kM9z9c8fKffTzpxFGo1b8jn8TiA9dT3Moenm8exL38-GbgF7frcQGN-SkI

Request Chain 217

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOpn8fq2nxYdYh0T8ukeukA&google_cver=1&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4ypCmVYK2O5zIbGXOC57qHEmlM8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4ypCmVYK2O5zIbGXOC57qHEmlM8

Request Chain 218

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEM3YFjMb21R1WIcNoh-5QH8&google_cver=1&google_push=AXcoOmTxB021r5DzMyrkpb57uSiMhbrvKa8_hwmlwAvbfpSD9hse1By5ziMhXyK_uBMtM5I9vwAPPUJi3mqADf5evsr1JnsCjQq9_lI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860253305

Request Chain 219

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJPBHeesu6uE_UCi3PJquqM&google_cver=1&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TNkWqVGDSQOlFOVoMRU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dO32Ld_3W5RAJ1tBCaw8CWjtwRw&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TNkWqVGDSQOlFOVoMRU

Request Chain 220

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFPerZX7JpmdBt3agXPmscE&google_cver=1&google_push=AXcoOmQ2WjYS5rtGfllyqBce14VNjA2mVKfQg7FgcirF3Y8U6Ncgye6K9VHiUNVW-jJPWLn4_WSUAlteQVgDAbcl436Clda2dKVxvT7c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc5OTcxZmUtYWI1ZS00NGE3LWJkMWUtNGU1YjNiZTExOWE2&google_push=AXcoOmQ2WjYS5rtGfllyqBce14VNjA2mVKfQg7FgcirF3Y8U6Ncgye6K9VHiUNVW-jJPWLn4_WSUAlteQVgDAbcl436Clda2dKVxvT7c HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 225

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 228

https://googleads.g.doubleclick.net/pagead/adview?ai=CE-vO-mnmZL7NLoyZ0_wP9I-H2AzyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDw4SAgASqBMcBT9AUNO_3p2Qrmi6f4vVwoZt_BFbISC0fyvDnDbBEVSkJQblVkZ-4_pbhHKBH9am5xaEWbUpH31gIss4zTKMzXb9m9gggUIpYOK95Ku8F4zYhjK0eaMzzulbWh2A_7fW5a-x-aTahjDCx3wuBcIrA2NRaI4Q7YHc9rg6lEdnF-OPQd9xkx_prRqUaMFy6RqL3tQ0ZGpiAhiFzEzZI6NNyQlH9ODp5y0OMLhqrw3WvPck57MUcjpxhSD0cQTptfz-UT9Ni_78wvMAE_JW9trcEiAXLvf-VTJIFBAgEGAGSBQQIBRgEoAZmgAfZ-aPcBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELSsBdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93YXRjaG15cGFnZS5jb20vgAoByAsB2gwRCgsQ0P_hvcnwwL3fARICAQPYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItOTIwODcwODE3MDc4MzE0MBgA&sigh=oh-v7yLaJk4&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWEQdFBe1GmX9LRCIKw2OI46Rbk4NWKOtl80bQ4G26rr8TH5z_O803V_7k_6zavFzEY4YcT_47TxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2215445029276566332364%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224537149688745565649%22}&andc=true

Request Chain 229

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdeg3-mnmZI_NLofO0_wPmaSqePKgmKByw-Hr0u8RysyD744OEAEgjofejwFgybajiPCj7BKgAdnB0_wpyAEBqAMByAPDBKoExwFP0FC70-CzQ3ZB50z97LNPJqbAzVsK0kw_gJxXOhtUM-lnvYrvxyY1QK1mIOmq_XkY2iNl41iDgB9wWWyEsDLgf394Ja_qkNAZMwEgYB9Y6JUlnIuxJ92WmYhMyel-AyBE3zx5Gae_vqWzKRjCHayOyTsQIbxi3C3cfpY6SNspTrMIbB9NCmAAEIwnN6x4NrT8YRa_tHU-F_t0DZUrr9OSR-XsJzh7ISx7jM7h9ANit5LlwH8J0b5leXwNNuuOrP201Ax9_E-owAT8lb22twSIBcu9_5VMkgUECAQYAZIFBAgFGASgBmaAB9n5o9wEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQn3_SCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJGGh0dHBzOi8vd2F0Y2hteXBhZ2UuY29tL4AKAcgLAdoMEQoLEPDgndCy_9mS4AESAgED2BMKiBQB0BUBgBcBshccChoIABIUcHViLTkyMDg3MDgxNzA3ODMxNDAYAA&sigh=U0iegTQBuio&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWOCqCVN34f7RsNDRWTV2BhTltCOuAb05ZEuVHA5LFqEwxzjyG9wWQ2ewhXoabn4m_kdNy1cvnKhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2210484639341830750297%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737609689878998481%22}&andc=true

Request Chain 240

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 244

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 247

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 250

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 252

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5QkVyR0pQamdpVThqdXZJUzBJUTlJcVYlMkZ0cldYYldTYzg4Y2pQMHNKMnA4NU9XaGdTRjV4MXZoTE9qSnBESnpTU3gzdThRYmxvT0glMkZlMkJYRDdlQXBERUpJbXBkT1ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mjc_iXwzZXRsQkl6V1JxS3UwcXcwUTNIQzFrVGNUVjNhK0p3UGxOMkJSYlVIV2d6UHpmRE1Rd2N5cm50aEdHUVpGT0hTVkJ4TUh1N0xKZ3EwaFF5d2o2QW5ia3A5WGxJb1RnYlU2Z0tjanlvWmVQRkx0em1sNXlxK0JtbDAzd2krWTJ0QkJRVXlCRXdNYWc1U2VRL1h3QXkzcVJLK1l2K1lhOFc5NHNxQVdzeE9hVkVYNkJzY2hidGl0Zy9ocnVtVGIwVkJ1ZFU2aTU0WmJSQWYrRDR4aGIyZCt3Q3pvNy9rMEVsMlVwZVV4RENibTZiZlY1VzVLVnhIZVhLM1lWbmhaRlpOTUNkOWJQbkxFeFFlUGp2RE9rb3BKUT09fA&cppv=2

Request Chain 253

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5QkVyR0pQamdpVThqdXZJUzBJUTlJcVYlMkZ0cldYYldTYzg4Y2pQMHNKMnA4NU9XaGdTRjV4MXZoTE9qSnBESnpTU3gzdThRYmxvT0glMkZlMkJYRDdlQXBERUpJbXBkT1ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uigUvHxFaHpvVW5PT2dXVXlwME1tK2c3K3BwOHMyb1hlSnhYV0haZlhoZWZHMEFiMTBhSmRrcE9zMExNVjJuTStta01uaVFLVVRZNHEwNWp1NnQzRWFOZDRMbWFZTnZKS0F3cU0vQ0JDcWJKZW9OTEFrSWhHWFRrODgwUGVtY3NyOS9BTk5xOEVkSlNIV2dpeUZJdTBRTzNvVXl1N21qM1BHM1l6SWtPL3g0bmtFanVWU0ZRVnNtbE1sK3RNQjc5cVFIVmU3WnJqKzIvVWlOYnBIcjZ2bDhkeFEzc3dodDlmMWdBdjNBbktjVFpFOFo5cmVUZFdjUmtUWU5ORTlmZFFQb25JdHR4QXRrNkdyKzRVZ3RVV2JtWGkvUT09fA&cppv=2

Request Chain 254

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5QkVyR0pQamdpVThqdXZJUzBJUTlJcVYlMkZ0cldYYldTYzg4Y2pQMHNKMnA4NU9XaGdTRjV4MXZoTE9qSnBESnpTU3gzdThRYmxvT0glMkZlMkJYRDdlQXBERUpJbXBkT1ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FkXkv3xBUENnMjFMN2RuZE9WMG1TTWVEa24yMWx3S1dsTFFKZmFGVS9lQnBOQ0p4bzl3elA0dFJ6djdVZTVhSXFQc1ZucVdRaUJHTnJGd1hKem95R3ZiblhHUVMxb2RESzgwVjNKSGg3U2o5Nm5STjFFL1ViQm5SLy9xTXhQODVSazZVdThlUGN2TWcwYzcyZFUvZEY1SHY2WWplOFdIaFdzWEhDb2R5U010Q1UwZE9BQ0phc2U3OVk2WVpWMUYzUDAvTjEwWjU2elFueFFSUFVaWkExOXBZY1dCbGZFQkk5VEJMQ2dmUWMrTjBVMlg2VmFQTForSlRZdTlpM3BKSmYzQnpMREI4YTZGd2hxZTVqa0VsQjY3UDhuQT09fA&cppv=2

Request Chain 270

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 275

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 279

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 283

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 294

https://cat.va.us.criteo.com/tpd?dd=6HQK8l8lMkZjcVJPcjYya09Vdng4dTJoSDQxZUR1JTJGOTloRmwybGk1QU1zZ2tQdnRHJTJCdThJRjd6UEh3ZlgxcWpuTnVPdzhQQzZHNEdwb1Vjd0QxZ2pCJTJCSElwcktiZFk3a29RZUYyQXMlMkJBckY0TGdGdldsbGVRcmZiZjUlMkJwOWlCcU9LWkNiYlVPZGZ0eDNxZFBPUzh4RVdISEVBbFNZVjJQdW9KJTJGcEFJWW9HRkNCOWFSbG1MT3JBb3kyZkpRS3FVUDZCREl1TUpLazVjdWJWb0hmVyUyQkdtb3VuMmdZNGhQbzAlMkY5aVg1Tm04Q1c4JTJCOWw5VE1NbzZ4QzBCekVsNjl1MzhuN0ZrSGRYYlVyZWF3b1Y1UGNJUm9xVWtZeXI1YlhyOUpaSCUyQm1GWmtUNm1jTVhNWlJHcXp1MjFFVGpUQlU0dmpuOENLVmVkcXhWSm9lUklaTXJ4Vm9TRk9YS21QZWFqTjFWWEhYdXh3N0dHeWs4SlhVd216Nk9idmF6UTgxMHVzWlBZR0loM2FOdlkyb29qZ0t6UE4ydVY0TmFCZSUyRndmODVOR0hCTHQxSSUyRjRZbSUyQlVjSzBHelQyUk5NNVptYVp0UGdtUG1zSzQxMVd5SnY0UEFoUDhmR2V3NWhaOXJWTVVRcGtRTDdia3VJUlNlVEIxaXljbkdIMDZWYWROZG4wdG5EJTJGdzB6T29RUjc4VGxmcGFkaCUyRlROcnVNS0VPYUE0Nzk1aktvWHRkeXJYcUZVWE1UVjVYTTcydEFieGhDZld5UHE1cnZuRHhaWmFzWXZOdWpUbVk1bWUyJTJCQ0I0MTdLaXJQam5SJTJCcEdBNUxWWGkwak5CYzlyVmlVYno0TzVSJTJCVklhMTBQNjFnbXlZMnRkcHJuSEx6JTJCaFRLTHJIYmpmeWx4M0pNSWNEZGphUjhzbVV5emdYVGM5YlB0UHdEanU3Y0g5ZDFnbXFHSSUyRkNSMHk4WVBMYUl1OW9YU0xzdDIwUUgxSUt5U1VmaDVVaklpcldLMHNsemdvNGM4N2JaJTJCWm5BMzJDOGpoQUx2QWV6VVZNZ05kJTJCJTJCa040eGdMM0JKazhSeVl1M0xjV1Q4RTIxbThVVVVHZklNRjlxZ0RFaWZJZTNWRXp2UUFkWW9BT3ZhMUh2ZCUyRnJTaVN0ckJIU0F2dlFoJTJCd3pvaFA3QWZqRSUyRkRzSnl5YUxOSjgzOGhkWVZMQm1oJTJCVGJUNmgyMUxncUZGelRKRzVSQnhPb0JrZVNDJTJGcWs1dlVnRGdUU085N3MlMkJRSUp6dHUyVlFySyUyRndGdVcwdXljQTU5ZlRFJTJGUXlRTlpzUnFuWXhvWHhDVU0lMkZCT2lxamRVNVJ0S3FqJTJCZTB4RHklMkI2aFFaaTJKbjNKWjB6Y2U3Z0ZNJTJCUGVQd3g0ZXpMblNWMWk3cGVkSHBpMFFUUnAlMkZMTDRnYW5ydHNFU25kSVh4YXNkY2FhU1hSZ0M3bnZ1SDRHMkgySUg5UVVYQTFOdmJSeUt5UkRLeTJWcyUyQlklMkJjVTBDOWtUVTJ6JTJGR0VQSU9SMzNGSXZmRWFvNG1PSFVXNm1FOFpmaEpxMURuOTFJSWdvN3lhZ1N2QzJzUFJwUXllb2pmJTJCdk1ycDJMJTJCJTJCUGlMdU16OERLd2JPb1RpeUM0VkFoWEpIZWpwUCUyQnhkc1cxME5wZ0ZDcmdiU2lsU2JXSHIlMkIlMkZiWGxlOTElMkZ3eDJmVjhlQzYyZWVmeHJieUEwZUJwT1g4OGJ0UjNyTHF6VHMlMkJCQTg1QjNNenR4R3h3eGpiSFhLbjMzQmszJTJCZVZPNE5YSGVWeGF3b2clMkJqYmFFSWthNFZSZHhzaE1STmZ0aGt5djQxdWZBeVdJNWZ2SmpRVkthUHVFM04wWWVNbGJYZG5RJTJGOEhVUnkzbldORzZIcFBuTkVHcVZCZ2Fhd1lldzJsVnk4Mll1Sm16eHJ0Y3laYyUyQkx0ckhXSEQyY1NJaXA3cXhZanlmc1p4T0V0V05zSlAyeFF3SHZKZVNwRDZNRTc0TkJlNlA1bDBNT3EyNzdGeVNLUmN5WWRkJTJCeTNwRkJRcGprTUxqckFkQ3ZnJTNE HTTP 302
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cdzS77PL8IejmZ5L4GbvsGGkvuewcnFAspJgCilDy0ic%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K106QuuzKXxaYuE1QstwS4ZjMiUFm9xAAF8BPrVsWMx6fLmvsRI9oO0UeKXc4O9QvOAz3YAWDuTjvdm2kCx1RYN2hSTJMdahds3BEWKo_a8Ymm78L9TJknRIoK9VyR3m5lz9ZEE4ESu-FHezRqiw7lkmoIRpbKQD7PanZotHCkvDptcyzAKvAWk0ApxVlbnmnOQEz_3YUgVGP5yQSw1Dv9yXpa5hEtzwkCJd0hAccXXUHbDUwfo4LWBa0_Q0S5qQ6CUtPZSqcnPHt6pYAbwuiXJpXs2lTnNb_r1qomEXnmq2E5OzMuV0aTHiSbEGnF6nstv1b_Aem5pezB3cCrs4Miu4nypXG2tJkmrQXl0eyeKXxm-EeTQzfO-pqrHgISQN4vBfnMgVXd-L3ChUAuYBS5SpyH992CUUG_O4T-sOfXC6hiewVAvRi6pB8u6WpbvNnXZlntGigkuTfrc0R2Apyjzg8tCIP04K28JwwNGUGlYhXsa_irnQkQ57eA1qzh4WM6onv4GtZkpeOEjsnjxWa2xZgkGBKU0wU66ReQXrDr4ZY

Request Chain 298

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0aHhtdlFqaiUyQkNBTGN2MG12Sk1kbWdOVmlVd242UnhHS29OJTJGNk1xQXJKTzJlRGxnSGFnZkN2OG0yQXMyTmdEUSUyQnVXJTJCbWRuV1NIQnJaQUp0VFVLUGg3cUU4VFFDSWF3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jVxe1Hx4TnFWRENXU0ZnU3pMb0VVNXZEVUpQRWxXbDBRZWdtRXIxL3VHT3Z0S2lkMXN3cjdPRzUxbGt4OC9scG5zS3hwU2pEUW5mcjVGSzkydlZkOGQwNHNJTGlOckdaanJWcXI5aHJwYmJRM042c0lBYzBNS2pPbkRucVhQcUNkRHNvNk0raFpyWUEvNmp1OHlWQWp6Vk5INmVkVDhVSHp1Z1FCVk5mSXEwTit1cTVmUWY4WHowVTVUcm5IVzZZa1Q5cVZSa0ZuR2drc0wveGRocGNaVU9uNWNuTThwMXVvekx3cVlmRFpDSHdxV2dEd1hLSWo2a0lncXRveGNWc1lLWlV5VGE1aFM0RVIwcnhUSkloR083VFVrZz09fA&cppv=2

Request Chain 312

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0aHhtdlFqaiUyQkNBTGN2MG12Sk1kbWdOVmlVd242UnhHS29OJTJGNk1xQXJKTzJlRGxnSGFnZkN2OG0yQXMyTmdEUSUyQnVXJTJCbWRuV1NIQnJaQUp0VFVLUGg3cUU4VFFDSWF3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mCAOq3xBSFNWYjhjZUVENmdteFpiUkFEVUZWUC91cmcxeUNEeHFIYXRNZTRvdUdGZkRtUkN6TmRkSWZBakVqNjJkOTdpOWIvOTlOTldOYmpDbjA5NHMrT0lsZ2p0QU5oVE9IZ3NnanRiV1VRanMyc3o0V1ROWlZwWXJ1dEJSR1lkUWNXZ1VmVFdReDlIaWRqaUNOMW5IVzZSUCtMRTRWajlVVW9JWU9QR3JtNUszdzY1aW9lOHVnM2VuS0Y2UlZ0NU1oRGQ3MWtYUVk5Q2U5T2p5cXhNKzZ2enJSNnRJUTVlOUdGNUtWYVdMcnQ2Z1RLRGtNUFQ4Y2FXMkc1UHFJdnBFTWM2cnZORnhJeFIyY283WElCNHlrcW90dz09fA&cppv=2

Request Chain 317

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0aHhtdlFqaiUyQkNBTGN2MG12Sk1kbWdOVmlVd242UnhHS29OJTJGNk1xQXJKTzJlRGxnSGFnZkN2OG0yQXMyTmdEUSUyQnVXJTJCbWRuV1NIQnJaQUp0VFVLUGg3cUU4VFFDSWF3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=dbEFTXw5NmxsTU8yWkRGOEhaN1djdzdERUltOXI3NEZ0Rnowb05JVnh0a2xBTWM0UVdwbVE5NWF6Q3lTUlFja3FCV3M2MHdyY2VCK2RUaXRDTkVuc29XT1Q3Yit5QmZOSXBNZ1JMN2hBeUJPOWhWOW52bGJOR1AweU5tUWZZem9MaTByN3o5QnJvWjkrMEdhQ0I0YTd5MnlkeUxqOUVVMXhtak54L1NGL21KYXQwWDYvQ0NUK2NIYURqOGFLQVhveXNLcks1L3RvQXdGR3dwd014T3dHek01bXphQUtPajVIZUxoS0VSYUxXbE53dFZwNFVkdGZ3QnNzZUx2ZUVHSkczSlNySldQRlBSZXErZ1pCODN1VEtkVnZpUT09fA&cppv=2

Request Chain 332

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0aHhtdlFqaiUyQkNBTGN2MG12Sk1kbWdOVmlVd242UnhHS29OJTJGNk1xQXJKTzJlRGxnSGFnZkN2OG0yQXMyTmdEUSUyQnVXJTJCbWRuV1NIQnJaQUp0VFVLUGg3cUU4VFFDSWF3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Bp9EOXw1bXhIQXhObVZrTzc5RDJHZGpLUm0rVUFGQS9ob1o3aFhpQlA0bEw1d0s5SEkzZnJXNEhTbHZFVjlZY3RzRG0xb1NYbFVOQTQrWlcxcDhRMGdGQlRTb2NPOXJKbDYyYmdveUQ5blFiTkZISFJJOWdBTnNCWk1BOCt0OTFYNlhENjJXNkdiV1RNYlR0MHdlS2QyMVN1Z3g0V0FNV3lLdStDVXJHZldWMUovOUF5VUcvQ0liRzNqb2VpbW5ZeEdrZDNtNHdia0twNDlIMm9XWlRDWGxTUFFnTXpTS2QxK3gxRUtlK2J6eHp1RFlwM2JMeDQ5QlNqWk1tczZwazdOY0VrTW95L245UytQcm5Dd1NNRTliNjlXdz09fA&cppv=2

Request Chain 349

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLO6IR1O-3-L85N HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6IR1O-3-L85N

Request Chain 351

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6IR1O-3-L85N

Request Chain 352

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3it8M3PmGFPFUVWOwBRw1w?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-TtKi2EFE2oKYIp0gVSRb80kZ92Is6WRuS3VF7A--~A

Request Chain 353

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&gdpr=0&gdpr_consent=&expires=30

Request Chain 354

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6MtXcxWKQhGqXEvB5g3Qug&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6MtXcxWKQhGqXEvB5g3Qug

Request Chain 355

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPNklSMU8tMy1MODVO HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEyXRX0dr47TnkYJL9mF3mc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNklSMU8tMy1MODVO&google_push=

Request Chain 356

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4BiKppplrYrMYzOp5kRI0&google_cver=1

Request Chain 357

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IdcncClSS3O15BkjLgAJPw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IdcncClSS3O15BkjLgAJPw

Request Chain 358

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMxNDA5MWI0ODIxNGU5MGI0OTFmYTFjYjEwNDMwZjhlZTYzNzZkMQ

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_cm&google_hm=ay1HQlR5ZXNPejh3U1g2VllCZi1GNkVNRkNsUzM1c2V4UFJJdHJqQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_gid=CAESEG6o3yaoUjtM8f9_Ws5yjPU&google_cver=1&google_ula=913071,0

Request Chain 380

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3568480235601892336

Request Chain 381

https://secure.adnxs.com/setuid?entity=52&code=k-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ

Request Chain 382

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&custom=&tag_format=img&tag_action=sync&custom=&cb=80416d15-a68e-4774-87ae-a57cfdab5ee0 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=80416d15-a68e-4774-87ae-a57cfdab5ee0&final=true&reqid=7963aa90-41f2-11ee-b87a-0736fa499288&timestamp=2023-08-23T20%3A20%3A16.953Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3568480235601892336&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=79747370-41f2-11ee-9125-d51d25a5abd9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=79747370-41f2-11ee-9125-d51d25a5abd9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=c4539eb0ce1c8bc6fb27585e737babe0&tag_format=img&tag_action=sync&cb=390899826 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=79747370-41f2-11ee-9125-d51d25a5abd9&cb=1692822017931&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1692822017931 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=664034b0-dd98-4b6d-b21e-77d32fcaea78&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822017931

Request Chain 389

https://eb2.3lift.com/xuid?mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 393

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0HVbTpr_GhHD_543TSxNadLRsLgQu9T-

Request Chain 394

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q&C=1

Request Chain 396

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew

Request Chain 398

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ&_li_chk=true&previous_uuid=049680d4ba714666832acf82527527e6 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ

Request Chain 405

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w&cookieCheck=1

Request Chain 432

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh

Request Chain 437

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=0b-l557whOMkzQpmwvsXUpFL5yvmskSP

442 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.io/
Redirect Chain

https://risu.io/pfbSu
https://risu.io/

13 KB
5 KB

292ms
278ms

Document
text/html

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ba1f8e5048b9664d41ea3fc8be8dc7d77c347661624e14cfc9e83c89a720c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb60de2ae79e1cb-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 20:20:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: f73c55e5-38cc-4b8c-a650-434395a15211
x-runtime: 0.019936
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fb60ddd4833e1cb-ORD
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 20:20:06 GMT
location: https://risu.io/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 5196d601-8aee-41d8-aff2-b616e30c9ee0
x-runtime: 0.024376
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
970 B 641ms
58ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
708 B 642ms
59ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:08:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 application-025be2bd.css
assets.risu.io/packs/css/layouts/ 528 KB
67 KB 615ms
32ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:35:20 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 9887
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68120

GET
H2 200 header-419e5bb6.css
assets.risu.io/packs/css/commons/ 226 B
364 B 613ms
30ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:58:25 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 69702
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 index-01566233.css
assets.risu.io/packs/css/home/ 131 KB
19 KB 786ms
203ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/home/index-01566233.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19083

GET
H3 200 email-decode.min.js Show response
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 34ms
32ms Script
application/javascript 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: W/"64e37fab-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb60de46b662ae6-ORD
expires: Fri, 25 Aug 2023 20:20:06 GMT

GET
H3 200 rocket-loader.min.js Show response
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 36ms
32ms Script
application/javascript 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: W/"64e37fab-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb60de47b7f2ae6-ORD
expires: Fri, 25 Aug 2023 20:20:06 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 169ms
96ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:06 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb60de4e9931417-ORD

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
910 B 89ms
82ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Allison&family=Cabin+Sketch&family=Great+Vibes&family=Kanit:wght@300&family=Niconne&family=Sacramento&family=Share+Tech+Mono&display=swap

Requested by

Host: assets.risu.io
URL: https://assets.risu.io/packs/css/home/index-01566233.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:20:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 401ms
46ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:57 GMT
x-content-type-options: nosniff
age: 21730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:17:57 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 405ms
50ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:54:30 GMT
x-content-type-options: nosniff
age: 368737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 13:54:30 GMT

GET
H3 200 bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 88 KB
88 KB 331ms
55ms Font
application/font-woff2 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:11:31 GMT
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 4116
content-type: application/font-woff2
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90528

GET
H2 200 index-2e1e8e88a148c184c660.js Show response
assets.risu.io/packs/js/home/ 1 MB
435 KB 376ms
372ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445335

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
908 B 388ms
108ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94157ae9b66976e8e9ab87ba7be3275f51f0bcb4fa988b626889ddd47bfccf2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 zh-TW.js Show response
assets.risu.io/javascripts/i18n/ 23 KB
10 KB 370ms
368ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:38:10 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 23 Aug 2023 18:12:54 GMT
server: nginx
age: 2517
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10051

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 354ms
74ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d25234769530b89fc7e9bce0064fea774951a2ccd749ed536d01f97e979f730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51087
x-xss-protection: 0
server: cafe
etag: 6651990343388971921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 399ms
119ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb4c5e9d6960fd8dc08a8014530c7692e1555672238e561aa134814cbc3a01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50857
x-xss-protection: 0
server: cafe
etag: 8286723563083845932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:07 GMT

GET
H2 200 header-284b48f4c520b20108dc.js Show response
assets.risu.io/packs/js/commons/ 470 KB
143 KB 200ms
199ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:54:16 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 80751
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146149

GET
H2 200 application-bc03df23d8f68313a035.js Show response
assets.risu.io/packs/js/layouts/ 54 KB
17 KB 197ms
196ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:21:08 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 64739
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17116

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame B09F
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

58ms
56ms

Script
application/javascript

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a0b444496ae8c594ed7fa222b60434a646accc5a90c0c8feac0bea205b4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb60dec3fa62ae6-ORD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 23 Aug 2023 20:20:07 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb60debef402ae6-ORD
alt-svc: h3=":443"; ma=86400

POST
H3 200 7fb60de2ae79e1cb Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B09F 0
265 B 59ms
56ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb60de2ae79e1cb
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb60dee6aaa2ae6-ORD
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
50 KB 186ms
85ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75948de46e3eed8d8b5c2a7affc62ec7b395ef8bf516c9d96e8f0516c0ac56f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51253
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:05:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 20:20:08 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 392 KB
132 KB 105ms
102ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e61e1e3e91a968a89b4f8522aa6c67dc74242c82065eb4941eefd8742efd664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134789
x-xss-protection: 0
server: cafe
etag: 15667937081632535171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/ Frame ECE2 10 KB
5 KB 153ms
45ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 16985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:37:03 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 15:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ 450 KB
182 KB 157ms
48ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 14:30:06 GMT

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame B09F
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

196ms
190ms

Script
application/javascript

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Protocol

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72dd6eb9dff384e8171df4fa8e1f33487c4c4592d209352bc2cd5c847bc36ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb60df3fa3e2ae6-ORD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 23 Aug 2023 20:20:08 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb60df16e882ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 ysm_risu.js Show response
ad.sitemaji.com/ 45 KB
14 KB 140ms
32ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_risu.js
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:52:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 27 Jul 2023 09:23:59 GMT
server: nginx/1.12.1 (Ubuntu)
age: 23250
etag: W/"64c237af-b264"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13616
expires: Thu, 24 Aug 2023 13:52:38 GMT

GET
H3 200 abs027-4bed8014.svg Show response
risu.io/packs/media/abs/ 898 B
566 B 45ms
45ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/abs/abs027-4bed8014.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 65095
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df2d8972ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 gra001-b98babf3.svg Show response
risu.io/packs/media/gra/ 425 B
450 B 50ms
49ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gra/gra001-b98babf3.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 65095
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df2d8982ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 gen002-c35b3731.svg Show response
risu.io/packs/media/gen/ 2 KB
1 KB 56ms
56ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gen/gen002-c35b3731.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 65095
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df2d89a2ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 802 B
601 B 44ms
42ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1219907
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df349392ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 google-icon-501a643d.svg
risu.io/packs/media/brands/ 1 KB
790 B 48ms
46ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1219907
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df3493b2ae6-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 image_page-2402d7aa.jpg
risu.io/packs/media/demo/ 82 KB
82 KB 52ms
50ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/image_page-2402d7aa.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 65095
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60df349412ae6-ORD
alt-svc: h3=":443"; ma=86400
content-length: 84081

GET
H3 200 analytic_page-559230f7.jpg
risu.io/packs/media/demo/ 109 KB
109 KB 141ms
133ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/analytic_page-559230f7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 65095
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60df359572ae6-ORD
alt-svc: h3=":443"; ma=86400
content-length: 111521

GET
H3 200 social_seo_page-da2061df.jpg
risu.io/packs/media/demo/ 125 KB
125 KB 194ms
186ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/social_seo_page-da2061df.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 65095
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60df359582ae6-ORD
alt-svc: h3=":443"; ma=86400
content-length: 127530

GET
H3 200 qrcode-58d486d7.png
risu.io/packs/media/demo_linebot/ 340 B
589 B 234ms
227ms Image
image/webp 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/qrcode-58d486d7.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
cf-cache-status: HIT
age: 65095
cf-polished: origFmt=png, origSize=432
content-disposition: inline; filename="qrcode-58d486d7.webp"
alt-svc: h3=":443"; ma=86400
content-length: 340
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60df359592ae6-ORD

GET
H3 200 IMG_0822-19d28120.PNG
risu.io/packs/media/demo_linebot/ 251 KB
252 KB 235ms
228ms Image
image/webp 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/IMG_0822-19d28120.PNG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
cf-cache-status: HIT
age: 65094
cf-polished: origFmt=png, origSize=281534
content-disposition: inline; filename="IMG_0822-19d28120.webp"
alt-svc: h3=":443"; ma=86400
content-length: 257502
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60df3595a2ae6-ORD

GET
H3 200 shape-1-c213d1b6.svg
risu.io/packs/media/components/ 10 KB
3 KB 294ms
287ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/components/shape-1-c213d1b6.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 133705
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60df3595b2ae6-ORD
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
risu.io/cdn-cgi/ 0
135 B 193ms
190ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Wed, 23 Aug 2023 20:20:08 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://risu.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb60df3fa402ae6-ORD

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 781B 54 KB
30 KB 143ms
141ms Document
text/html 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kqz1d1vhvov

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0e294930c7feedcb70bcbec3026d6f8752ea841ad69b8f0743f57c1e5f72aa2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3ASmOI5cI2QzGAEiN3KCrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30570
content-security-policy: script-src 'report-sample' 'nonce-3ASmOI5cI2QzGAEiN3KCrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 03D5 7 KB
1 KB 84ms
73ms Document
text/html 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rw82zlbq7g2r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

401dc3cb7482e8652be239910c0ac1d0c32db5820b530f1468263f87466a7d2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Huq0HD-6exDwlp4NFl5YMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1072
content-security-policy: script-src 'report-sample' 'nonce-Huq0HD-6exDwlp4NFl5YMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:09 GMT
expires: Wed, 23 Aug 2023 20:20:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
599 B 165ms
61ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ccd8a43da5422d946282abb3a78ebe0cefebf05dc9ef6dcc9795dd60842466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0654 305 KB
60 KB 518ms
511ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692858009&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822008152&bpp=11&bdt=1712&idt=1031&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5236486224718&frm=20&pv=2&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1096

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d666cf6c2760854a4f7f49d7d67abbf6ae592041ca6412289c35f966b237d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61223
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:09 GMT
expires: Wed, 23 Aug 2023 20:20:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
65ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
71ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aa0c7294ee264246022df4f9b08a3380975462cbfbc322dfc8400818c1650b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11653
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 161ms
54ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 18:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5954
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 20:40:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 83ms
81ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a26218f338e11343a04a8c77be193dd349e4f002c21a6a74e0157dbf2609d29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 20:20:09 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

153ms
40ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6033
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKXgLTGB04rj6svErAChAvTeeEm5VSfpImL%2BPumSIcsu7TDI1lwk9ZRrGIHC9RxhMRW%2FIlzlw7uhwYCH7fXhOuVUMh%2Bi50nTpDAE%2FlNeR2f6R7yprkN9cu7OzmppDvwCXZnbWKih9h%2Fc30zKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60df8b8dc22ca-ORD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 03D5 55 KB
24 KB 158ms
64ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rw82zlbq7g2r

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:34:48 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 03D5 450 KB
181 KB 205ms
113ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 14:30:06 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 781B 55 KB
24 KB 132ms
47ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:34:48 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 781B 450 KB
181 KB 129ms
45ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 14:30:06 GMT

POST
H3 200 7fb60de2ae79e1cb Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B09F 0
265 B 71ms
68ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb60de2ae79e1cb
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb60df7af2f2ae6-ORD
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 250ms
101ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:20:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
216 B 61ms
57ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1687882424&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2F&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=2062523195&gjid=468743902&cid=2090007071.1692822009&tid=UA-146086888-1&_gid=80874431.1692822010&_r=1&_slc=1&gtm=45He38l0n81MR8WJDJ&z=203196063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 58ms
58ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je38l0&_p=1687882424&cid=2090007071.1692822009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692822009&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
341 B 147ms
53ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=2090007071.1692822009&jid=2062523195&gjid=468743902&_gid=80874431.1692822010&_u=YAhAAEAAAAAAACAAI~&z=1097449536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Aug 2023 20:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 96ms
95ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31b859edf9f0a7bdcbdc8e78e9b29e050389c45af3b40c7665f4d673c31fc8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 20:20:09 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 781B 2 KB
2 KB 49ms
47ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:24:31 GMT
x-content-type-options: nosniff
age: 442538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 25 Aug 2023 17:24:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 781B 15 KB
15 KB 48ms
46ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:41:31 GMT
x-content-type-options: nosniff
age: 477518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:41:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 781B 15 KB
15 KB 56ms
54ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:39:53 GMT
x-content-type-options: nosniff
age: 34816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:39:53 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 781B 102 B
134 B 67ms
67ms Other
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kqz1d1vhvov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:20:09 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
632 B 110ms
108ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5730
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzczeYWJNmNuJFV2WzU9D9%2Bz%2Bv6zW9Kn6E7027DGUo8WgFr5MNW5LhNh1Gv0l%2BXqRvr3H5YexthmxCKwIOGfDIiJdLsJxap4EhB%2B5lh8lyIM8CKxASMQ6e9cUvaFrbYuyRdHItdJoqUxBp%2F5qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60dfa5b6d22ca-ORD

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 177ms
66ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=2090007071.1692822009&jid=2062523195&_u=YAhAAEAAAAAAACAAI~&z=1946642268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3428 13 KB
5 KB 52ms
49ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FFF 829 B
994 B 245ms
207ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b82f06d40dbde003b7670694e84929ebd3172a9d4bbbe67178adb2101e1f9a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zYK5ns21T_lgUJWICj0LkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-zYK5ns21T_lgUJWICj0LkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:10 GMT
expires: Wed, 23 Aug 2023 20:20:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 154 KB
52 KB 117ms
117ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/reactive_library_fy2021.js?bust=31077287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adabb5a29b96ba650980af675dc8f5bff59a5f3bd4df14c28da69e7c19a7f49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53669
x-xss-protection: 0
server: cafe
etag: 14262427190366821817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:10 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 506ms
85ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.03211453944812992&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 01b2b3683edf271f251b58f5d4c3d642722b99ecad1852df29fe11e31120a955

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:10 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 531ms
112ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.2879829939794183&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2594740ec2d6758fffa81d2276c31fc5d8ac2a6317d4c9cff72ae94b282c413d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:10 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 531ms
117ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9041642714118914&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 99c16d671c6096ec259694f48fbed9c6897c46dd9043cc2cdbd623a7220642fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:10 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 514ms
114ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9156389372407316&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9b5bd89242693e0aaec4c3e58ea9776ae6415d7e3c1171165300999be6c9761c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:10 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0FBD 118 KB
41 KB 410ms
392ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

910eefd68516bd0be76d19de45209fedd17b96cf68701a80aacfec02a0a5d5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:11 GMT
expires: Wed, 23 Aug 2023 20:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEEB 86 KB
29 KB 322ms
311ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b8dfff29e93218b10c8f19f0f9a85c37eff6e1916d274d05d74306aa02588c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:10 GMT
expires: Wed, 23 Aug 2023 20:20:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AAE4 118 KB
41 KB 538ms
526ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f10e39617c4cdbe202bd5d01eabc1ff072f9c7c262622b434c05a3f04871d1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41700
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:11 GMT
expires: Wed, 23 Aug 2023 20:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7156 119 KB
41 KB 459ms
448ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64bb69d4f744af98616f5803136d9e2d96bcbf371e6eae0b11ccb9c8249edf49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:11 GMT
expires: Wed, 23 Aug 2023 20:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 133ms
41ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je38l0&_p=1687882424&_gaz=1&ul=en-us&sr=1600x1200&cid=2090007071.1692822009&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1692822010&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 71ms
55ms Ping
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=2090007071.1692822009&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame F3F4 10 KB
4 KB 103ms
51ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:57:28 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 17:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame A724 10 KB
4 KB 100ms
51ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077287

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:57:28 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 17:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 72CD 128 KB
41 KB 367ms
161ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:11 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 3CAD 128 KB
41 KB 273ms
69ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:11 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame C245 128 KB
41 KB 320ms
116ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:11 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 31F1 128 KB
41 KB 387ms
184ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame FEEB 23 KB
9 KB 68ms
60ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FEEB 8 KB
750 B 112ms
106ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:12:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame FEEB 15 KB
3 KB 270ms
36ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 12:37:29 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame FEEB 368 KB
128 KB 272ms
38ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 12:57:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame FEEB 20 KB
8 KB 65ms
60ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FEEB 0
0 125ms
53ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlXI-2O3BiIg6TbwZVlABW55ShSs7o7YagfYVTc_3aI_6lU8I0F1ur6D7bUxXv7FyXQ6n7q7UM3EKN0dVFJiDy4X0AEg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 0FBD 9 KB
4 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 0FBD 11 KB
5 KB 118ms
57ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0FBD 14 KB
1 KB 132ms
71ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 18:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 0FBD 2 KB
892 B 81ms
46ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 0FBD 23 KB
9 KB 85ms
50ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 0FBD 3 KB
1 KB 90ms
55ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 0FBD 20 KB
8 KB 118ms
56ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0FBD 0
0 313ms
278ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC9-u2odXGFfOwjsBulOfY7Xri1ON29bIDOet9zqfIGrSKJr8B0bhuzyyFysFekA-TkGHXanzYiuHpfnQqiqvxwj7a7A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FBD 181 KB
57 KB 332ms
272ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 0FBD 35 KB
15 KB 84ms
49ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 7156 9 KB
4 KB 96ms
57ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 7156 11 KB
5 KB 96ms
57ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7156 14 KB
1 KB 122ms
85ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:08:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 7156 2 KB
892 B 89ms
54ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 7156 23 KB
9 KB 135ms
134ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 7156 3 KB
1 KB 140ms
138ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 7156 20 KB
8 KB 95ms
57ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7156 0
0 165ms
164ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqz5x04UHmgWiQSJ8XeIj_T7mYSpcIbLG-pse9Xf743AJzwkDtromTHD6S2tFjhZI3sk_0shAY-cede_lj-MQBF5FvlA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7156 181 KB
57 KB 358ms
302ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 7156 35 KB
15 KB 136ms
135ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame AAE4 9 KB
4 KB 97ms
60ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame AAE4 11 KB
5 KB 107ms
56ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AAE4 14 KB
1 KB 144ms
94ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 18:22:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AAE4 2 KB
892 B 90ms
54ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame AAE4 23 KB
9 KB 124ms
122ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AAE4 3 KB
1 KB 137ms
135ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AAE4 20 KB
8 KB 103ms
52ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAE4 0
0 152ms
151ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTioz0UiZzVHDsqs_RHlm6JvfS6VVoSZokAz51RIVlKU4ljGzl7AsGZgnAzLA8Afwv3TBLX3YL69WBSzTSgPTgKqhFXhw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAE4 181 KB
57 KB 377ms
322ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame AAE4 35 KB
15 KB 119ms
118ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FFF 0
0 165ms
116ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230822&jk=3473384507421261&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3428 37 KB
14 KB 106ms
57ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 781B 33 KB
19 KB 188ms
147ms XHR
application/json 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65806270702ccbfca59e09538a535d1248418f58ab2e5379ce10a366bc12f1e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kqz1d1vhvov
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19186
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F3F4 14 KB
1 KB 150ms
107ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:17:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F3F4 2 KB
892 B 108ms
65ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame F3F4 23 KB
9 KB 104ms
64ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F3F4 3 KB
1 KB 137ms
97ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F3F4 20 KB
8 KB 105ms
65ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3F4 181 KB
57 KB 392ms
334ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame F3F4 35 KB
15 KB 107ms
69ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame A724 9 KB
4 KB 84ms
59ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame A724 11 KB
5 KB 89ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A724 14 KB
1 KB 100ms
80ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:08:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A724 2 KB
892 B 108ms
89ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame A724 23 KB
9 KB 110ms
90ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A724 3 KB
1 KB 117ms
98ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A724 20 KB
8 KB 87ms
68ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A724 181 KB
57 KB 365ms
333ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:11 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame A724 35 KB
15 KB 83ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 24A3 15 KB
6 KB 417ms
56ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 249418
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3CAD 0
185 B 419ms
62ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=50000934398

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C245 0
185 B 1254ms
1053ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=37519938887

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 31F1 0
186 B 212ms
61ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=58970941826

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 72CD 0
185 B 209ms
63ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=21082870927

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61EA 143 B
166 B 69ms
61ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0675 1 KB
643 B 163ms
144ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12FB 143 B
166 B 88ms
47ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E666 143 B
166 B 66ms
45ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA0F 1 KB
643 B 64ms
47ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D251 1 KB
643 B 88ms
58ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AAE4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff016ac3ddc0f73013ae28222edc12597462b33d24b8ba13d97b162c7892281

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 events
bidder.criteo.com/csm/ Frame 31F1 0
185 B 57ms
55ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 31F1 43 B
365 B 50ms
49ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 31F1 43 B
365 B 48ms
47ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 3CAD 43 B
365 B 45ms
45ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 3CAD 43 B
365 B 43ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 3CAD 0
185 B 54ms
54ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 72CD 43 B
365 B 46ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 72CD 43 B
365 B 47ms
46ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 72CD 0
185 B 55ms
54ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 72CD
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=4SaZijjvDsufOUbq_WnmZA&id=ida4mlvgiastit93r

3 KB
1 KB

279ms
275ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=4SaZijjvDsufOUbq_WnmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: d36c0e8963ba8d247929ee95ce99cc9b1e364a8e369dc5858c393df710536ed1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=4SaZijjvDsufOUbq_WnmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 3CAD
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=53fnCb02B2e6dryS_WnmZA&id=ida4mlvgiastit93r

3 KB
1 KB

280ms
274ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=53fnCb02B2e6dryS_WnmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 342ed4e15ebf20765f48fa1b00d753eaaf04949a8e56b5af3e928b4bf95d27a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=53fnCb02B2e6dryS_WnmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 31F1
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=KIhXz-gZAde1TXkk_WnmZA&id=ida4mlvgiastit93r

3 KB
1 KB

269ms
264ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=KIhXz-gZAde1TXkk_WnmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 3a3e18bcafab0ccc2692f3ebc902ba9baeaddcb9ae57d8f9cdcd742d6fd919c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=KIhXz-gZAde1TXkk_WnmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

POST
H2 204 csi
csi.gstatic.com/ Frame FEEB 0
234 B 581ms
152ms Ping
image/gif 2a00:1450:402a:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llo6io6y&c=1419425365125&slotId=709712682562.5&qqid=CLrG-rTN84ADFZg9swAdpUgEJQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FEEB 15 KB
16 KB 58ms
53ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:45:32 GMT
x-content-type-options: nosniff
age: 34480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:45:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FEEB 15 KB
15 KB 48ms
47ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:56:27 GMT
x-content-type-options: nosniff
age: 476625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:56:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEEB 0
20 B 77ms
65ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CQyL9-mnmZLrhLpj7zLUPpZGRqALa9ebFct2Vq-yEEc_7kOPXAhABII6H3o8BYMm2o4jwo-wSoAGp_-XGAcgBBagDAcgDmwSqBOABT9BqqQ_CAKSkFtlVkFOcbnKB1qv7kilB6cCfuSFKh0699Skiunf5u4lF4qPM_BHTp4ghVHfpKVE-amFVLziz6irkJxreOTgflO3qk5wS3AflsZZUMXdtcIFhGKIqwdTcuyfMq2TKTsYwsypexlqxbc6F_0bb8bNPB0H1V0mx_28LCPYTW1fBREjUoUfi7mIM_2ApvSjgHlut4GXUSg4MYK8iIOlSbkjvUynWpcjDFFAANjfHiGRAxPEPaZGaFovfMsKouvULCWyOounYKYIf3DYEN_DpkPTUXuwiRN9oNsHABJusn8-wBOAEA4gF4InfqEiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CVVPIDQGwE6XmuBTYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1692822012234&ai=CQyL9-mnmZLrhLpj7zLUPpZGRqALa9ebFct2Vq-yEEc_7kOPXAhABII6H3o8BYMm2o4jwo-wSoAGp_-XGAcgBBagDAcgDmwSqBOABT9BqqQ_CAKSkFtlVkFOcbnKB1qv7kilB6cCfuSFKh0699Skiunf5u4lF4qPM_BHTp4ghVHfpKVE-amFVLziz6irkJxreOTgflO3qk5wS3AflsZZUMXdtcIFhGKIqwdTcuyfMq2TKTsYwsypexlqxbc6F_0bb8bNPB0H1V0mx_28LCPYTW1fBREjUoUfi7mIM_2ApvSjgHlut4GXUSg4MYK8iIOlSbkjvUynWpcjDFFAANjfHiGRAxPEPaZGaFovfMsKouvULCWyOounYKYIf3DYEN_DpkPTUXuwiRN9oNsHABJusn8-wBOAEA4gF4InfqEiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CVVPIDQGwE6XmuBTYEw2IFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FEEB 0
54 B 515ms
156ms Ping
image/gif 2a00:1450:402a:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llo6io98&c=1419425365125&slotId=709712682562.5&qqid=CLrG-rTN84ADFZg9swAdpUgEJQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1bh&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FEEB 28 KB
17 KB 221ms
76ms XHR
text/xml 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CZo_GVI6NlvKRv15tIFV8TZKcbA3IG13Z212hafKoMYI8t5egVPH9mG1Iw_NPSlQkexq-tOYcoB0jkLae9OwgYi1ymBw&cry=1&dbm_d=AKAmf-AiV_55VGiaeDS4yCW6pC28IyXwsoiYEfZpnQDa7O3FEDU3EFy1YB2-k3qO-8fEMcLTryGjTuUY-sbNANMEKplYYZ84wxjclCdg6XuXUdO4OS7tP1R9-2eXBrYDvBxliYwLtxE90_P844_yRFJXUaQunFCC4TJ5FxL4_EJ2_ZgwZ5J5WpRPKRX89vA8B9xWbYTwAIKnZSjlexmDalFhLa6Brh4W_tkziSAOi-ywcHU55WBIYa7tzasQth95AzA62i8uZJYrZEWkFQO_fuvOSt0bmkwJi0OTyMRa7Xohze_okkcfg9xJFA_zy7WV0Dl5043iNVyM46mzTGqJYZHpuPXvXKQqC9nF4Ht_n5L7NCoBsbM7oEvS3WnW2Dm6iJqXQZpHx9F3M7_p84m7ZRZpORoYtBM9hH_YeJ4gWcXqk8GEfGrQvuWpb4EfYf5meAryNhiRz-9rCTKJ8dvpWty2ThpJ164zZR6SrXuTemZwUhSc9Ydzi5LmEJ-HO67rDDgewEOV-lBN4fk07p8oIN-BzRdxfYmA13Csm8CEPXkC14Kwz5tX0LQvbz2XpZFYAoPLzYqIeTIevWURbA65k6CqfKPJUI5DDdiftABG0cuuFHWegynO-7Smk74Hts2G0x-CUTR-B-UpfrRlUXH5j-1KDNRM2yA43o54-rn8L8p48BnL-9UgzIBSklsg_dzG7ekqAeIgHF-rDni-ZFyQnAaGTVsBGH6NeugVdZwWWrDnuHgXYI2Q1apaMnVt9bIZ0wNC0UzT2zCuAcxeNa9mN1OjfTn2_SyERqpziQHT8sJ7DhTgmRZ5fmqzfEroEFRH9Ff5OKPwbk-txKTMQyvIUtQxbc3yMiLa8yMhwDTSDfdGoA0xG08VaGghwRWuEA-Q_39NGmgR9OLmK9dJId4CL8qxkgkppcKzGZkJAJkwpU3ZUj_O5ycdzXAymOd5qs2T3i3iVPQU5GSbtmxV88KQQm6a5b60kTHCMbFayLhJIEzVkYXEow--Tt67N8pgdbanhoZcjxYxeLfeoaJe3BjrtjleUsCKVIz-0Y5eSP_738lw0wT46QWja9-4zMrKqm_6omZHaZ9Xl9XfL5jEzlwIIrjn7xVgW1AYj36l5AYxOqdQamnNlxinfmK8lg67Wr6A5ztSboT-rl9E616lk5gt_EwXEkapP7_UqUXHF3wD5E16Hljw2_z2ohGHINie5AosfJf3bpPjogRR7vl9u8e9oxAFyZgnZqDl004khcg5L1RXUxmcw-KXO6wcPxPk3h7oOWpWyUf2zWaeYgDBCTVNdfioiC6q1BP4xuthzHD3vZ3NgAxKqFkWx48kmeGd1OkzyYzxG57ePKaWzC_zZuJgJyJWcBAapUfL_L9gwD3mE7yshfRQLu4Ed7VCyr09chjBHAr7ORZv1CMkf5d8lXYyg9mQ5RB-LF6gRra6s-kUUmZEE2Tum2mFZ-frtf9rk61XpwqhqJ8BOlpf1XuhXAVjoCMzOQ2Y-PjO2gyu9UnK3JdQcU8Ak952SKX8IddIrFBF2WrftPXNr2W8NoytaB4LYSMqdn162ociV-msEk0vdxMJXE75tJqMxUdvbe31U1rS7PAJOccSnr7g28pZP2Vo1QQI-e-xMfaYptwGcL-8NsWFrpFEGvWLmmzLVg_H8X8LImRK8nd31cKOpaapm0sP4YCEehAomqfhz5eFwcRe-aWPlkeTJJDCbgkjPvnJtkZmXxI2dtdaSkjCOT_0cbV9ymuYFb_rDJYy6bdPNgDR7eB3ftfSCErgfETDEKjJJLmyYpWWHBIr8y_5J1gMS3_GlPrZU2Cr1HS17QXX-Zh7bKXTenzNijSftiB9WubtD-I80ozeA3ZhWqiiVVyq0zhFW6wAPnA1y-ANY-DYRslcUEkRshE2GHk_ZYFcHxkTb8p2Jx3jGJ_azeXY-4vaMAW5kcS0iSDMDHTwMJ-htg3CvbpVCF6MHqSh5SGfKfo02kFG05Rais8bDTuLXAUP3S3Hqg2FXOYKuE15VV-llFBJR75smcJ2CLWpHQwRvo_phr09uUkZsicSE4Dp4Ecsg4NT4RxuNuDZ9TPdYCeIsRCCN8u2NLDQzrn4JC3yQCAzjDTKPFoPmZ5IQQHJhmKMCYxpyc9PtedVS5vF1jaKyAL4nwUCkXoDqCluvIvZAbgGhIYsArkYVRERoFBhPJoHYerZTmolxm5n4TbMeplFQ9e6PXL1RvbPF2s0dabIdGV49Uf62K14ABw5h7cDKYfKYTk_tUomO0AT_zxJOEt7b3a_39ptgFc2XY5rYDvMHDGOs0IvlW8RYW6B2rlRhF9bJfZIPgwGIfVW0rZz4iJLoAJTWtRUDioR9Vet3M5-cOdwIBmFgjmDvAPHdzhKKHoVXxYV0EnG3iy7Enw0jjxh-b8Ci-Vt43Jwn5KmRJ35QQnuYFdamwuoG7dUzSfJcvQ_9ZLTObjAw2y-yCkpfcosgNwa6clTyLbNXPlnsprxD7-6ofdUEDue8o_dnK_70xq-IOzOsxZIvtwB-tq3n2cKoRsgWHKgpsC_ewodymwMD251H4yHVfGWEdcAenLR55J6xw2E_2q8JqXxOqhBD-mq5WhX_-IPigVdQ7MgO6kDRqTTB_rwaxzvUyGteyTazlxERASwI4b7eFm_nglCWulg_vw_nuktgt-ZSy_JuqTrFWh_AMd8p3lYxZ05xLkp-yW_5VjfN_h521YrOY3qK2i9xDhnipnO7nhBQfpOsPx07hrs4BKXcwhoopJq9qdeoq1yWEOw2dTa0rBhNp-0eIPUJUdeQNw3ibJW4kSo3zR4UK4uJ4WIMO6qWLTYTzKUaucuSlXwOpPc9vXrP1VlPmwLZs3oT8M5XtgGCFbX0rvXAfg35i8ojZGmcXEYUPi2kflMmCYU3lMC-a2vbvGakvjP2THrtzdd9bsi1Xo1WgLEU9oxnFzRqxY5MD-7gRdHyfaB-Sr2cfrdLcDa3r07oHpVt6A78VqPPEz2WuMVZtgEMdS0ZjhzObFscQ_ojcd5YNVm-nkoVZ70lTgXJwgSR1htkIFB70w_BNdYItoH__I76HrUMxo8VLk02wLe-CztBdOk9O1lbqRzJ3jW-RVhzVS4aT38PYoB5OpHXmALc37zRaTL80qcDddhtnUlHdJvr2yaVrmlji_PdK-k2EjrMv0MQMD7KWyxb6qqBC4n0eLH7TeVf8AyXJILfyzwLbWGk-HeuKne9utbyKAuDp7Az4BBKUbkyCcUBSW6QIfszenidAIpnq8783D_nxcJm1w7KACQZYGkhlhcrZ9NxvDJcUF2nEMQ-BWVW56cP19kvjC3oZQNd-6KOFKB1-pfxGKgJNT0yxmXGPyYdeGXoCVrHNUurjVmsjmY4mZYAzv3KJg69kvyVbVsgERzKCM2BKvFCKWRPR6Rf7G_cI6-JzJFbRiWBgzklEz6lSqH0C4oxGk--EV7omqPG5yojarrZGB85iJ-gcW58d-WyT7AQdykmzuWA2QSmzJdk2HzfL37w4I&cid=CAQSPABpAlJWCkyr9CfiNQu94FpO8ZhDvcSc5tsehoeV2Wj0OsQRiRnszPQtSdNjrLKfm-o3Mim2VOf2GyX_ERgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

646acb453a536763dd3230fd2bb2398bd259dd9014ccc961525beaa895aa5560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16680
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7156 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c32a0123eb656905f4d266e2328ed943045ff5a5fea6a84cc20c342ac66f28b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0FBD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e9f523718a0134833da739b9b7badcc94aa380a0ad894b0391f29667b1f53bf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 24A3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5VOdynxudkJ4N0d4amk2NXJmdVNyVC94UUU1REtsMGFFOXVwREFMSVBjYmRUTFc5ZDRBaFNEUDk4WVlTK1RHbG9VMWNJeDFQVjdlYnFNZzNPSGJNMml0dUo2NExHYjFaOUMyNVRWdnVYSmpLYnFyOG9ubXdWNDA2bkZzcj...

422 B
651 B

493ms
55ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5VOdynxudkJ4N0d4amk2NXJmdVNyVC94UUU1REtsMGFFOXVwREFMSVBjYmRUTFc5ZDRBaFNEUDk4WVlTK1RHbG9VMWNJeDFQVjdlYnFNZzNPSGJNMml0dUo2NExHYjFaOUMyNVRWdnVYSmpLYnFyOG9ubXdWNDA2bkZzcjQyeVJSQTZRVGUrUnMvM0RNdkZ0L0tpc3cyZVhrM3dBOERSY1JPYnZ0Q3FCdTRZSk94Z1k4UlhoQTdKR2hGdk9VeTJuZnJCaGNPYXJwSnVRT0FRV1h3WlR2amVNZksrM0c5TVVZcEFuU0w1RFIrK1RCMWZib1ZwZW5PQlZuTE92dU9IYTN4ZEprMGxEYzJ2WThwcVZtZ2JhMEVMTXdMdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b8184f50e07e4a7934270ffbdaddd6f868a39319bf1e59eb316197da02714d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1389908
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5VOdynxudkJ4N0d4amk2NXJmdVNyVC94UUU1REtsMGFFOXVwREFMSVBjYmRUTFc5ZDRBaFNEUDk4WVlTK1RHbG9VMWNJeDFQVjdlYnFNZzNPSGJNMml0dUo2NExHYjFaOUMyNVRWdnVYSmpLYnFyOG9ubXdWNDA2bkZzcjQyeVJSQTZRVGUrUnMvM0RNdkZ0L0tpc3cyZVhrM3dBOERSY1JPYnZ0Q3FCdTRZSk94Z1k4UlhoQTdKR2hGdk9VeTJuZnJCaGNPYXJwSnVRT0FRV1h3WlR2amVNZksrM0c5TVVZcEFuU0w1RFIrK1RCMWZib1ZwZW5PQlZuTE92dU9IYTN4ZEprMGxEYzJ2WThwcVZtZ2JhMEVMTXdMdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 446952
content-length: 0
expires: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 781B 33 KB
19 KB 143ms
142ms XHR
application/json 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84efcb7ab1e930a079e73c58c3ebe600a7ab6128291978d9c14b969ec0d84559

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kqz1d1vhvov
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19247
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:20:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8B7B 1 KB
643 B 61ms
52ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9895 143 B
166 B 60ms
53ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7156 33 KB
33 KB 54ms
53ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FEEB 0
54 B 156ms
153ms Ping
image/gif 2a00:1450:402a:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llo6iobf&c=1419425365125&slotId=709712682562.5&qqid=CLrG-rTN84ADFZg9swAdpUgEJQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FEEB 41 KB
15 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 07:09:31 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FEEB
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

314ms
31ms

Fetch
video/mp4

2607:f8b0:4017:3a::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/040082E2CAD19DC1DB449B04E908FA7EEF41E597.28274F1E3BC16DA2139E7E0CDB2CD105D9F51C3C/key/cms1/cms_redirect/yes/mh/JX/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsknek/ms/onc/mt/1692821144/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2607:f8b0:4017:3a::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:13 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4583625
Last-Modified: Mon, 02 Jan 2023 15:35:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 23 Aug 2023 20:20:13 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:20:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/040082E2CAD19DC1DB449B04E908FA7EEF41E597.28274F1E3BC16DA2139E7E0CDB2CD105D9F51C3C/key/cms1/cms_redirect/yes/mh/JX/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsknek/ms/onc/mt/1692821144/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

72ms
71ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:12 GMT
expires: Wed, 23 Aug 2023 20:20:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

86ms
83ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
expires: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0675 0
173 B 456ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI6lAR0cJE9_3AElU6aIPSA&google_cver=1&google_push=AXcoOmTZVp7pHY3LrU6Qt4YlXZdNNORs_j8YfMZJx7g7eQ9uMw-uNmTwcfG6zLDFvjdsEsjXrOj2B5XYxJyPzrCbn_edzgHsyhel
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=11&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0&nras=2&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9g8ft0egOt&p=https%3A//risu.io&dtd=59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAEzgxwblXeuAOAv5tap7ysItog4PXtnlEESJESnI2kxQgH6mTLLAd...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YBGT__Yo_VNR8xjoNqSbMc&tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAE...

170 B
232 B

87ms
84ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YBGT__Yo_VNR8xjoNqSbMc&tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAEzgxwblXeuAOAv5tap7ysItog4PXtnlEESJESnI2kxQgH6mTLLAdaN0pUA9Ms6uxW

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/2.0 odnd
date: Wed, 23 Aug 2023 20:20:13 GMT
last-modified: Thu, 06 Jul 2023 19:12:43 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=YBGT__Yo_VNR8xjoNqSbMc&tap=gAds&google_gid=CAESEK6OWz_yjnmsEeLuCET6sI8&google_cver=1&google_push=AXcoOmQ9jP71TiyOEbxArYnQ3lH738CyOeAEzgxwblXeuAOAv5tap7ysItog4PXtnlEESJESnI2kxQgH6mTLLAdaN0pUA9Ms6uxW
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC1HIJ3_TeOJzcdLPsZKn-A&google_cver=1&google_push=AXcoOmSwBe47RR4pDfmu6fsn0dnW_OKKS-fAcRU4dtun-2LcNAtxPrZMKE6Ma2fR1i7FOLq-yKiBJTiu3ONAI5W9DbePLquFt...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860304704

170 B
232 B

85ms
78ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860304704

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860304704
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAZyPvMwT8NGCqKkhY3Xmps&google_cver=1&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAZyPvMwT8NGCqKkhY3Xmps&google_cver=1&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoi...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=60fccb77-ed00-4c6b-82f8-a9dc7f5137db&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=60fccb77-ed00-4c6b-82f8-a9dc7f5137db&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=1d04d785-8efa-4683-869c-9fdb964f7fbd&ssp=google&expires=30&user_group=5&bsw_param=60fccb77-ed00-4c6b-82f8-a9dc7f5137db
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw&google_hm=YPzLd-0ATGuC-Kncf1E32w==

170 B
188 B

72ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw&google_hm=YPzLd-0ATGuC-Kncf1E32w==

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQeyrOuUILUd07J-CmuD9fojmD2439OAF1sI_vUdob3UMmrPc1P-XcICGO3G78AKgQPfgjX1ZbGuvyfoig2Y4AJ0Yak7BBiIw&google_hm=YPzLd-0ATGuC-Kncf1E32w==
Date: Wed, 23 Aug 2023 20:20:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEGaK-WL9GBWJvaSNUfIQR88&google_cver=1&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJ...
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJBVM58Lff3ffLCkjFig

170 B
188 B

66ms
65ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJBVM58Lff3ffLCkjFig

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:13 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmQA-PxHYGOkJ9sjpWYAkxbHmEh7KPoIHVTzsk9gYql6fda1fBdEMFMX9HFuRJKyyNOm5v_OZEFMX_KJBVM58Lff3ffLCkjFig
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 196
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAu4W9A-IPWQQ7nZzIH2GH4&google_cver=1&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWz...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAu4W9A-IPWQQ7nZzIH2GH4&google_cver=1&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-E...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1MzgwOTE2NjA2MDIxMjU4NQ&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-Eplx...

170 B
188 B

67ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1MzgwOTE2NjA2MDIxMjU4NQ&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWzT6KJl0Vmge9U0zUhNv_O

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1MzgwOTE2NjA2MDIxMjU4NQ&google_push=AXcoOmSYbRSoBhZy1wdnBQ5eoySuE40gdggYf2e7OQET7yFDw9dSpaJWeRIHju3bJlrupFabG-EplxWzT6KJl0Vmge9U0zUhNv_O
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0675
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAAFa2Wom6Mq9EIa05XFrik&google_cver=1&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2dd...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2ddiFY0x1qCD-CQQhIpkcj0pdmrDl2kgjwhPf-Q

170 B
232 B

88ms
80ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2ddiFY0x1qCD-CQQhIpkcj0pdmrDl2kgjwhPf-Q

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 20:20:13 GMT
X-Bytefaas-Request-Id: 202308232020137D0DB3DD5B4929CC59A3
x-tt-trace-tag: id=00;cdn-cache=miss
Connection: keep-alive
server-timing: inner; dur=5
Content-Length: 0
Server: nginx
X-Tt-Logid: 202308232020137D0DB3DD5B4929CC59A3
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRnL0c6afVY4yt5KGuhMmIuFO2JlvbPsDHJm0-7_AgbKWvst01mT9Bup80x2ddiFY0x1qCD-CQQhIpkcj0pdmrDl2kgjwhPf-Q
X-Bytefaas-Execution-Duration: 3.76
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-tt-trace-host: 01695441e5612fb3235feb17eb9545a7e56f2be88021c399796996aa9ca5eb16fce3ba14a9429752821715258e606836136fc2bc2a83d9268d69539aa8bb22036e8391e5932c1a261a46c57bf01fbd667e
Access-Control-Allow-Headers: *

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0675 0
40 B 493ms
68ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LnjyHU-DI49jYQHDnn0x6-W-CaGBo8s4hVx3hOcNLWEBngRBntoi8SWQydkNauNdB5e8RyaA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0FBD 33 KB
33 KB 49ms
46ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AAE4 33 KB
33 KB 59ms
59ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
DATA 200
OK truncated
/ Frame FEEB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edde73fe73db28d5351fae1b28d1b3b81ac8172322be03fd920670f45d69f7ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKu2oPbwjxTLgWnXk1Y5J24&google_cver=1&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_awtkRrwpr7hk0SZg0QgpTmaakY

170 B
188 B

66ms
63ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_awtkRrwpr7hk0SZg0QgpTmaakY

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FCCF694B65B044BF98BC1267519F2B75 Ref B: CHGEDGE1206 Ref C: 2023-08-23T20:20:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT1hbvf5hp6V0nvvxDw3sWgoNHJFqormSHuFg1JE2T-DMUIOrMFRo1OIQa7KT57QsIg90xC_awtkRrwpr7hk0SZg0QgpTmaakY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDnNbGllLdBQ/uZprrWw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPcWhDtGEd9_bFDzdy7PywQ&google_cver=1&google_push=AXcoOmRODz2pnDlF6FerGC5OyHbpdLQefwFKueA0-vnqi9LO0wl43dcs9bkB9YZSIDyvCTXUa--65sJ...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEPcWhDtGEd9_bFDzdy7PywQ&google_cver=1&google_push=AXcoOmRODz2pnDlF6FerGC5OyHbpdLQefwFKueA0-vnqi9LO0wl43dcs9bkB9YZSIDyvC...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=E0Z3yvG1R4WGSFJBMuBTqmTmaf0

170 B
188 B

67ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=E0Z3yvG1R4WGSFJBMuBTqmTmaf0

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:12 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=E0Z3yvG1R4WGSFJBMuBTqmTmaf0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEL7naPB-Hjfv7zvHv4FnzZs&google_cver=1&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2...
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2noQoYPxccR5l2NLRG5o

170 B
188 B

63ms
62ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2noQoYPxccR5l2NLRG5o

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:13 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AXcoOmSSycOvKdOFH5P0qtUfkFkOZsCi5lJmHSmxDRGFuM_6i6FRscgHpWS9-d0b7DwQ-ZmOw8tH2imVE3x2noQoYPxccR5l2NLRG5o
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 197
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE8-lwOtIX2fiyEPpvZiVm8&google_cver=1&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdke...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE8-lwOtIX2fiyEPpvZiVm8&google_cver=1&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqP...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5ODIwNzI0MTY4OTMwNTQ5Mg&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRd...

170 B
188 B

73ms
69ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5ODIwNzI0MTY4OTMwNTQ5Mg&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdket-kTzVdk3Urj5RSjh-1UB8M

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg5ODIwNzI0MTY4OTMwNTQ5Mg&google_push=AXcoOmRNmHaJvBMNE_LgL9sc5jetZl025npq9hV111tvoDHWAH2d9iHTee23yXaCrr4elcPwIqPxRdket-kTzVdk3Urj5RSjh-1UB8M
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIQ4i3KijccGvPGDSvX9Jxc&c_param1=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow

170 B
188 B

66ms
64ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRjluw6BdoLKcQfyGslnXwiWdlLGmok7vBSZzpPHV53DjWJL75QVG1oqCmcPKWUuk6oeJbBxOrdCROqz3QBltZXSz6nVwFWtow
date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDqaL4AsuWCac_rghk70ixo&google_cver=1&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDqaL4AsuWCac_rghk70ixo&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA&google_hm=RnZFOThPWElham5ZeE...

170 B
188 B

62ms
61ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA&google_hm=RnZFOThPWElham5ZeEpzMm1TZHA=

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:13 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRVZElowaUCrBrRU1FAB_e0GadbGiEeudQWCA_TyZUIoT76DiSF8TwK21-0QyZNSMneGouI028-WyBj_0ERYWpHj4U2m4BuqA&google_hm=RnZFOThPWElham5ZeEpzMm1TZHA=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AA0F
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEqiahUBQs83-pWeCexyyDw&google_cver=1&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBz...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBznWj0apTsmxGsn5Fb_0gFSvKujLUrthGnkjjK7F9ulKoUOA&google_hm=QlMuZWY3Yy0xMDY...

170 B
232 B

83ms
76ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBznWj0apTsmxGsn5Fb_0gFSvKujLUrthGnkjjK7F9ulKoUOA&google_hm=QlMuZWY3Yy0xMDY1LTQ0NzktYmI2OA==

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQd8GBqYGLNp_MojudR8LubhGHcdHosSGkDzitKnSfPX_OWNJCBznWj0apTsmxGsn5Fb_0gFSvKujLUrthGnkjjK7F9ulKoUOA&google_hm=QlMuZWY3Yy0xMDY1LTQ0NzktYmI2OA==
Date: Wed, 23 Aug 2023 20:20:13 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AA0F 0
130 B 451ms
62ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDZLRB72ftVX0nlk6bJFzLHW0jssHECAZZdcPjqxMLyi-ogNrNv64SWWhwJwh8jvXcY9f2sg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7156
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CaG1v-mnmZLXULo_pzLUPhY-ImAryoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBM0BT9DnL3k772lGu0KCNMszU0Ym9EnTLmoBdF5r02GGAH6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

195ms
60ms

Fetch
text/css

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2214438636958757793168%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228683858172471819153%22}&andc=true

Protocol

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"14438636958757793168","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"8683858172471819153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:20:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"14438636958757793168","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"8683858172471819153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C245 43 B
365 B 46ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C245 43 B
365 B 64ms
62ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D251
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEMS0XaiQsJOsXep2EA4FqYM&google_cver=1&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30&google_cver=1&go...

170 B
188 B

68ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30&google_cver=1&google_gid=CAESEMS0XaiQsJOsXep2EA4FqYM&google_hm=UTc0NjEwODQxMzE1OTEyNDQ2MTY=

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 20:20:13 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRsmr0QTNkQnQtQMKieQmnLLMvI6wPG6inU9kXKw57uMYOGATUlY6473jtXzqI35S_ayRq4SNxs9QE6RDop4dTPI0cQrBQ2V30&google_cver=1&google_gid=CAESEMS0XaiQsJOsXep2EA4FqYM&google_hm=UTc0NjEwODQxMzE1OTEyNDQ2MTY=
Content-Type: text/html
Cache-Control: max-age=13686
Connection: keep-alive
Content-Length: 154

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D251
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEM3gvVQ04PDjGLYC9aPD7fQ&google_cver=1&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ&google_hm=UjMzNjQ1XzEwN...

170 B
232 B

80ms
72ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ&google_hm=UjMzNjQ1XzEwN0UwNjk0OF9DMEU4MDU0RA%3D%3D

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQkhLF8yBfTVxqAhgAscC79-jlRrYnrwCNtOhMPWcl7kUTC3K9ntI4x0Y8YWmYAgOM3IQnNoUUNC4PKM5TtYKySIxhrznt9ohQ&google_hm=UjMzNjQ1XzEwN0UwNjk0OF9DMEU4MDU0RA%3D%3D
Date: Wed, 23 Aug 2023 20:20:13 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-375826742; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 349
Content-Type: text/html; charset=utf-8

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D251 0
119 B 372ms
40ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDcJuNLhtkWYObnCMSzyFBw&google_cver=1&google_push=AXcoOmR4RnEIMam7qS55ztQ3ppU5wGhw68Ozkz1mKyJvReAIU_9dMI-i0awnDF7HkvZN8aP3wsF97BIuH9-Offv9vk6JkqRmxHcF2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=KoTRcDCO6X&p=https%3A//risu.io&dtd=116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D251
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESECzNy0OQk3A2Yz3S4uBlWVs&google_cver=1&google_push=AXcoOmTw4U3BgJIVcpeoSD4Oqjsnil9ZSXpkYjGjLZqUodl2gqm2lUq6EZ7qWXFVCMmoRU5h2-_iHSc4bjOug8ncIOup8V4DWjbfIjc
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzQ0OEEwRTIzRURCRjJENQ==

170 B
232 B

88ms
81ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzQ0OEEwRTIzRURCRjJENQ==

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzQ0OEEwRTIzRURCRjJENQ==
date: Wed, 23 Aug 2023 20:20:13 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D251
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTL3Mv3xsdkZVERDH7lhBj8JxwSwjFY5vdguJISju8msMyqkyM7QGUSYNV-q-zyAqgByzSLtUVUtV8hfKOdOe_dhzToBpprFprK&google_gid=CAESEEwN78A9O...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEwN78A9OaU0jZ_YlIweFq0&google_hm=T1BVYjhhNjlmMDEzYTJhNDBlZGFjMmFiNWJiNDQwM2E0ZjA&google_nid=opera_norway_as&google_push=AXcoOmTL3Mv3...

170 B
188 B

70ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEwN78A9OaU0jZ_YlIweFq0&google_hm=T1BVYjhhNjlmMDEzYTJhNDBlZGFjMmFiNWJiNDQwM2E0ZjA&google_nid=opera_norway_as&google_push=AXcoOmTL3Mv3xsdkZVERDH7lhBj8JxwSwjFY5vdguJISju8msMyqkyM7QGUSYNV-q-zyAqgByzSLtUVUtV8hfKOdOe_dhzToBpprFprK

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEwN78A9OaU0jZ_YlIweFq0&google_hm=T1BVYjhhNjlmMDEzYTJhNDBlZGFjMmFiNWJiNDQwM2E0ZjA&google_nid=opera_norway_as&google_push=AXcoOmTL3Mv3xsdkZVERDH7lhBj8JxwSwjFY5vdguJISju8msMyqkyM7QGUSYNV-q-zyAqgByzSLtUVUtV8hfKOdOe_dhzToBpprFprK
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 328
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame D251
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEK_uI44nf3cHqhYUQ6vGXZ8?ext-param=AXcoOmSF0nq63BZlV5BJ8zHQeobkAaEP8MlK5B6b4SoZy7adZjlnNQFNiWR-ffw9E9GnXBJRsD5oWcoxMoPduGiclt-Dnrevgaz4vYeD&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEK_uI44nf3cHqhYUQ6vGXZ8?redir-setuniq=1&ext-param=AXcoOmSF0nq63BZlV5BJ8zHQeobkAaEP8MlK5B6b4SoZy7adZjlnNQFNiWR-ffw9E9GnXBJRsD5oWcoxMoPduGiclt-Dnrevgaz4vYeD&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK_uI44nf3cHqhYUQ6vGXZ8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

176ms
175ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 07 Aug 2024 20:20:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D251
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEN2WRR6Ovjc2MiDRyqWZy7Q&google_cver=1&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzs...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzsm-H-4MmeZ28TVvjNzb0v5euCpPmyqRZ3K8wtO

170 B
329 B

78ms
69ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzsm-H-4MmeZ28TVvjNzb0v5euCpPmyqRZ3K8wtO

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 20:20:13 GMT
X-Bytefaas-Request-Id: 2023082320201389897658D92111E9F463
x-tt-trace-tag: id=00;cdn-cache=miss
Connection: keep-alive
server-timing: inner; dur=5
Content-Length: 0
Server: nginx
X-Tt-Logid: 2023082320201389897658D92111E9F463
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmThyI0UtCHC-dAnyo7W1j5v9J0ALgi-BZcwxZqH4mmpp-geABcWkzs4sAnVDzsm-H-4MmeZ28TVvjNzb0v5euCpPmyqRZ3K8wtO
X-Bytefaas-Execution-Duration: 3.77
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-tt-trace-host: 01695441e5612fb3235feb17eb9545a7e5abf4d5b9183034b866d7a74618f504f8b15a07312b6763f0d792e1e1f41c37ee73ae81ff025e5cad50a0e54cea08128d264845d0c0622a2c34cac266e6a5ba0c
Access-Control-Allow-Headers: *

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D251 0
40 B 401ms
63ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgIMT3WIFKKbKajqop3L2PQeogc7ZOEQml6CARgeC6AR8NSV7NG5qqjy6CZooU_kh21ZkH03gk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame B93C 37 KB
14 KB 59ms
44ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame C245
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=EoOCnTlwAEmj8Ns9_WnmZA&id=ida4mlvgiastit93r

3 KB
1 KB

282ms
278ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=EoOCnTlwAEmj8Ns9_WnmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 84602f64fc84d28ef6cffadec3ee067161aaeb93c73083d7a5a4bb9e7a257d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=EoOCnTlwAEmj8Ns9_WnmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E666
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
74ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
expires: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 27D7 37 KB
14 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=10&bdt=4069&idt=10&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=l7YP8AgV3N&p=https%3A//risu.io&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B7B
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_cver=1&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=59778e7a8de72109&is_secure=true&networkId=14000&version=1&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_cver=1&google_push=AXcoOmSdC4Cw...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHZfoqEyD76QN41b6OAAAAAAA&expiration=1692908413&google_cver=1&is_secure=true&google_gid=CAESECLRamc4HME_So8qA0Elv...

170 B
188 B

63ms
62ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHZfoqEyD76QN41b6OAAAAAAA&expiration=1692908413&google_cver=1&is_secure=true&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu1SYEFelZct22nxML_oKCjbwTrA5W1OK1KnpHZGbxEh3FbRh0

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHZfoqEyD76QN41b6OAAAAAAA&expiration=1692908413&google_cver=1&is_secure=true&google_gid=CAESECLRamc4HME_So8qA0ElvrY&google_push=AXcoOmSdC4CwBaeJG41-P3gJjcXe4yNzr3DyLC-NeSRf0ebtRQnigyu1SYEFelZct22nxML_oKCjbwTrA5W1OK1KnpHZGbxEh3FbRh0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8B7B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidY...

43 B
424 B

123ms
90ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fb60e10dc562303-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 106
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDA1i60RnvdFPJsM9JxRQgo&google_cver=1&google_push=AXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNcqdGgbK_jIopykXD_UqhG27O8SvZeBmYuWMVJ9DLayzXIsOdq1CESCxwVsZ_-Ir_WR2n3j7fT72NG79RGoEci_PeidYe9q4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fb60e0f39452303-ORD
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B7B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFYRKUCxD1k9lxSTWaIAbRA&google_push=AXcoOmQbihnBxNc2WfyYhnGRge4TddwWL41o3MuvSS2P3kM9z9c8fKffTz...

170 B
232 B

89ms
82ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFYRKUCxD1k9lxSTWaIAbRA&google_push=AXcoOmQbihnBxNc2WfyYhnGRge4TddwWL41o3MuvSS2P3kM9z9c8fKffTzpxFGo1b8jn8TiA9dT3Moenm8exL38-GbgF7frcQGN-SkI

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-chi-kigq8000132-CHI
pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692822013.313073,VS0,VE22
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFYRKUCxD1k9lxSTWaIAbRA&google_push=AXcoOmQbihnBxNc2WfyYhnGRge4TddwWL41o3MuvSS2P3kM9z9c8fKffTzpxFGo1b8jn8TiA9dT3Moenm8exL38-GbgF7frcQGN-SkI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B7B
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOpn8fq2nxYdYh0T8ukeukA&google_cver=1&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4ypCmVYK2O5zIbGXOC57qHEmlM8

170 B
232 B

86ms
84ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4ypCmVYK2O5zIbGXOC57qHEmlM8

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:20:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D1EC5D6E58764CAE8E87ACC2CF8AE782 Ref B: CHGEDGE1206 Ref C: 2023-08-23T20:20:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT635bA1HoWNZo6GCk-2M4FUHWdheS-GVH-ecoXpnl2eVFeMe8rgqVTqJCSQ19AO8ZpDXZx4ypCmVYK2O5zIbGXOC57qHEmlM8
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDnNbFmgws0LNpTy3Zcw==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B7B
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEM3YFjMb21R1WIcNoh-5QH8&google_cver=1&google_push=AXcoOmTxB021r5DzMyrkpb57uSiMhbrvKa8_hwmlwAvbfpSD9hse1By5ziMhXyK_uBMtM5I9vwAPPUJi3mqADf5evsr1JnsCj...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860253305

170 B
232 B

91ms
84ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860253305

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860253305
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B7B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJPBHeesu6uE_UCi3PJquqM&google_cver=1&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TNk...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dO32Ld_3W5RAJ1tBCaw8CWjtwRw&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TN...

170 B
188 B

67ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dO32Ld_3W5RAJ1tBCaw8CWjtwRw&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TNkWqVGDSQOlFOVoMRU

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dO32Ld_3W5RAJ1tBCaw8CWjtwRw&google_push=AXcoOmQQy7PXHgkm7n27rbuUOQ45Kaq7W2-y8X3lJj85A0vaPN2-bAymV9gNo-Rey74m4_6ckYQUtaShMOQ5TNkWqVGDSQOlFOVoMRU
Date: Wed, 23 Aug 2023 20:20:13 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2

200

report
sync.teads.tv/um/ Frame 8B7B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFPerZX7Jpmd...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc5OTcxZmUtYWI1ZS00NGE3LWJkMWUtNGU1YjNiZTExOWE2&google_push=AXcoOmQ2WjYS5rtGfllyqBce14VNjA2mVKfQg7FgcirF3Y8U6Ncgye6K9VHiUNVW-jJPW...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

87ms
86ms

Image
image/gif

23.52.160.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89
Protocol: H2
Server: 23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 23 Aug 2023 20:20:13 GMT
pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8B7B 0
49 B 298ms
67ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSVbKvTxfiku5mDsCdycoDEEfPsTnoxYXb8e7wwvp3BWsROMBGefkuyCWeGGRs4CJDtTU7Ng

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 events
bidder.criteo.com/csm/ Frame C245 0
185 B 322ms
322ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 274ms
62ms Preflight
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C94F 23 KB
8 KB 82ms
48ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 15936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:54:37 GMT
expires: Thu, 22 Aug 2024 15:54:37 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9895
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

113ms
103ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
expires: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1803 37 KB
14 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3428 0
10 B 50ms
49ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qoVubA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0FBD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CE-vO-mnmZL7NLoyZ0_wP9I-H2AzyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDw4SAgASqBMcBT9AUNO_3p2Qrmi6f4vVwoZt_BFbISC0fyvDnDbB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

63ms
59ms

Fetch
text/css

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2215445029276566332364%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224537149688745565649%22}&andc=true

Protocol

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"15445029276566332364","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"4537149688745565649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:20:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"15445029276566332364","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"4537149688745565649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AAE4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdeg3-mnmZI_NLofO0_wPmaSqePKgmKByw-Hr0u8RysyD744OEAEgjofejwFgybajiPCj7BKgAdnB0_wpyAEBqAMByAPDBKoExwFP0FC70-CzQ3ZB50z97LNPJqbAzVsK0kw_gJxXOhtUM-l...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

66ms
64ms

Fetch
text/css

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2210484639341830750297%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737609689878998481%22}&andc=true

Protocol

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"10484639341830750297","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"13737609689878998481"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:20:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"10484639341830750297","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"13737609689878998481"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame A5FF 37 KB
14 KB 52ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F73 37 KB
14 KB 66ms
58ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 88ms
86ms Preflight
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2215445029276566332364%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224537149688745565649%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-vgqsknek.c.2mdn.net/videoplayback/id/8d0ef91bdaa7c0eb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817121814/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FEEB 275 KB
0 63ms
29ms Media
video/mp4 2607:f8b0:4017:3a::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4017:3a::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 23 Aug 2023 20:20:13 GMT
date: Wed, 23 Aug 2023 20:20:13 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4583624/4583625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4583625
last-modified: Mon, 02 Jan 2023 15:35:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
58ms Preflight
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2210484639341830750297%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213737609689878998481%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:20:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame C94F 37 KB
14 KB 47ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A68B 15 KB
6 KB 56ms
55ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 1636237
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 06D1 15 KB
6 KB 70ms
55ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 872218
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D4C8 15 KB
6 KB 71ms
58ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 2013734
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 31F1 12 B
222 B 936ms
365ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 1EC5
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

69ms
66ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6038
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nytMf52EsRGYwgS%2BX%2B4yJcuD5pwu4jNLJyTEmXpnU3eccY5M4BOs239kQSy5cx%2Baukq5upign67yFli6l21omMEGPY6Ocjks72gVws4JsWeYbxZOEkREs4r3dzkdJgJeKdRS0%2BrmIYkJmf84g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60e14ea78233a-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 gcm
gocm.c.appier.net/ Frame 1EC5 42 B
349 B 195ms
191ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:20:14 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 3CAD 12 B
223 B 703ms
187ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 85B9 42 B
349 B 206ms
189ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:20:14 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 85B9
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

128ms
127ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6038
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZITwqsb7xXKv50An8VqEtE8gPb%2FYA2kJ4yJ3GCpkMMa8oQt3ra4pOLYtLV5lyhSy0DZKo%2FmuaHxvAcEJ3vF5qWful545%2BL%2Fqs66jmMxdLhlLSrHijgLEYuNOKZ4PG7RvAtE7X9wt5CruAIa4zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60e14ea7a233a-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 72CD 12 B
222 B 856ms
367ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 8E50 42 B
349 B 193ms
190ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:20:14 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 8E50
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

119ms
118ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6038
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEHA%2FJQkwCCbGDLlCFVMWY7v80D9XZ7tpSOx0IH3ioMG7DtXmc2atBJJI6t0riMUpoY0uXJ9oZ9BJ0AOT9o9fcFJ1MJceE4gG8fXDg6wgFZbFN54XhD7fkJB3S0qWMSpyfbYKXW8QaubspgGyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60e153af5233a-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame C245 12 B
222 B 837ms
366ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 0425 42 B
349 B 191ms
191ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:20:14 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 0425
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

126ms
125ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6038
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BY3OcGHIny3p4GWbmMnc66Zil%2BjY355Aq4aQzQWMcseZjGbryt2ouEKaKffu27jFxEriQByFkBcvA%2FIOtpNbg%2B3Iqbjctz3aV6jBUcqeiwxlfNySGZXURVWGnvatsAGdDvGk9v4PDzEMKNy3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60e153af8233a-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FEEB 0
0 66ms
65ms Fetch
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfJu3-mnmZLrhLpj7zLUPpZGRqALa9ebFct2Vq-yEEc_7kOPXAhABII6H3o8BYMm2o4jwo-wSoAGp_-XGAcgBBagDAaoE3QFP0GqpD8IApKQW2VWQU5xucoHWq_uSKUHpwJ-5IUqHTr31KSK6d_m7iUXio8z8EdOniCFUd-kpUT5qYVUvOLPqKuQnGt45OB-U7eqTnBLcB-WxllQxd21wgWEYoirB1Ny7J8yrZMpOxjCzKl7GWrFtzoX_Rtvxs08HQfVXSbH_bwsI9hNbV8FESNShR-LuYgz_YCm9KOAeW63gZdQSD74KpwjA28CwoEg763GLUyAH9-M0oiyF8YPG1QXtmLMOEV7J0Q97fCYndAUWGtW8S5nxGhzrLVb4Nob1eegIEsAEm6yfz7AE4AQDiAXgid-oSJIFBggDEAEYAZIFBggbEAMYAZIFCggiEAIYAUiYrHySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ3bQGGLDlyt0B0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHaDBEKCxCQwPKj7d3B1NoBEgIBA7ATpea4FMgT_ezS4QPYEw2IFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTIwODcwODE3MDc4MzE0MBgA&sigh=ghYGO8pOKAg&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWCkyr9CfiNQu94FpO8ZhDvcSc5tsehoeV2Wj0OsQRiRnszPQtSdNjrLKfm-o3Mim2VOf2GyX_ERgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858010&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822010509&bpp=2&bdt=4069&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec4896cdbccce36f-2238105fb2e3008d%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_MZIcJIhJizzPslJJ_f6yniFvf192A&gpic=UID%3D00000d8d64dac1d2%3AT%3D1692822009%3ART%3D1692822009%3AS%3DALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw&prev_fmts=0x0%2C1200x280&nras=3&correlator=5236486224718&frm=20&pv=1&ga_vid=2090007071.1692822009&ga_sid=1692822009&ga_hid=1687882424&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077287&oid=2&pvsid=3473384507421261&tmod=1071397449&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=M4aAsN25Eq&p=https%3A//risu.io&dtd=89
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:20:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A68B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5...
https://mug.criteo.com/sid?cpp=mjc_iXwzZXRsQkl6V1JxS3UwcXcwUTNIQzFrVGNUVjNhK0p3UGxOMkJSYlVIV2d6UHpmRE1Rd2N5cm50aEdHUVpGT0hTVkJ4TUh1N0xKZ3EwaFF5d2o2QW5ia3A5WGxJb1RnYlU2Z0tjanlvWmVQRkx0em1sNXlxK0JtbD...

433 B
646 B

59ms
58ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mjc_iXwzZXRsQkl6V1JxS3UwcXcwUTNIQzFrVGNUVjNhK0p3UGxOMkJSYlVIV2d6UHpmRE1Rd2N5cm50aEdHUVpGT0hTVkJ4TUh1N0xKZ3EwaFF5d2o2QW5ia3A5WGxJb1RnYlU2Z0tjanlvWmVQRkx0em1sNXlxK0JtbDAzd2krWTJ0QkJRVXlCRXdNYWc1U2VRL1h3QXkzcVJLK1l2K1lhOFc5NHNxQVdzeE9hVkVYNkJzY2hidGl0Zy9ocnVtVGIwVkJ1ZFU2aTU0WmJSQWYrRDR4aGIyZCt3Q3pvNy9rMEVsMlVwZVV4RENibTZiZlY1VzVLVnhIZVhLM1lWbmhaRlpOTUNkOWJQbkxFeFFlUGp2RE9rb3BKUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

84c6d40320585a08fc76d420c18e8ff1d63a6631352ff1b26ff4def26dc5b65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 965760
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mjc_iXwzZXRsQkl6V1JxS3UwcXcwUTNIQzFrVGNUVjNhK0p3UGxOMkJSYlVIV2d6UHpmRE1Rd2N5cm50aEdHUVpGT0hTVkJ4TUh1N0xKZ3EwaFF5d2o2QW5ia3A5WGxJb1RnYlU2Z0tjanlvWmVQRkx0em1sNXlxK0JtbDAzd2krWTJ0QkJRVXlCRXdNYWc1U2VRL1h3QXkzcVJLK1l2K1lhOFc5NHNxQVdzeE9hVkVYNkJzY2hidGl0Zy9ocnVtVGIwVkJ1ZFU2aTU0WmJSQWYrRDR4aGIyZCt3Q3pvNy9rMEVsMlVwZVV4RENibTZiZlY1VzVLVnhIZVhLM1lWbmhaRlpOTUNkOWJQbkxFeFFlUGp2RE9rb3BKUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 556477
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 06D1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5...
https://mug.criteo.com/sid?cpp=uigUvHxFaHpvVW5PT2dXVXlwME1tK2c3K3BwOHMyb1hlSnhYV0haZlhoZWZHMEFiMTBhSmRrcE9zMExNVjJuTStta01uaVFLVVRZNHEwNWp1NnQzRWFOZDRMbWFZTnZKS0F3cU0vQ0JDcWJKZW9OTEFrSWhHWFRrODgwUG...

422 B
646 B

60ms
58ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uigUvHxFaHpvVW5PT2dXVXlwME1tK2c3K3BwOHMyb1hlSnhYV0haZlhoZWZHMEFiMTBhSmRrcE9zMExNVjJuTStta01uaVFLVVRZNHEwNWp1NnQzRWFOZDRMbWFZTnZKS0F3cU0vQ0JDcWJKZW9OTEFrSWhHWFRrODgwUGVtY3NyOS9BTk5xOEVkSlNIV2dpeUZJdTBRTzNvVXl1N21qM1BHM1l6SWtPL3g0bmtFanVWU0ZRVnNtbE1sK3RNQjc5cVFIVmU3WnJqKzIvVWlOYnBIcjZ2bDhkeFEzc3dodDlmMWdBdjNBbktjVFpFOFo5cmVUZFdjUmtUWU5ORTlmZFFQb25JdHR4QXRrNkdyKzRVZ3RVV2JtWGkvUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cdb6e02553ccfac85c1a01801890e7a1ea7752b91e2954b48157977d03b0a884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 955602
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uigUvHxFaHpvVW5PT2dXVXlwME1tK2c3K3BwOHMyb1hlSnhYV0haZlhoZWZHMEFiMTBhSmRrcE9zMExNVjJuTStta01uaVFLVVRZNHEwNWp1NnQzRWFOZDRMbWFZTnZKS0F3cU0vQ0JDcWJKZW9OTEFrSWhHWFRrODgwUGVtY3NyOS9BTk5xOEVkSlNIV2dpeUZJdTBRTzNvVXl1N21qM1BHM1l6SWtPL3g0bmtFanVWU0ZRVnNtbE1sK3RNQjc5cVFIVmU3WnJqKzIvVWlOYnBIcjZ2bDhkeFEzc3dodDlmMWdBdjNBbktjVFpFOFo5cmVUZFdjUmtUWU5ORTlmZFFQb25JdHR4QXRrNkdyKzRVZ3RVV2JtWGkvUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 524295
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame D4C8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=ms8lS19tOTFhVHBSOWdNT0tQSWcwbllNMGFSbDBiNWlLN1JQZElicyUyQkJZM1VhemxkbWhsb2xRdFZieFZ5...
https://mug.criteo.com/sid?cpp=FkXkv3xBUENnMjFMN2RuZE9WMG1TTWVEa24yMWx3S1dsTFFKZmFGVS9lQnBOQ0p4bzl3elA0dFJ6djdVZTVhSXFQc1ZucVdRaUJHTnJGd1hKem95R3ZiblhHUVMxb2RESzgwVjNKSGg3U2o5Nm5STjFFL1ViQm5SLy9xTX...

433 B
652 B

55ms
54ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FkXkv3xBUENnMjFMN2RuZE9WMG1TTWVEa24yMWx3S1dsTFFKZmFGVS9lQnBOQ0p4bzl3elA0dFJ6djdVZTVhSXFQc1ZucVdRaUJHTnJGd1hKem95R3ZiblhHUVMxb2RESzgwVjNKSGg3U2o5Nm5STjFFL1ViQm5SLy9xTXhQODVSazZVdThlUGN2TWcwYzcyZFUvZEY1SHY2WWplOFdIaFdzWEhDb2R5U010Q1UwZE9BQ0phc2U3OVk2WVpWMUYzUDAvTjEwWjU2elFueFFSUFVaWkExOXBZY1dCbGZFQkk5VEJMQ2dmUWMrTjBVMlg2VmFQTForSlRZdTlpM3BKSmYzQnpMREI4YTZGd2hxZTVqa0VsQjY3UDhuQT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

26e519d381c3411377e72ce6adced315a27cc77acf75c3efa470823c4bb0f3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1534956
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=FkXkv3xBUENnMjFMN2RuZE9WMG1TTWVEa24yMWx3S1dsTFFKZmFGVS9lQnBOQ0p4bzl3elA0dFJ6djdVZTVhSXFQc1ZucVdRaUJHTnJGd1hKem95R3ZiblhHUVMxb2RESzgwVjNKSGg3U2o5Nm5STjFFL1ViQm5SLy9xTXhQODVSazZVdThlUGN2TWcwYzcyZFUvZEY1SHY2WWplOFdIaFdzWEhDb2R5U010Q1UwZE9BQ0phc2U3OVk2WVpWMUYzUDAvTjEwWjU2elFueFFSUFVaWkExOXBZY1dCbGZFQkk5VEJMQ2dmUWMrTjBVMlg2VmFQTForSlRZdTlpM3BKSmYzQnpMREI4YTZGd2hxZTVqa0VsQjY3UDhuQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 305123
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230822&jk=3473384507421261&bg=!rK-lr-DNAAZGPLJIZjw7ADQBe5WfOAeJA0hQqCWxYZhxMc8edBw-bPlEpU9sVPjhoeSbo4z-hhxT20oSvbK1x8VqUgqgAgAABmhSAAAADWgBBwoAKlyBVZlvMDYHcS-FWzXUkKKVjfohq7rl7oZZKGC9unIqn51H6fNRhPZZ_ZkC8RwijCJTkTV2Ssh4dbkLsa8iU8HHm116YFhcYq_GgJ8j-fi1bvoVfEBqrqP--7rLN8WuT_1wy5DLOkq_guWOFQhrZJ-igzhxCK0QhFREg5DukKv74sAJuDOu_TobbDcfl_t_GjXKAn0iYXhUR1T6ITOvPL2BIpwhJlsXRWNhREP-voPV8kptxcaKJoE9Y90ZAIETbYPdaRVThNiz9MQGzSNd8MpVKuTWNA6aheT4HPQCTVHqlAOK3VrMg-VnlxZPSHVfAPUcND4HGx_CGo5PlFlAmpUSeebi2r21l4DLJqlBBEJY8okt4PNs13x2eCWFaxAmwk4O27hBrNakFSCrH7KKfahKkY-r7kA9vUM8iFA1h8cSXVkKC9BV2-spk0XeqTblaJ-osrTlVm1PL-cdsc6SDbl4qzdJA1gmMA_OHk9ZEgDiTat0hPMi_Ba0KeG8Yq0YQ7Sc8_RU6qbbF6UmNwJkrl3ontU2lLPSguSipYs2luGeY_kt7bH0OG9uDhdPBCKXLOEpvDaLHDGgZIMTNUeX-F1g7HNSiZ_0J5rDUzf9xylXqVWI-P2AxsTPJeNcgsoJpvr66ECmQsUTaX9BjXGzgluU8JbaeG3ogBCboM2U85nU6_aU5ZtdZWkDbuBHLHal4H1jFLGlPOyl1iB16WwJhWdNZTHE_TUSWbfM24WmkwEfIQisB9-t7jKn4abdESZlm_Z9HB0kc6ANkAY1I9c49ZL3_VdauXb8XkIT54H3JUIeNgnnn3t-QZh8BnpMrlazX3FVNrckPP0HQy20dfnqMeXUfil_-6pTJmfzJOO9lu1UFRZxBUtw4Kkg-zSbnXnF56Thr6DAgWonw71PTPz4CFwhEoDHaerjKAG7cli4cowMGAyZkPoXIHo28DGhMCxysx6yFNzsGty-YhOX8Nsv-DTcwdFCAz6oIy90LZFegQMQjihUTk3Vx_Rq-oHG7TO9a9WmC-dVHvgWVoAfaoOYIVipX6Qt8wvhakMQ0I8-_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1EC5 975 B
758 B 55ms
39ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZfHo8owkvG%2Fp6GGEnwmfTkKPY34W4kb25bsCoieiWYBh4pdql7hbsjMJTs4rW7p8RVKdR6Xw9nb2hMOpFSQsfizH5XDArVtSVwH22S3HE6aRV4gZEkmEV6QFplzZYZMgmLZnieHzQqMdJ1CZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60e15fc35233a-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 1EC5 46 B
485 B 251ms
56ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 1EC5 3 KB
2 KB 208ms
104ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.35035101811453284&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 4e80cd7a028ea44ab55906bf7eb5c8dce0a769afcee3d08225632de1125b097a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 85B9 975 B
760 B 39ms
37ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxi4m320gdFkQdkl5rPfa8hftmVLHsJrsTBaRsbUzTRZvWaCFY0kNA%2FA82wooyZIooBrp7VYJgW42%2FtxAXwgZvNmR8nyCwPK0CanuXzdTsHCpEuD%2B9nGWfRjl%2FJ6cY57754M6gRiUIdeuWR6Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60e176e54233a-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 85B9 46 B
485 B 198ms
50ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 85B9 3 KB
2 KB 199ms
100ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7775276940496008&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 358c4def7a1b073b5780891db67948eb5fec9615927a2abea29984746cdf33d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 8E50 975 B
762 B 44ms
43ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11b3Jfcw%2BTDNYWN53YGgCoUAlBAHk3w4j1voyhvyXbWse6Sh2MWKx116%2BXAxNuSYKRJ3GF8aTgcF1%2FNcVzq5ABMsSWZ584TgBkqyoA90lRakLdwas1DyKhmQYAYPjJq%2FMcN%2Fk0Y7bn0clyzRWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60e17bea3233a-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 8E50 46 B
485 B 184ms
56ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 0425 975 B
761 B 46ms
43ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5735
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxrv6M1dePwyzRNFfJ5qSIMi4xC4NVV35Tzha8nDmbdNXJ41yiJ6hW3TFIDpvgXMdwptt2blR8mwxKU26JBiP8Cp5IMZUWw3U7q4gjd9fR3ReGg%2BWdnlgE%2FCVx4aXmdpb5NZEf6PKDz%2Fm79Nzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60e17dec8233a-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 0425 46 B
485 B 177ms
48ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 8E50 3 KB
2 KB 198ms
103ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.25169664614243925&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: f0dacd63d3cb5c672b2a7f917708a1ecf793e0cbdec8fdc2ed36123e3d45f295

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 0425 3 KB
2 KB 222ms
115ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2548172618399607&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 8ee05fc9631fe85bd5668dbae5680741a0187f61a1896b278eb3621910c6514c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 0
20 B 67ms
66ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BPmqP_GnmZIOyHoGIoPwP3PCx8AoAAAAAOAHgBAI&bg=!DQ6lDkHNAAZGPLJIZjw7ADQBe5WfOAuGXfj7sHy9-ghUvY_07RfTsZAuV8gcL4op18hpSwAnFCBIm0YfXSSbwsXoxnDCAgAAAgxSAAAABmgBBwoAUjWdGXsmABvA6BEaiW8-OyDpANROQYGZ_V_oJ9isNLF8hFDO0L1NWdFf3wLbj7e3oJrGaKYmvbS_UY8ZykMWMDtrd8RqRTeeJV3N2I-JoKLWV8SZAtCUo0HOmP7oaN-3BY9P68vwQ7AkA46h4PFGKbqjFKNGRcseyQhiVSKLBYYOq7hYV74w51xrZU5rWwMhXZDoYE2wCH5RgjChlg2CBOFgcOuhdrEDx81mNS6ZzFvG0Vpqn0D6hYw7qo_SAddVUsIDsWjd2hVzeT94zzhEJZR4yI8r0sr-CPyjUAnMBaaABV_jvghCA1zwSB3Q7m67Fj_Z87dmrzGsMbsEhfc2l-408d4S2j21Y8PNTLfUJV05BagOoeN8jFVCXhVb_EcXv77nvpD-_fnB5I2T8YdQEXvNL2AGUJcNELtUqBpg5kxu9CLsSom2_Nz8Pdj01Td74YYkItPnWwZOSppje1Eu-jwAz2AJSZk5-JCs9bURdo-1AoLaDnZB8n1B-rpJdTjo_EmSs_NaHvArLrv2Zy_E7IXS-26nAOK7K8J7tDIBJEcbHDUrV6VQzEL3K5qt8WXQasAG1YCstS9UyhPKEjKwcnf4Ljj6nWtFx97jYi1470s9dG2psNm-1vTFKWgIM0Z_oknvtCJSg4Ql43hqMOVN6LRMyjbKc5w1tbt_GsqHhZRsdobq30-4_Z2PJln4SAS-e0Klvol2NRVfv2y7o6CC-lwc3KhPnkj9hlKZtR4QolbzDILpBaitvOfLU6XpAOwPufacJSCrHoXh7DzS5vHDEjGwGNfo5WQZDf6AktBWDrqo7T3K5GnI0qjLZ4fpxu78YmLMg6KJJe4kjtk2C-M3sS2Ca9Gg4lwaYzDxczkwmHl1YTHh9t-MK8zYss3xheAyIardA3dou5ZTP7sxNsDMUxp6VRU8AQZxhW_t_xOyiA25LSnJjBiqhkbcUtY9Z2IeZGCxC1HpoenhlWim7t_zGb1bhPLVHh3UhOpUUygmu1tT9i6bOBnsiBDahIMjBhpRqq2sWrrcVIvaViWx4Mg_5MCib-_7fEVZNqA1z8i5akiJSfa3od4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame C86D 714 B
750 B 44ms
41ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5022
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60e189ffd233a-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:20:14 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bby%2BODvKSWUaQNmYRqAqi6xMR3%2BawT5vZVhmGcWXZ3ZCIGKcMI0cCDV2zsMTnU%2BISr2EPqBnxspbT472jj%2FF5BLDrsGdqq%2F5buKcU9083o3XisizKb9p4GtYV1bZKOv0U50PR9VLNGLIt7Znlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3742
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

196ms
47ms

Document
text/html

96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:20:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:20:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 1EC5 35 B
384 B 162ms
54ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5CFF 128 KB
41 KB 49ms
48ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:14 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 7E21 714 B
751 B 48ms
45ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5022
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60e18c82f233a-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:20:14 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r00YK342AdY%2BZuAaVoSn8dzpBmYO7VuE%2F9D25fosi%2BHzN92k7trMQ8DRIdd0%2BE%2FcVgOtiaS5Tw%2F00HPUiSHec9%2BZyXisJfXnVWXSrCZney0CsM5CX0HXvITMBI5iSGGTTd7VLWnNnQASSlw74A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 85B9 35 B
384 B 143ms
50ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:14 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AA4A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

197ms
49ms

Document
text/html

96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:20:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:20:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 310F 128 KB
41 KB 53ms
50ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:14 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F1AF 714 B
749 B 47ms
40ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5022
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60e190867233a-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:20:14 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tz2GSg0gurwbOwKN6XjiDmMzkLx%2FNxDtpTPlfY4s0v0zygQkBQ2h3dhs%2FRwzH1cbw7kM%2BOpc2jLn%2BRtL86UrL%2BAmcRitgG6lkum%2FC7YPLzLtJwW7Itw5FIy2hA8jUhnk0Dc3abI7isuHPlTgyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 8E50 35 B
384 B 168ms
54ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A389
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

193ms
46ms

Document
text/html

96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:20:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:20:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C86D 98 KB
29 KB 233ms
96ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85c41e649de18382b334a7b6e9a9d82bcf43b403856f650d8161225d50318d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: cafe
etag: 527 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:15 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 0E75 714 B
755 B 62ms
55ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5022
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60e19389a233a-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:20:14 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktDuWBOMavPmA%2F0Y%2FrmWjqQAYiIORAtxz50%2F%2F332BZBTkqoiCO6S4x3eGKS0eLUS1v8N%2F4LJ8Aqguko2zkGZ4zhUBdnNktPQGCDTcBS%2BYP%2FYqzaP49y3j2sqxJd1iwKoXY%2BOo%2BzmMxJw0YNFbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 0425 35 B
384 B 156ms
56ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FC7B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

201ms
54ms

Document
text/html

96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:20:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:20:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7E21 98 KB
28 KB 238ms
142ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb30ab692076231ad215fc262079108bb9150375825474acbf80384dfea8e1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: cafe
etag: 791 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:15 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame C94C 128 KB
41 KB 48ms
47ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 66A7 15 KB
6 KB 59ms
52ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 1230915
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 5CFF 3 KB
2 KB 68ms
63ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0aHhtdlFqaiUyQkNBTGN2MG12Sk1kbWdOVmlVd242UnhHS29OJTJGNk1xQXJKTzJlRGxnSGFnZkN2OG0yQXMyTmdEUSUyQnVXJTJCbWRuV1NIQnJaQUp0VFVLUGg3cUU4VFFDSWF3JTNEJTNE&cb=51387789838

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e82d0099fcc517b52af91b4d49c92e524ec2f5de77520697c00145dd418e68a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Aug 2023 20:20:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F1AF 98 KB
28 KB 213ms
181ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

500ea9648952b6dc93fddbccbbfa87e56e26e172726a17e0e9fd821cd0c887ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: cafe
etag: 50 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:15 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 650E 128 KB
41 KB 53ms
52ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:20:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0E75 98 KB
28 KB 185ms
170ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0a91a41a6ec9c734bc44436d01ba752dc0b5ae0a3697c04f0059432b437b5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: cafe
etag: 617 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:20:15 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4009 15 KB
6 KB 55ms
54ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 1992234
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 310F 0
185 B 72ms
71ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame 5CFF 0
185 B 65ms
65ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

ajs.php Show response
ads.us.criteo.com/delivery/r/ Frame 703B
Redirect Chain

https://cat.va.us.criteo.com/tpd?dd=6HQK8l8lMkZjcVJPcjYya09Vdng4dTJoSDQxZUR1JTJGOTloRmwybGk1QU1zZ2tQdnRHJTJCdThJRjd6UEh3ZlgxcWpuTnVPdzhQQzZHNEdwb1Vjd0QxZ2pCJTJCSElwcktiZFk3a29RZUYyQXMlMkJBckY0TGdGd...
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cdzS77PL8IejmZ5L4GbvsGGkvuewcnFAspJgCilDy0ic%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9...

123 KB
42 KB

270ms
82ms

Script
text/javascript

2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cdzS77PL8IejmZ5L4GbvsGGkvuewcnFAspJgCilDy0ic%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K106QuuzKXxaYuE1QstwS4ZjMiUFm9xAAF8BPrVsWMx6fLmvsRI9oO0UeKXc4O9QvOAz3YAWDuTjvdm2kCx1RYN2hSTJMdahds3BEWKo_a8Ymm78L9TJknRIoK9VyR3m5lz9ZEE4ESu-FHezRqiw7lkmoIRpbKQD7PanZotHCkvDptcyzAKvAWk0ApxVlbnmnOQEz_3YUgVGP5yQSw1Dv9yXpa5hEtzwkCJd0hAccXXUHbDUwfo4LWBa0_Q0S5qQ6CUtPZSqcnPHt6pYAbwuiXJpXs2lTnNb_r1qomEXnmq2E5OzMuV0aTHiSbEGnF6nstv1b_Aem5pezB3cCrs4Miu4nypXG2tJkmrQXl0eyeKXxm-EeTQzfO-pqrHgISQN4vBfnMgVXd-L3ChUAuYBS5SpyH992CUUG_O4T-sOfXC6hiewVAvRi6pB8u6WpbvNnXZlntGigkuTfrc0R2Apyjzg8tCIP04K28JwwNGUGlYhXsa_irnQkQ57eA1qzh4WM6onv4GtZkpeOEjsnjxWa2xZgkGBKU0wU66ReQXrDr4ZY

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f34efcad411f70b681b773d3e25ca821db3b976fb3384039e1ba050acec71432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26414222
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cdzS77PL8IejmZ5L4GbvsGGkvuewcnFAspJgCilDy0ic%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K106QuuzKXxaYuE1QstwS4ZjMiUFm9xAAF8BPrVsWMx6fLmvsRI9oO0UeKXc4O9QvOAz3YAWDuTjvdm2kCx1RYN2hSTJMdahds3BEWKo_a8Ymm78L9TJknRIoK9VyR3m5lz9ZEE4ESu-FHezRqiw7lkmoIRpbKQD7PanZotHCkvDptcyzAKvAWk0ApxVlbnmnOQEz_3YUgVGP5yQSw1Dv9yXpa5hEtzwkCJd0hAccXXUHbDUwfo4LWBa0_Q0S5qQ6CUtPZSqcnPHt6pYAbwuiXJpXs2lTnNb_r1qomEXnmq2E5OzMuV0aTHiSbEGnF6nstv1b_Aem5pezB3cCrs4Miu4nypXG2tJkmrQXl0eyeKXxm-EeTQzfO-pqrHgISQN4vBfnMgVXd-L3ChUAuYBS5SpyH992CUUG_O4T-sOfXC6hiewVAvRi6pB8u6WpbvNnXZlntGigkuTfrc0R2Apyjzg8tCIP04K28JwwNGUGlYhXsa_irnQkQ57eA1qzh4WM6onv4GtZkpeOEjsnjxWa2xZgkGBKU0wU66ReQXrDr4ZY
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 245842
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H/1.1 200
OK impr
us-east-ad-track.aralego.com/v1/cdb/ Frame 5CFF 35 B
258 B 266ms
54ms Image
image/gif 207.244.102.141
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-ad-track.aralego.com/v1/cdb/impr?iid=4cedb67b-a1a0-4cb5-bc16-f2911a37f47e&byr=572ede970349848769d6ae6e&impr=&cpm=0.05010996013879776
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.102.141 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: undefined
Date: Wed, 23 Aug 2023 20:20:15 GMT
Access-Control-Allow-Credentials: true
Connection: close
X-Powered-By: Express
Content-Length: 35
Content-Type: image/gif

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F63F 15 KB
6 KB 53ms
52ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 1404613
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C94C 0
185 B 66ms
65ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 66A7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0...
https://mug.criteo.com/sid?cpp=jVxe1Hx4TnFWRENXU0ZnU3pMb0VVNXZEVUpQRWxXbDBRZWdtRXIxL3VHT3Z0S2lkMXN3cjdPRzUxbGt4OC9scG5zS3hwU2pEUW5mcjVGSzkydlZkOGQwNHNJTGlOckdaanJWcXI5aHJwYmJRM042c0lBYzBNS2pPbkRucV...

431 B
652 B

54ms
53ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jVxe1Hx4TnFWRENXU0ZnU3pMb0VVNXZEVUpQRWxXbDBRZWdtRXIxL3VHT3Z0S2lkMXN3cjdPRzUxbGt4OC9scG5zS3hwU2pEUW5mcjVGSzkydlZkOGQwNHNJTGlOckdaanJWcXI5aHJwYmJRM042c0lBYzBNS2pPbkRucVhQcUNkRHNvNk0raFpyWUEvNmp1OHlWQWp6Vk5INmVkVDhVSHp1Z1FCVk5mSXEwTit1cTVmUWY4WHowVTVUcm5IVzZZa1Q5cVZSa0ZuR2drc0wveGRocGNaVU9uNWNuTThwMXVvekx3cVlmRFpDSHdxV2dEd1hLSWo2a0lncXRveGNWc1lLWlV5VGE1aFM0RVIwcnhUSkloR083VFVrZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

27fbedfb725bfce210e9c5db356535636d905bee7d755c2527540a3f1d54bbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1227830
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jVxe1Hx4TnFWRENXU0ZnU3pMb0VVNXZEVUpQRWxXbDBRZWdtRXIxL3VHT3Z0S2lkMXN3cjdPRzUxbGt4OC9scG5zS3hwU2pEUW5mcjVGSzkydlZkOGQwNHNJTGlOckdaanJWcXI5aHJwYmJRM042c0lBYzBNS2pPbkRucVhQcUNkRHNvNk0raFpyWUEvNmp1OHlWQWp6Vk5INmVkVDhVSHp1Z1FCVk5mSXEwTit1cTVmUWY4WHowVTVUcm5IVzZZa1Q5cVZSa0ZuR2drc0wveGRocGNaVU9uNWNuTThwMXVvekx3cVlmRFpDSHdxV2dEd1hLSWo2a0lncXRveGNWc1lLWlV5VGE1aFM0RVIwcnhUSkloR083VFVrZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 324481
content-length: 0
expires: 0

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 310F 43 B
365 B 57ms
56ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 310F 43 B
365 B 44ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 310F 0
185 B 54ms
53ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EFC1 15 KB
6 KB 69ms
68ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 5596866
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 650E 0
185 B 59ms
58ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A389 34 KB
10 KB 49ms
49ms Script
text/html 96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54723
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:32:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FEEB 0
54 B 156ms
154ms Ping
image/gif 2a00:1450:402a:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llo6iom2&c=1419425365125&slotId=709712682562.5&qqid=CLrG-rTN84ADFZg9swAdpUgEJQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=995&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1mf~vil.2q4&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3742 34 KB
10 KB 54ms
53ms Script
text/html 96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54723
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:32:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AA4A 34 KB
10 KB 72ms
71ms Script
text/html 96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54723
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:32:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC7B 34 KB
10 KB 46ms
46ms Script
text/html 96.17.65.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-65-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54723
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:32:18 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C94C 43 B
365 B 51ms
50ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C94C 43 B
365 B 44ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame C94C 0
185 B 51ms
50ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4009
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0...
https://mug.criteo.com/sid?cpp=mCAOq3xBSFNWYjhjZUVENmdteFpiUkFEVUZWUC91cmcxeUNEeHFIYXRNZTRvdUdGZkRtUkN6TmRkSWZBakVqNjJkOTdpOWIvOTlOTldOYmpDbjA5NHMrT0lsZ2p0QU5oVE9IZ3NnanRiV1VRanMyc3o0V1ROWlZwWXJ1dE...

422 B
666 B

54ms
53ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mCAOq3xBSFNWYjhjZUVENmdteFpiUkFEVUZWUC91cmcxeUNEeHFIYXRNZTRvdUdGZkRtUkN6TmRkSWZBakVqNjJkOTdpOWIvOTlOTldOYmpDbjA5NHMrT0lsZ2p0QU5oVE9IZ3NnanRiV1VRanMyc3o0V1ROWlZwWXJ1dEJSR1lkUWNXZ1VmVFdReDlIaWRqaUNOMW5IVzZSUCtMRTRWajlVVW9JWU9QR3JtNUszdzY1aW9lOHVnM2VuS0Y2UlZ0NU1oRGQ3MWtYUVk5Q2U5T2p5cXhNKzZ2enJSNnRJUTVlOUdGNUtWYVdMcnQ2Z1RLRGtNUFQ4Y2FXMkc1UHFJdnBFTWM2cnZORnhJeFIyY283WElCNHlrcW90dz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1dfd0d02ab1ddb13cdb7b690d53f504a2021b91633ff1e53887070a570145131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1696124
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mCAOq3xBSFNWYjhjZUVENmdteFpiUkFEVUZWUC91cmcxeUNEeHFIYXRNZTRvdUdGZkRtUkN6TmRkSWZBakVqNjJkOTdpOWIvOTlOTldOYmpDbjA5NHMrT0lsZ2p0QU5oVE9IZ3NnanRiV1VRanMyc3o0V1ROWlZwWXJ1dEJSR1lkUWNXZ1VmVFdReDlIaWRqaUNOMW5IVzZSUCtMRTRWajlVVW9JWU9QR3JtNUszdzY1aW9lOHVnM2VuS0Y2UlZ0NU1oRGQ3MWtYUVk5Q2U5T2p5cXhNKzZ2enJSNnRJUTVlOUdGNUtWYVdMcnQ2Z1RLRGtNUFQ4Y2FXMkc1UHFJdnBFTWM2cnZORnhJeFIyY283WElCNHlrcW90dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 306766
content-length: 0
expires: 0

GET
H2 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 310F 108 KB
12 KB 32ms
29ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:54:02 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 15973
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 15:54:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame C86D 402 KB
127 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame 0E75 402 KB
127 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame 7E21 402 KB
127 KB 87ms
87ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F63F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0...
https://mug.criteo.com/sid?cpp=dbEFTXw5NmxsTU8yWkRGOEhaN1djdzdERUltOXI3NEZ0Rnowb05JVnh0a2xBTWM0UVdwbVE5NWF6Q3lTUlFja3FCV3M2MHdyY2VCK2RUaXRDTkVuc29XT1Q3Yit5QmZOSXBNZ1JMN2hBeUJPOWhWOW52bGJOR1AweU5tUW...

425 B
651 B

53ms
52ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dbEFTXw5NmxsTU8yWkRGOEhaN1djdzdERUltOXI3NEZ0Rnowb05JVnh0a2xBTWM0UVdwbVE5NWF6Q3lTUlFja3FCV3M2MHdyY2VCK2RUaXRDTkVuc29XT1Q3Yit5QmZOSXBNZ1JMN2hBeUJPOWhWOW52bGJOR1AweU5tUWZZem9MaTByN3o5QnJvWjkrMEdhQ0I0YTd5MnlkeUxqOUVVMXhtak54L1NGL21KYXQwWDYvQ0NUK2NIYURqOGFLQVhveXNLcks1L3RvQXdGR3dwd014T3dHek01bXphQUtPajVIZUxoS0VSYUxXbE53dFZwNFVkdGZ3QnNzZUx2ZUVHSkczSlNySldQRlBSZXErZ1pCODN1VEtkVnZpUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

085c572c6d41eb40542e21f048f6b6f0377649fb83cf8e1ff7122df4cd8dc1d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 852039
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=dbEFTXw5NmxsTU8yWkRGOEhaN1djdzdERUltOXI3NEZ0Rnowb05JVnh0a2xBTWM0UVdwbVE5NWF6Q3lTUlFja3FCV3M2MHdyY2VCK2RUaXRDTkVuc29XT1Q3Yit5QmZOSXBNZ1JMN2hBeUJPOWhWOW52bGJOR1AweU5tUWZZem9MaTByN3o5QnJvWjkrMEdhQ0I0YTd5MnlkeUxqOUVVMXhtak54L1NGL21KYXQwWDYvQ0NUK2NIYURqOGFLQVhveXNLcks1L3RvQXdGR3dwd014T3dHek01bXphQUtPajVIZUxoS0VSYUxXbE53dFZwNFVkdGZ3QnNzZUx2ZUVHSkczSlNySldQRlBSZXErZ1pCODN1VEtkVnZpUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 484606
content-length: 0
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame F1AF 402 KB
127 KB 76ms
75ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame C94C 108 KB
11 KB 32ms
31ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:06:16 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 8039
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 18:06:16 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 650E 43 B
365 B 43ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 650E 43 B
365 B 44ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:20:15 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 650E 0
185 B 48ms
48ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A389 284 B
921 B 196ms
45ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3742 284 B
934 B 181ms
46ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AA4A 284 B
921 B 164ms
46ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FC7B 284 B
921 B 161ms
46ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 650E 108 KB
11 KB 33ms
31ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:06:16 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 8039
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 18:06:16 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 310F 17 B
160 B 919ms
224ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:20:16 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame C94C 17 B
159 B 918ms
225ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:20:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C86D 492 B
264 B 95ms
94ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1937375023754647&correlator=4003544437742844&eid=31076398%2C31076474%2C31077254&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822015798&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m8bc7xunlqtb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2026273828.1692822016&ga_sid=1692822016&ga_hid=1951796104&ga_fc=false&dlt=1692822014870&idt=879&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d9f84a3c7f61533317a7802d7de8bb3b93e6fde63e21de43f158057c4f7945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B60 6 KB
3 KB 192ms
66ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:15 GMT
expires: Thu, 22 Aug 2024 20:20:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EFC1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=w8Z-zV9tOTFhVHBSOWdNT0tQSWcwbllNMGFZT2VDbnROem5vaHJBSlVLJTJCNTdSWktjWkhJMWxKdFZWWFF0...
https://mug.criteo.com/sid?cpp=Bp9EOXw1bXhIQXhObVZrTzc5RDJHZGpLUm0rVUFGQS9ob1o3aFhpQlA0bEw1d0s5SEkzZnJXNEhTbHZFVjlZY3RzRG0xb1NYbFVOQTQrWlcxcDhRMGdGQlRTb2NPOXJKbDYyYmdveUQ5blFiTkZISFJJOWdBTnNCWk1BOC...

420 B
651 B

53ms
53ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Bp9EOXw1bXhIQXhObVZrTzc5RDJHZGpLUm0rVUFGQS9ob1o3aFhpQlA0bEw1d0s5SEkzZnJXNEhTbHZFVjlZY3RzRG0xb1NYbFVOQTQrWlcxcDhRMGdGQlRTb2NPOXJKbDYyYmdveUQ5blFiTkZISFJJOWdBTnNCWk1BOCt0OTFYNlhENjJXNkdiV1RNYlR0MHdlS2QyMVN1Z3g0V0FNV3lLdStDVXJHZldWMUovOUF5VUcvQ0liRzNqb2VpbW5ZeEdrZDNtNHdia0twNDlIMm9XWlRDWGxTUFFnTXpTS2QxK3gxRUtlK2J6eHp1RFlwM2JMeDQ5QlNqWk1tczZwazdOY0VrTW95L245UytQcm5Dd1NNRTliNjlXdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

599cc8e517d110de9474cccef29d042743d300b377408318b5dd1d10517f988b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1217677
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Bp9EOXw1bXhIQXhObVZrTzc5RDJHZGpLUm0rVUFGQS9ob1o3aFhpQlA0bEw1d0s5SEkzZnJXNEhTbHZFVjlZY3RzRG0xb1NYbFVOQTQrWlcxcDhRMGdGQlRTb2NPOXJKbDYyYmdveUQ5blFiTkZISFJJOWdBTnNCWk1BOCt0OTFYNlhENjJXNkdiV1RNYlR0MHdlS2QyMVN1Z3g0V0FNV3lLdStDVXJHZldWMUovOUF5VUcvQ0liRzNqb2VpbW5ZeEdrZDNtNHdia0twNDlIMm9XWlRDWGxTUFFnTXpTS2QxK3gxRUtlK2J6eHp1RFlwM2JMeDQ5QlNqWk1tczZwazdOY0VrTW95L245UytQcm5Dd1NNRTliNjlXdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 249427
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7E21 492 B
260 B 93ms
91ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=766684576069143&correlator=3673256731168625&eid=31077253&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822015866&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=uj3k3f1ovawg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1054472827.1692822016&ga_sid=1692822016&ga_hid=345485334&ga_fc=false&dlt=1692822014910&idt=934&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7840a63d709f5e598f3df937ea1500209271f88ad907611c3a873353256b3d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7524 6 KB
3 KB 599ms
59ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Thu, 22 Aug 2024 20:20:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F1AF 492 B
262 B 93ms
93ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220634640647421&correlator=1685161308547099&eid=31077255%2C31077257%2C31077231%2C21065724&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822015918&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6fj3xg4wdpa7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=154014921.1692822016&ga_sid=1692822016&ga_hid=1129908218&ga_fc=false&dlt=1692822014975&idt=920&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c9fb8b642aa27b99c137435e733b258090e0df1ba62b01b21fb1c703d5cdbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39C9 6 KB
3 KB 91ms
64ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:15 GMT
expires: Thu, 22 Aug 2024 20:20:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0E75 492 B
263 B 91ms
90ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=967994951098995&correlator=3859865355970487&eid=31077258%2C21065724&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822015960&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=f7x90vt122eb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=661256740.1692822016&ga_sid=1692822016&ga_hid=1922988599&ga_fc=false&dlt=1692822014993&idt=946&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7561a3f742de0c6feb99819c53bd1cf0f0d11ac11f025e956430fec296bd6613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C68 6 KB
3 KB 85ms
63ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Thu, 22 Aug 2024 20:20:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 889D 6 KB
3 KB 290ms
56ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e669ffe848dac1af5210eb10a85b12&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

55308e59e049fec4f7f86c526cce8f69d63074b7303710869b72ff74dfe272bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2421218
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3533 12 KB
6 KB 47ms
46ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:20:16 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 3533 0
128 B 424ms
44ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=IDUr4UW_hiVVPlHQQCfBtVSG7-5rVrkcAN5Qykusgdrbc49QCcp5zvPYIf9cmCdY1DA1pKlMpODNWBnmSh5qR93RqF7WF71Vkfl1RPEYz3V8mDBEjhtbqvQVl2OvgeQsXoMMvM01NKMG_wrcwxUyN-3HNvbJVaN7CfkzJjv2cNgNgreCOvM2LFxjfzrmOUY712Yioj_3C7HQzA-gfzt68ue_1ibEMX5dApXiH3mSM6PfhNG1Hu2Zj_biFVw&sds=2&rev=88100&sendBeacon=true

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3533 2 KB
1 KB 87ms
53ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3533 2 KB
1 KB 84ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3533 308 B
636 B 85ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3533 293 B
621 B 82ms
48ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 3533 43 B
347 B 87ms
54ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=5NLsEVYpFMwgNdPev5Gpiwt1glp80-vLQHc9etnpAC00XaV7MZGb1W1I2P9NeQ_w8rcn9D-qUYYLH3VV9szNZrD4YlEkVDfKDB3D820qz-fxovLrhrbaiwg_1295NI6QwJY2KTOis7JuglWyTSYKl1Kzxl1d9u08t51XhjCge7IjDFttNTZ7LCutzbhrNCVHj6awjpPWO8AJbHXm90ia9C1sZhRc0WyyKip67V_GSRtI_30OUt-kFzIk_hFxxLKEtXvqALkn56ojNIKLPQnlTFo3d3L22Q66KRKRqcIeWrzqvszZCmy5lSEL1JWjtHEBRQTSNsDh0PdNVhyX_HxhOvCwqSsGqY7GxCU95mjiqpzHXTso_ZxYdRDhSg2GOK1XNQrAcMA2oZSSeoesoazr2QB6vQ72oVUUa4ylQdtVJoSVNwWGwcrTBkBGYKBNMM8C9uNj5CrDSbPiLbP13SKhq5dd2kA

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2531692
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3533 2 KB
1 KB 78ms
45ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3533 2 KB
1 KB 81ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:20:16 GMT

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame A389
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLO6IR1O-3-L85N
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6IR1O-3-L85N

35 B
266 B

150ms
57ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6IR1O-3-L85N
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:16 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6IR1O-3-L85N
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 650E 17 B
159 B 454ms
227ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:20:16 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A389
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6IR1O-3-L85N

0
142 B

70ms
69ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6IR1O-3-L85N
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7606FB7FB54C473EAF230A631AC47AB8 Ref B: CHGEDGE1206 Ref C: 2023-08-23T20:20:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDnNb0EFX8SWwrhRze7g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6IR1O-3-L85N
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A389
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/3it8M3PmGFPFUVWOwBRw1w?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-TtKi2EFE2oKYIp0gVSRb80kZ92Is6WRuS3VF7A--~A

42 B
678 B

67ms
47ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-TtKi2EFE2oKYIp0gVSRb80kZ92Is6WRuS3VF7A--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 23 Aug 2023 20:20:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-TtKi2EFE2oKYIp0gVSRb80kZ92Is6WRuS3VF7A--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A389
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

76ms
47ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&gdpr=0&gdpr_consent=&expires=30
date: Wed, 23 Aug 2023 20:20:16 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A389
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6MtXcxWKQhGqXEvB5g3Qug&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6MtXcxWKQhGqXEvB5g3Qug

43 B
479 B

155ms
153ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6MtXcxWKQhGqXEvB5g3Qug

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YXCMNQXEVMGTG5WA9CDT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6MtXcxWKQhGqXEvB5g3Qug
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A389
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPNklSMU8tMy1MODVO
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEyXRX0dr47TnkYJL9mF3mc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNklSMU8tMy1MODVO&google_push=

170 B
188 B

65ms
62ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNklSMU8tMy1MODVO&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNklSMU8tMy1MODVO&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A389
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4BiKppplrYrMYzOp5kRI0&google_cver=1

42 B
678 B

187ms
46ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4BiKppplrYrMYzOp5kRI0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI4BiKppplrYrMYzOp5kRI0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A389
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IdcncClSS3O15BkjLgAJPw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IdcncClSS3O15BkjLgAJPw

43 B
479 B

62ms
61ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IdcncClSS3O15BkjLgAJPw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7AEQBNA3ZSB1CH971KN3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IdcncClSS3O15BkjLgAJPw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A389
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMxNDA5MWI0ODIxNGU5MGI0OTFmYTFjYjEwNDMwZjhlZTYzNzZkMQ

170 B
188 B

74ms
73ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMxNDA5MWI0ODIxNGU5MGI0OTFmYTFjYjEwNDMwZjhlZTYzNzZkMQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmMxNDA5MWI0ODIxNGU5MGI0OTFmYTFjYjEwNDMwZjhlZTYzNzZkMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C86D 15 KB
11 KB 86ms
85ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb4b25905cb60fdeb638d1caa5734e8cb13e626c2bed76f730c1b6a7b44e428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11681
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F1AF 15 KB
11 KB 81ms
80ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

059b76d8d9f534b4f615f0d9fdf961f6163196868d5e3a647f475b393a757297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11697
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E75 15 KB
11 KB 92ms
92ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99fe426a3c5e082daf8fc9cc9b66037f855de131bae17dc901324bc97f372ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7E21 15 KB
11 KB 74ms
70ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc889eb338a1c1924f600d6125b664d5bced06be542605715f1460261821a78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11750
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C86D 17 KB
6 KB 79ms
77ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:20:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F1AF 17 KB
6 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:20:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E75 17 KB
6 KB 79ms
77ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:20:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E21 17 KB
6 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:20:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4087 13 KB
5 KB 53ms
52ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 439B 829 B
556 B 66ms
65ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13ed38ad1518c0af17b5cb3e35bb3bc701c84fe5ab42476ce6d524a19471e4ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DeupLihs-8ix2O8X1EO1OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-DeupLihs-8ix2O8X1EO1OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Wed, 23 Aug 2023 20:20:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 310F 6 KB
5 KB 276ms
245ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a30be55fea4e00d0c8fa788fead233e68228b1fa0e7e72a9bd42dfa62a3c89e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E40 13 KB
5 KB 50ms
45ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 79DA 829 B
559 B 74ms
71ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f941610115375a50f1b14a1e449e0bdd6c1acf60f3c0d0bb80ccda2a22a8411

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QZ3v0s6YihoJ9k8JHiZEjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-QZ3v0s6YihoJ9k8JHiZEjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Wed, 23 Aug 2023 20:20:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame C94C 6 KB
4 KB 261ms
243ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ba9cfae7f416a5fe24f84dabb8b0a9ac003c5f3c5ce45eb985af35eb2ae821c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 650E 6 KB
4 KB 261ms
244ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: bdb72c1b0c379fca288dda27a63f6429a3dd09095ed8dc568fea5e72c70a1c65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06E8 13 KB
5 KB 60ms
51ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D961 829 B
559 B 82ms
74ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35a2dc2f099cc3655956fcf6d089490459ad85e5893beb9279a128f6d04eae74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FHaG7kZf3GCC80RGi3LONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-FHaG7kZf3GCC80RGi3LONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Wed, 23 Aug 2023 20:20:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B565 13 KB
5 KB 55ms
53ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8CB 829 B
559 B 81ms
65ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

523dc82136787d8e229972771469277d21182ffb2d804d3d0907cf9d85495870

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aZ5Heog7vFbmZRoGF4xgDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-aZ5Heog7vFbmZRoGF4xgDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:20:16 GMT
expires: Wed, 23 Aug 2023 20:20:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 87D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_cm&google_hm=ay1HQlR5ZXNPejh3U1g2VllCZi1GNkVNRkNsUzM1c2V4U...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_gid=CAESEG6o3yaoUjtM8f9_Ws5yjPU&google_cver=1&google_ula=913071,0

43 B
370 B

165ms
48ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_gid=CAESEG6o3yaoUjtM8f9_Ws5yjPU&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 669380
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&google_gid=CAESEG6o3yaoUjtM8f9_Ws5yjPU&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 87D7 43 B
235 B 75ms
66ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Yt2tScOz8wSX6VYBf-F6EMFClS2IyD7kQAjK5Q&expires=30
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 87D7
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3568480235601892336

43 B
370 B

50ms
49ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3568480235601892336

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1765277
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:17 GMT
an-x-request-uuid: 2202c1c5-dcfc-4a38-aed1-aa18241533d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3568480235601892336
x-proxy-origin: 104.237.193.28; 104.237.193.28; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 87D7
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ

43 B
905 B

178ms
177ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ

Protocol

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:17 GMT
an-x-request-uuid: e5a73d30-afdb-4d58-8710-969e544f9ea5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
an-x-request-uuid: 4b314a01-bf6d-4f58-8763-e635c6256022
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmYhWsOz8wSX6VYBf-F6EMFClS2oEVRPETnwQQ
cache-control: no-store, no-cache, private
x-proxy-origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 87D7
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&custom=&tag_format=img&tag_action=sync&custom=&cb=80416d15-a68e-4774-87ae-a57cfda...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-GBTyesOz8wSX6VYBf-F6EMFClS35sexPRItrjA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=80416d15-a68e-477...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3568480235601892336&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=79747370-41f2-11ee-9125-d51d25a5abd9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=79747370-41f2-11ee-9125-d51d25a5abd9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=c4539eb0ce1c8bc6fb27585e737babe0&tag_format=img&tag_action=sync&cb=390899826
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a2c487c4-f49b-48b0-bef4-33169bd9fe2a&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=79747370-41f2-11ee-9125-d51d25a5abd9&cb=1692822017931&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=664034b0-dd98-4b6d-b21e-77d32fcaea78&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822017931

0
411 B

53ms
52ms

Image
text/plain

35.173.111.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=664034b0-dd98-4b6d-b21e-77d32fcaea78&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822017931
Protocol: H2
Server: 35.173.111.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-111-127.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 23 Aug 2023 20:20:18 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx/1.22.0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:18 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=664034b0-dd98-4b6d-b21e-77d32fcaea78&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822017931
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Wed, 23 Aug 2023 20:20:17 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 87D7 61 B
792 B 223ms
87ms Image
image/gif 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-n-tnR8Oz8wSX6VYBf-F6EMFClS2S2lbpXKtKrA

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-163-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:20:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 23 Aug 2023 20:20:17 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 87D7 42 B
678 B 54ms
45ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-wm11DcOz8wSX6VYBf-F6EMFClS3WFPR4dBiDvg&expires=30
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 87D7 68 B
280 B 195ms
48ms Image
image/png 54.158.1.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-GeoGFMOz8wSX6VYBf-F6EMFClS1xxqxMPbmKKQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.1.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-1-177.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 87D7 43 B
688 B 186ms
51ms Image
image/gif 23.105.14.106
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NXANlMOz8wSX6VYBf-F6EMFClS0JdGtZoPcorA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.14.106 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: 23.105.14.106.rdns.racklot.com
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 87D7 0
231 B 241ms
48ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Qz0EIsOz8wSX6VYBf-F6EMFClS3bb9OJkNmjiA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 48904

GET
H2 200 um
criteo-sync.teads.tv/ Frame 87D7 23 B
163 B 88ms
59ms Image
image/gif 23.52.160.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-9OcA-8Oz8wSX6VYBf-F6EMFClS36PjJx3vG7Rg
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 23 Aug 2023 20:20:16 GMT
pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 87D7
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

54ms
53ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:20:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-SLwzaMOz8wSX6VYBf-F6EMFClS0wUY2-4PT8bw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 87D7 0
397 B 192ms
51ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hwXPkcOz8wSX6VYBf-F6EMFClS317STn2hYCCQ

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 87D7 43 B
870 B 746ms
184ms Image
image/gif 124.146.215.50
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-WABty8Oz8wSX6VYBf-F6EMFClS0Xq67YcIpsKQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.50 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Wed, 23 Aug 2023 20:20:17 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-WABty8Oz8wSX6VYBf-F6EMFClS0Xq67YcIpsKQ","cluster_id":0,"gdpr":false,"ipv4":"104.237.193.28","key":"ZOZqAcCo8YEAAOitmQoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40141"}
X-SO-Key: ZOZqAcCo8YEAAOitmQoAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40141
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40141.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-IP: 104.237.193.28

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 87D7 49 B
342 B 480ms
54ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qC2L0sOz8wSX6VYBf-F6EMFClS2FkDOuozEHhg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:17 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 87D7
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0HVbTpr_GhHD_543TSxNadLRsLgQu9T-

62 B
549 B

320ms
163ms

Image
image/gif

104.107.25.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0HVbTpr_GhHD_543TSxNadLRsLgQu9T-
Protocol: H2
Server: 104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-107-25-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 23 Aug 2023 20:20:17 GMT
content-length: 62
bk-server: 8f87
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0HVbTpr_GhHD_543TSxNadLRsLgQu9T-
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1453331
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 87D7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q&C=1

43 B
764 B

47ms
47ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-78W3ZMOz8wSX6VYBf-F6EMFClS23FuC6F5bL9Q&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 87D7 43 B
615 B 489ms
59ms Image
image/gif 63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Gb8N6cOz8wSX6VYBf-F6EMFClS3WFyvmefcEVg
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:20:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1692822017466071-1158

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 87D7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew

43 B
446 B

54ms
53ms

Image
image/gif

52.207.129.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew
Protocol: H2
Server: 52.207.129.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-129-225.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:20:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-csw_lcOz8wSX6VYBf-F6EMFClS2Fdp4gcMM2Ew
access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:20:17 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 87D7 42 B
265 B 191ms
119ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-XxuVJsOz8wSX6VYBf-F6EMFClS2Bol2aOPsaYw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:16 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 87D7
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ&_li_chk=true&previous_uuid=049680d4ba714666832acf82527527e6
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ

43 B
548 B

226ms
50ms

Image
image/gif

2600:1f18:ed:550a:ae19:cc5b:1b2b:71e3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:ae19:cc5b:1b2b:71e3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-os7tK8Oz8wSX6VYBf-F6EMFClS0d9ZW7X6DxwQ
Date: Wed, 23 Aug 2023 20:20:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 87D7 0
968 B 321ms
50ms Image
text/html 35.174.68.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-K5A4u8Oz8wSX6VYBf-F6EMFClS0UyAxcx3TUJw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.68.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-68-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 87D7 42 B
688 B 285ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-Qa-kJ8Oz8wSX6VYBf-F6EMFClS283sbhEwXWnw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:16 GMT
last-modified: Tue, 06 Jun 2023 17:34:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4EE38398CAD0401981DCA00276F6CD9A Ref B: CHGEDGE1910 Ref C: 2023-08-23T20:20:17Z
etag: "4729cb259d98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 87D7 43 B
539 B 248ms
56ms Image
image/gif 54.237.181.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-Gqu6pMOz8wSX6VYBf-F6EMFClS21Dr9udc5LJw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.181.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-181-95.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:17 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 87D7 0
287 B 250ms
55ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XtAOE8Oz8wSX6VYBf-F6EMFClS2aTZkXbtij3Q&initiator=partner
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:20:17 GMT
Cache-Control: no-cache
X-TraceId: c471d88adeb2e55dd5cd4cabf25a80bd
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 87D7 42 B
584 B 170ms
45ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mHyWfcOz8wSX6VYBf-F6EMFClS3Jf7ION20NQA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 23 Aug 2023 20:20:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 87D7 0
0 214ms
56ms Image
application/json 100.25.87.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-YYYp8cOz8wSX6VYBf-F6EMFClS3cBFG78-Bl7g
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.87.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-87-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame 87D7
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w&cookieCheck=1

0
556 B

88ms
86ms

Image
text/plain

2600:9000:2511:5000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w&cookieCheck=1
Protocol: H2
Server: 2600:9000:2511:5000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: 7iYS5BYPykevvC1cZV5_MUPjeHO7h-YuanEp46L7cKvdLKJN0HvDbg==

Redirect headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vsWZdcOz8wSX6VYBf-F6EMFClS0zAxepOMw4_w&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JJlkPtevjAvZSXAtb73nXA45ZWADylNqvjjiJQrrHJs4qC3VOi3YXA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 439B 0
0 106ms
105ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1937375023754647&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 79DA 0
0 117ms
115ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1220634640647421&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4087 37 KB
14 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D961 0
0 113ms
111ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=967994951098995&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E40 37 KB
14 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8CB 0
0 108ms
107ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=766684576069143&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 06E8 37 KB
14 KB 52ms
52ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame B565 37 KB
14 KB 58ms
58ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 0114 70 KB
5 KB 120ms
39ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1264376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaQCegVtxxwbcAlxGs5%2B8%2B0wvEEoCf%2B8DUaFaR9ly7gEXgSGYsdMqbySJspo15%2FpSyWDc4OTmDNmWDbzPlT%2FRavLlMs%2FWnwyhmEyGYhse4FVZs5hJ1EmGF2QMWYQYfaQhGC6zS%2FqyXiGAlTVQqPJmBOw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60e26bb48233a-ORD
expires: Mon, 12 Aug 2024 20:20:17 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 0114 7 KB
3 KB 38ms
32ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:02:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:32 GMT
server: nginx/1.12.1 (Ubuntu)
age: 29875
etag: W/"64c8884c-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 12:02:22 GMT

GET
H2 200 aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xNTE1My9uYXJyb3cvNTAwMTRfMWNfMjAyMzA1MDgxNDM1NDFfODIucG5n.jpg
img.feebee.tw/i/28B83VlLYbW3IY25ZyjFlxnnNiPitiAE1oglLSMPIRM/372/ Frame 0114 6 KB
6 KB 465ms
353ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/28B83VlLYbW3IY25ZyjFlxnnNiPitiAE1oglLSMPIRM/372/aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xNTE1My9uYXJyb3cvNTAwMTRfMWNfMjAyMzA1MDgxNDM1NDFfODIucG5n.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 8203fc7c813d94d252c5f599d4b7c3270cb66370bb85e4e49df8035da7d5bc2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="50014_1c_20230508143541_82.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6340
x-request-id: ozXScrW461PFzFck2GWbk

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS8wZTMvMmJlLzIyZmIvMDM5My85MGZkLzY2NmQvNDRmZC8xMTRlZTlhOWJkMDI0MmFjMTEwMDAzLmpwZw.jpg
img.feebee.tw/i/abkDTzhdbYigNtoX-uS8Fsc18j3nkGEF8bRtjCmqU9o/372/ Frame 0114 18 KB
18 KB 491ms
378ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/abkDTzhdbYigNtoX-uS8Fsc18j3nkGEF8bRtjCmqU9o/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS8wZTMvMmJlLzIyZmIvMDM5My85MGZkLzY2NmQvNDRmZC8xMTRlZTlhOWJkMDI0MmFjMTEwMDAzLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 0889915bc5dc8cf5134756ad0327e00083eb5350d8009be80218d994fb10fb0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="114ee9a9bd0242ac110003.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-request-id: 9KvEVRPcAWJfbM5ovXlbJ

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC12eTRkYmwxaWdlanYwOA.jpg
img.feebee.tw/i/vgH50L9d6ZimXsog2DVjExXWjXSdUBVTMwxMhpKMF5Y/372/ Frame 0114 14 KB
14 KB 497ms
385ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/vgH50L9d6ZimXsog2DVjExXWjXSdUBVTMwxMhpKMF5Y/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC12eTRkYmwxaWdlanYwOA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 96ccb39e05cad920da3efbf7fc39bddea0fc8f56c1780635e33ae05af624abf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="sg-11134201-22110-vy4dbl1igejv08.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14019
x-request-id: uEzykOdP6sGq6JtN-a5Ip

GET
H2 200 IzMngrkKbDSIILHqcfQ37ALDghljlbFYPxTm5RccRdtg-8jtKQQfcdW9ieUCaEXIp0uD8fXy-5zvqF5z_Mg3pfwdEJxgBmcpQBHXYcdV4lZpLlaqHa9lyCrkb7lMHQcBhG0ua5m_AKvxv37kmLdDvsfYQGEzBhEXKHbTFd1VFNRmdB8JqWsPPpdr8I2AMj710-LY4...
fsa-api.feebee.tw/maji/v2/view/ Frame C94C 842 B
922 B 305ms
228ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMngrkKbDSIILHqcfQ37ALDghljlbFYPxTm5RccRdtg-8jtKQQfcdW9ieUCaEXIp0uD8fXy-5zvqF5z_Mg3pfwdEJxgBmcpQBHXYcdV4lZpLlaqHa9lyCrkb7lMHQcBhG0ua5m_AKvxv37kmLdDvsfYQGEzBhEXKHbTFd1VFNRmdB8JqWsPPpdr8I2AMj710-LY4z4illrU6Zz_IJvctRqSFWSNs__PcEW7pxReYDONVPUKb_9jqYlxBmAoypuZJx5yjLsjawfJAv3hwB9j4KmveidewVVA63iLCWWmISqRnj0S-6tkWUJMZOcU9AEr2yV9-yxI6Pbp0U4chUXsOfK2g.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame DC38 70 KB
4 KB 99ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1264376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4J0v%2BmvoXSzLWsqqO4pLYNHdmahSUEUETMbpO8npAEDb2ObDkBFqIvVQ%2Fw2xxJ2P%2F%2F7kM02mhTR6yGUVjmKmzC895jL81mKj0az4HEz1rZxiO3UtcpeOKy12l42BRUJbB63i9exii5xLfVaYo8yMxyH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60e26bb4a233a-ORD
expires: Mon, 12 Aug 2024 20:20:17 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame DC38 7 KB
3 KB 51ms
36ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:02:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:32 GMT
server: nginx/1.12.1 (Ubuntu)
age: 29875
etag: W/"64c8884c-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 12:02:22 GMT

GET
H2 200 aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xOTM0OC9uYXJyb3cvNTMyNjdfZGVfMjAyMzA2MjkwOTM3MjVfZGEucG5n.jpg
img.feebee.tw/i/tV7qYyD8-JFf4st1l90QpVRPTOAl5Cxpli7SGdrakV4/372/ Frame DC38 10 KB
10 KB 450ms
361ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/tV7qYyD8-JFf4st1l90QpVRPTOAl5Cxpli7SGdrakV4/372/aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xOTM0OC9uYXJyb3cvNTMyNjdfZGVfMjAyMzA2MjkwOTM3MjVfZGEucG5n.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 46d2be441abfc2cf869ab94160fa27c540ae8243b2c48726644fbd758de7f892

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="53267_de_20230629093725_da.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10035
x-request-id: _Ut_FvmdeBc1uTvW8_YFg

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9lMDcvYjJlLzgyODUvOGE2MC9hMGIwLzI4MTMvMjA3OS8xMTNiZWNhOWFhMDI0MmFjMTEwMDAyLmpwZw.jpg
img.feebee.tw/i/vvMyTIsz25dztqyeMK6gAm1Pj2Fe78CP8tlU209uR9w/372/ Frame DC38 22 KB
22 KB 342ms
254ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/vvMyTIsz25dztqyeMK6gAm1Pj2Fe78CP8tlU209uR9w/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9lMDcvYjJlLzgyODUvOGE2MC9hMGIwLzI4MTMvMjA3OS8xMTNiZWNhOWFhMDI0MmFjMTEwMDAyLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 63e3756cda0d1fd737baa182555b0c7770368713201eddbb843e08ed3391f1dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="113beca9aa0242ac110002.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22631
x-request-id: lp8MbHbm98BIS2bRcjXiF

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9mNjE3OWM1OGY3YTg3NGNhNGY1NGVhYjA3ODlkNWMzOQ.jpg
img.feebee.tw/i/F-eNr4IxeRO1GwS-gDbky1hmDDr5isf8X5V_jH0U1Y0/372/ Frame DC38 13 KB
13 KB 677ms
589ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/F-eNr4IxeRO1GwS-gDbky1hmDDr5isf8X5V_jH0U1Y0/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9mNjE3OWM1OGY3YTg3NGNhNGY1NGVhYjA3ODlkNWMzOQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: ae8ec0cb8492d6a32655a51410cf1860f9ef6001a5119d5d31eecbf7bec72887

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="f6179c58f7a874ca4f54eab0789d5c39.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13007
x-request-id: 8qfa3bjP2nlrtkovtEiyd

GET
H2 200 IzMwudDYhE2w92IIIJALutuWhYjuY_o08_puDAAW-iYqfF-LZaOIhrAb5QsCTXfr5hxZvENF2eDOk8F8ATlXfLkKJJ565gyAQy-WJEpNejcGgLZl5lpUT8ovyzJ2cy-37YeD11wnufw8ZtuPUtRfrWGIGzkHooNofRR3GYoWHDJXKJu45NDYmrOv4Po6b9WbWzddH...
fsa-api.feebee.tw/maji/v2/view/ Frame 650E 842 B
922 B 282ms
229ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMwudDYhE2w92IIIJALutuWhYjuY_o08_puDAAW-iYqfF-LZaOIhrAb5QsCTXfr5hxZvENF2eDOk8F8ATlXfLkKJJ565gyAQy-WJEpNejcGgLZl5lpUT8ovyzJ2cy-37YeD11wnufw8ZtuPUtRfrWGIGzkHooNofRR3GYoWHDJXKJu45NDYmrOv4Po6b9WbWzddHZyDh0uhE0dfxxyBS8_fUyfjdFdih9PBqsM-Cs6Ss6n4t7Phmcq_NbmyKoDVvDUdTKkIcfwsOFxvXFwIlMipa3TMld72CuvCQr-QFg9XN-XCx1gPsBLtGQTQ5NFA_E3oim3s9pPBxgpsM9b5yuUmw.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 049D 70 KB
4 KB 44ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1264376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUTHvHTyyMOJoos3IuB7dVun4HoAwgYZj1xIxZcD%2Bxc0I8yrkgEql6zR%2FNWDFC49zAhjhuUOyFAB7ejX83oL5F0PJk%2BGABRu93aplTK6r1rSVtMarr94XpzDYn9ejhYtnFOlRbcWpluenhNdUXfVd5D6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60e285d5c233a-ORD
expires: Mon, 12 Aug 2024 20:20:17 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 049D 7 KB
3 KB 44ms
34ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:02:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:32 GMT
server: nginx/1.12.1 (Ubuntu)
age: 29875
etag: W/"64c8884c-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 12:02:22 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC12ZWM0c2Z2b2Jia3ZmMA.jpg
img.feebee.tw/i/qgB4Y7ox54AjS7vg-MewZL5IT9K9NNmmyUbjR4lP34Q/372/ Frame 049D 19 KB
19 KB 364ms
349ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/qgB4Y7ox54AjS7vg-MewZL5IT9K9NNmmyUbjR4lP34Q/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC12ZWM0c2Z2b2Jia3ZmMA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 779d3e9da09a1428d3498b0d12b362ee5a6ec72a2faf29b64c3040cccc445828

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="sg-11134201-22110-vec4sfvobbkvf0.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19097
x-request-id: PmdV_jO56Olxsv-brtim_

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS80M2YvMzYxLzNmMzUvOTkxMy83MTBiL2NlNWQvMDU0My8xMWMwZTg5ZTQ3YTgxZTg0ZDAzOGEwLmpwZw.jpg
img.feebee.tw/i/PkJiJdV7Gbq7zlo0aAPj_XInWAgr9BNbbHiClZGsJIo/372/ Frame 049D 11 KB
11 KB 425ms
415ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/PkJiJdV7Gbq7zlo0aAPj_XInWAgr9BNbbHiClZGsJIo/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS80M2YvMzYxLzNmMzUvOTkxMy83MTBiL2NlNWQvMDU0My8xMWMwZTg5ZTQ3YTgxZTg0ZDAzOGEwLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 0d663e1a37acb9ed1a0f4451256f26f7d2d9426cabf91bff4c6ca8246cca405e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="11c0e89e47a81e84d038a0.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11041
x-request-id: MyY3d5KiNNwOvcNVJapTz

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwMS0yMzAzMC1rN2wxejc0OGtib3Y1Yw.jpg
img.feebee.tw/i/cI-mkHwStu9TbcDAzhv5pD0cQ6wd_CcCy8gkiBfywZc/372/ Frame 049D 10 KB
11 KB 378ms
369ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/cI-mkHwStu9TbcDAzhv5pD0cQ6wd_CcCy8gkiBfywZc/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwMS0yMzAzMC1rN2wxejc0OGtib3Y1Yw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 66b5d7f2d13f732f84dca41f56815e29a1fa6f8d25abba2deb9d6bd8c656c343

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="tw-11134201-23030-k7l1z748kbov5c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10624
x-request-id: 7iconkiJX2a2KC5PUFgWj

GET
H2 200 IzMqiro1EFR-SeGXVBbwVWRBXtMqnaXw0hgV2N6lqQjtydNPtIp4VE39VhsAND5SvsP8xJ0rP1h1ACy8HsRbLBl73wUMK5WrQNIGO8VtRaKxCOSqdjY52rABtSlcFQw5nmy6FeWlB33aXGdpzRrE4Hwpx5hFKGEXNGxsqG2XEA7E9Ad9dXLBOSoSxbhDC46E8OpSq...
fsa-api.feebee.tw/maji/v2/view/ Frame 310F 842 B
922 B 234ms
225ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMqiro1EFR-SeGXVBbwVWRBXtMqnaXw0hgV2N6lqQjtydNPtIp4VE39VhsAND5SvsP8xJ0rP1h1ACy8HsRbLBl73wUMK5WrQNIGO8VtRaKxCOSqdjY52rABtSlcFQw5nmy6FeWlB33aXGdpzRrE4Hwpx5hFKGEXNGxsqG2XEA7E9Ad9dXLBOSoSxbhDC46E8OpSqbZXFdjq76DskZGIGbNMJN9uvG7Jx8c-8j6UVzZF3HHxPmJrzvtc7htfIK7_LHx6o-5ll70Io66uOcx-seADJJvAL4DNZQBWEJnwR5XLoQl31DmWVZMX3j-rawEWptU.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 87D7
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh

42 B
940 B

58ms
57ms

Image
image/gif

52.73.38.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh

Protocol

HTTP/1.1

Server

52.73.38.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-38-232.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-044b855ed.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JsFmW6bNQng=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v049-0273b4722.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: r6ywHZdeTc4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Xl2QKushylrK-r0UWNsPmrPgj4BUXNNh
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4087 0
10 B 46ms
45ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KvTqAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B565 0
10 B 47ms
46ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wM5bkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E40 0
10 B 48ms
48ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C4sCAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 06E8 0
10 B 49ms
46ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b3Qlnw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 87D7
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=0b-l557whOMkzQpmwvsXUpFL5yvmskSP

43 B
656 B

179ms
58ms

Image
image/gif

108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=0b-l557whOMkzQpmwvsXUpFL5yvmskSP
Protocol: H2
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:20:18 GMT
via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: _7uo7hJXbMwKyN_cUHqxPVyI6kKVF7pzxGGfyHKFXRXnV7qXRGB-9g==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=0b-l557whOMkzQpmwvsXUpFL5yvmskSP
date: Wed, 23 Aug 2023 20:20:17 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 799529
content-length: 0

GET
H2 200 IzM_KE5Da494d5ODvHVNxWU7z4KT4WhMgtF501QZDc6OHvN8Y3CDDhO6dRjMfXYlRwzPjz7KMAePL0BYspVrA4MDwLyrwh2iCMcEUgb9pxMG8WEGArsW6GmGjg6TfftapKeM4zKGnkgGkVKASH6Eo9TYtDjGSXXpHGnakTpFQfAK_07zLuIpx4A3uUNl9j1O1d3Gl...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 0114 842 B
922 B 247ms
243ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzM_KE5Da494d5ODvHVNxWU7z4KT4WhMgtF501QZDc6OHvN8Y3CDDhO6dRjMfXYlRwzPjz7KMAePL0BYspVrA4MDwLyrwh2iCMcEUgb9pxMG8WEGArsW6GmGjg6TfftapKeM4zKGnkgGkVKASH6Eo9TYtDjGSXXpHGnakTpFQfAK_07zLuIpx4A3uUNl9j1O1d3GlUHAkpoKbpk77eGswFj2XIaz3gb_0W6PjoyXvTmo8tqwnuUy5-Nz3spDrddxNy8l2vvcVS43l97rL5vcLj6f3ebhzF6tR3Bxc8odmbpn1bykHTTO3tFTSpHKsgA8YdxgCAwQLGR50xb_QtM9-X4BS2DgyyX-xwdnNGhtC67Qdv9cG4a1yI945HVFlw0OpdAz-aW5uG41O0Ntg8yQNDQVIi9pmBJidL1R_tq0WrMt9xIFab210AMJkE-HRmtYClA9dNH-vf0MOMHLguRt2OAqg.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:18 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 IzMsGh7YSsSVHBP_fjLb_WWOlD8Gflp7Lvf7fpoNRf22nH5BbLIS3NzhEWU1S4iuLOldKJfBXvY99BAZHa5ylM3hYjxqY6xCPIu1Tj6rwGjlIblQgQSmsa_iBDmjcyaNSG9oTFbW8uoRMT6JVmv8G8aUUh3WREkxDEJ1XpI3dwBFER3EZmMcjoKQKdhQgofhbkggY...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 0114 842 B
922 B 243ms
241ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzMsGh7YSsSVHBP_fjLb_WWOlD8Gflp7Lvf7fpoNRf22nH5BbLIS3NzhEWU1S4iuLOldKJfBXvY99BAZHa5ylM3hYjxqY6xCPIu1Tj6rwGjlIblQgQSmsa_iBDmjcyaNSG9oTFbW8uoRMT6JVmv8G8aUUh3WREkxDEJ1XpI3dwBFER3EZmMcjoKQKdhQgofhbkggYwqFp52GHVeICjseaoM-CMqGbhItllfEHXIJIHupayEnNoPh6fOOXbTtAgv1Zqy9FZlfhe7R1bYp_dBoWrPFVMU8s7UB6OVKfF2sWn10zcN-e6IQl0PcFGrqeMc2t58NW24oe4UdRzvXq-LLyFoGeMIdYHNnvfKMNhQYKpky95pXY1ztW5gnPpXqivdxVcKIzjNv4q-NdnL2ylHDSdPz3Mu6z8g4BimvZ9-0mHaPm9HGsR4eVqFmwVTlLnY7BhPTw--_jWd2WFoYb6BuInaXY3IjjbhIjNewqmzzi-MlH8JuhTkWEpogT1_T6XXq7R0uOiEFJUB1SephN-HZ2I57-4O8PJ59IQ4PM4hEOzXNlsFxGB5O2Wm6e52RMYTF4Oj3Pn9wS3T8Tz9SY-GlQIbbiRu07RHIryXER6Q5jb33NQK3SWRJC9i3RD_QglX9bB0RHwohbGK0QHeyMgiVtCRunmCetm2EywS7gO0kahEcnyHirkSr_BvLNvgMGn_tP4gKsUjoNnsKusN_ZcH2K-7sjI2bbzrSymjs2f26aNVxOQ.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:18 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 IzMxIoyuCtoPzCN691d3gffoIO5nn4iMjUcMLuk9glRn8an3wHxyaGSf9AuwYffhEgcl_iZp56AIj3Ppj4dM0GyGHhJdhdsdsAhTQcuXZGA3xCo5nM9ZYw6xW9aYmIaoMDF_yLFjEoRPXoNwRfNgJrhjlTcxhMx2_kTQK8celfX2QuBjWVz1fRCF9AgQAxeqbGQKT...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 0114 842 B
922 B 243ms
242ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzMxIoyuCtoPzCN691d3gffoIO5nn4iMjUcMLuk9glRn8an3wHxyaGSf9AuwYffhEgcl_iZp56AIj3Ppj4dM0GyGHhJdhdsdsAhTQcuXZGA3xCo5nM9ZYw6xW9aYmIaoMDF_yLFjEoRPXoNwRfNgJrhjlTcxhMx2_kTQK8celfX2QuBjWVz1fRCF9AgQAxeqbGQKTW31eY025b4Qt3O-BYocg607dtMHltEhnHcYSGdyPew1BORvztCS0NRty5LOSrdQNuM1fyl8YHWSPTINpsUyAodDA7PQnQzB3vnyazt88JFkWiN2AbZGeTluW3_Tzmg7tqy8V-t1vlQ9E9uT40AnhX876CF6-MHHQvojeFJolq8ovHDicmlkbeBvXV0DOdq.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:20:18 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C86D 0
0 125ms
115ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1937375023754647&bg=!trWltfrNAAZGPLJIZjw7ADQBe5WfOGOlkJD6hWI81EQ1nZEv1ll-bsRCTtX-JV4WeGMu1XXC2vyqAFrxdiVsCXPJGW3fAgAAAsZSAAAACWgBB5kDRXy8H8f7RiN-UmbpzL9JhyLUQHzYS29eJpyOhZCcvy-pUW6Q_uF7kMqzf4CHyj0BkHMaUyDc2vglH3wcaZncWFIkbujfr6F-FbRrK_0yk9B5J2RsnVsCkrG0rohe0OfqB6a-8jsKI0Q4PqRKC3ZgwQCX4xwpBwsSYT0onerVYSAS1VN2UBJAbvDjbqmbXJ6U6VKA5pT452yJk7nex1RFu9rcAAlfVX5kKWZLJEqSBAvX61hvFu0qV02dR9B29NHr-mghcpO1YrUhPh0eTjR9yDJNryQhnGh12BUL9kH3B_XY5gP0rc7w9UMMTs0LUFWL_R85B4isygjEas3mB1A-eKWio5WJi84VKJ_GnIO2S6VFMuy4UTddgEnW2g17YvrhsPQpes_NYqY7nxE2ZTvi-ELNnhQsHIpjmG1N8YSgi5UHRzY_DeaFUtxQLLFcnAt8bnbXTx42ss9OszrpdYSzsAO3bL90k47vP5nB-cyLQCW8XJsrqfMYT7iCUHOngZ9AoMjgfeawKdWmV6tdJzy-w0je3_5sd36d8H3J0XvPQxjcs3NjVaQlAH9fhhe3kTQVSz5CEjR9c8go9khV4qffD8rplR2KmvIrBtMJlhKFPp3CnFl8waX8vU3WkF5PJ5S1OgCW8JqPGM-WCnU4jQCcSmnyCJP4svbDcQqgNg_hhO3PavM4y8-JLUb4Avr41uXLfWQ46xLz5LFCOnQ3koZReUBfelw92V6j5LdyZqhJXTgZe5j6zVS_XLZ0AdX4CPfVAXBo6sQ4nt24yjExwS0q-_-MCq9IJ5brn4pMlwVbWbYz1f5m0ONoQl6FxaqvPTCyRw41g9rokICLAapgswMlGWdbIyvwnFP3vGR6viAvxqlg2e3tPWtZdmVw0Sa0K-qjaQziiljPuFr0FoP8x5N8_AW6afbKS3DUOZn4IKWFGBnovc5n0L6d8FwmqC_2lVHzPNl7hcqDYuNAlKabxkj8JfsZbEvMCVOI0HehGTfbh1W4a07wjJNApEl6s_8blaeEjSgPSBwIBz-QGhgsTseXi6KVzPtsdI1jhL-bkkZ9jN114jpfD1Y4aaLJu9sqXaBO0InppCgdrWH_WbyMvKUMgf4O5Dp4Gw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E21 0
0 118ms
117ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=766684576069143&bg=!qKulq-TNAAZGPLJIZjw7ADQBe5WfOCQzJg8WhtwQ-9jdbkvA4mtdLAWJsBpfHrkGPMGau9101Xp1cQY_DXHT1VCcwDFfAgAAAsVSAAAAOGgBBwoATNwudQzhBWnpDVi4yUVu4AcvrpFNrflkFq6LgV2DwxFr78EiWQ_77F1D5rUekcZD7mk3IfceTLPnDdqol0Po01g5xFxgKK3yRFAsL1KZAzFONr1RZWuVkXxnh3jibfx60wsxwePh1e8bsfquawDcoVVf-ne3zls1iXfaJBkTdwJsHMc6cJ4Nya0NBwyho5cdmpWihaBBtb1yMcMiV14quwVRUCY51ozUiTJ9_arn3JIEhdlBIX_ULBEeVWgJc19m-o1gcza0AZ99EjsS2Suu1Mk55qXyUeniuTCU3PhtFs7MTBy7n3R0boSTUm_XA5HYrxkRExyYiyOrD79453lF77pRSDb7M0GBrtK4V3W_4bY1C0lsJkr5baooiz5NibwJ96cKRaTikA00C1QTOQFXwq5w2bWsqjyD_LtKvmntjpe217lTTk6i4hpZn45n5WLqoTzY43iT-MSa5mJjyHRMxprnhKfDGB5uJOhStS0EjiVH1AbqLtW8VS-G5GsXb9ZwKZZ4Azr9-arj1XBjQs8FJXZtQ_HJJ27m88VyQvk-MlF66gn_arh1Kd2IUM0Yr5DgYPj08q1_1GNiwcrhwzemfCzbmkXre_tIosJRybMWu4SiEvY-b5cA0-JbwxiY895kx5aZjjnHg9tX8fcnLNiU7FwtUm3THyj3Iw4MprrvqJHrAzdddsla1CTF_vgzeZIXHQBh9JylHyozrDYWKdK5gkvJ4WKclC1R5PhdoLkJWn4TQ1n10QyAbGiE6rKJ9ghifHywVp3f7FUp9hfRGng3WkGLtg8wsi3XTtNPDTLcFbDIkn8-yu0NwklEdsS61LDrwldlc4pEhgvK34HGIdUnPy_BDwzht5pr0mAFEs5TnA0tf_jYHirM-TglAv2pgI5K9US1ScZfnNPEZMS1TClQiX4_WBwsnXh6ls93BB3-Ey-kRSyg-HYhDmZVdnMeM873U1WY3665rUBNl3o1pXDdvJ5JPVhmRNo82W5h5x2rXVXxwk-bwzgjEihzj4oILSj8onAVA92kDzsdnNSM6yKdWeKqwKjoO3B9O7HykwNOtcF3O1ZE4c5cRUpsx-zfUb57LyPQ8w9Gx5-5LQAdatXOl1hXw130uxj4psshcupZ2qMDWrsqWiIoCyu5eizVkqgg8LcxjORM8HLEwrujCS_BWVo-zA7cxOtz9kRaVaT_PjbK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1AF 0
0 113ms
112ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1220634640647421&bg=!FBelF1jNAAZGPLJIZjw7ADQBe5WfOHnrI-iKVrqnAZas8HebOakivChpq-8MPXenwjTgIhdCcTUGvGIY99QKIJKuIxYXAgAAAw9SAAAALGgBB5kDIlLm0BZVJZ9tthODaoqOXwU5v9TqX2VGY8q3_ZsUNbsBaUAXLuqnTdREeIH1HqEwzcFGyrhC47I452_kcWygSMjyovZ3y_L1t-tXpY5juXgKHEiDEsLQNorx_ECL74Ac0sorsnxQSFf_yAh0JaJkUT9WltQoKbaduuLjH5Adug8cjXobEfE3-xG3efpO8StlyWJHJ_06KA3R6q7Xab_J3tF14zo3MpiJ_iUrq4R5o9v0zhY3YuctMQWpVxvzZARRTfdCEu_KVAigAxFjp1Lf79fysEekgkzVAxY3wDF40Zcne07vH3H24mN7gYV55abaWxMsgf08w0B9UOe3wryXbogR0aPNy-pCI4Ebx3Od65JKwW8NODEQut2ao-xp7SwJc9UISHpaR4qDMkrvWTdEguJq7a6lxem0cs3gOt3IvAGtb-b_XqFY6d5RblAM5sovOHbMOiGPCH4azD_B4doVFxeI1_8CV-dNo_uE9RxQMjIlwsVDlgs-1gPBsWTfCGoH6Ga6_oqCMDN2gouLS00oEP-zNCguKt7EMYlAUqRH-myoiqrKJkbW-XGJHd3a4YYY-no3OCEaTLYnsdxIrU5K_Jf8mmiRi58H1zfaZ6WN0VR_v_huZxDR5p_SJ1clr00KfW4ibvX8LjTqSJhQ3Tl8_RPlUU6voHhV_Nhn1Y5xlUw6N--dNTZf7XOdJV0Q_A4G-0-mUjaAzhJYIvCfNVCjZziTHcK378PAeD84KslmtD4QDqQOJGc-C-QzInmmDF9aZXIVrc26i9NrtE_Zi5PDl_KT2n3kfAgDwRNqiBboEPEzxvnOwk_rRUe35wdVj6lMVDK3_txacSglprrofTD8Oqz_NjOh9mQ417Ct1MimFLIf373-kiGUi0xhnIU6bPi71E0Dqzizr13kHBzBrjO9qKMrj5u_enykCJKMcQ6uAv3LKltUX27ZMzOIUL6akOb2rUeSHfozsZm48-jfSn-JcPj2iORmjrotWDcKODJKdKNrfDqeMxgOXuYpwKOdlowlMVFe2mdEPkZnLfXqOJe4pSR-uK8yOp3tJOKapHLNT8AAc4Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E75 0
0 112ms
111ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=967994951098995&bg=!9_Sl9LvNAAZGPLJIZjw7ADQBe5WfOJwJyA7Z6i3BKdPnqTDqE68n4gOOXQhnbjHqhbqjos5yeWDn6TgbbO3PTIyYSr9iAgAAAxJSAAAAImgBB5kDHX4aTcrWDv1KiNQ--rZ8sUT-gHOApNIh3PeB80Cnshnvq2490P46Lv2DMbnmb1Q1f8_aBpaYFjQIVCQ6Y37MAfMD8oppiJ9IJ5RBEg7zeYfko6_Nnjv9FNHkWH-fXxE8DDYJGUJ93vARZxCtzh5AteqCoiZwewxRGSgHXK8WR3BNcl9YmLntw55JYnz8CWS60FvhaAmr7VZ4RTmejPBN12o2vHxBOmufskabKgOQExc5KiXYpbY6XH_wkZMYqvbwQOVYRQFaamWlomclpFya_q7HSJ5Mk8gwsLlwhUNYvCPLI0Ad5RDLLeOEaoC4hMX_nO2-VUsZ9nf_68HqmT5MR8o1bE97PKhe5q_LjaxMpGrAhef6rSQ_R8z1eaIrxf5YHy6DeC9aRk_WUUt55tBsDOGjbfwQt9DU80W4NHT6SjNeYjI_2WV1LelV9oNp_O-wTdfH6RnojL91GnmpZpmKozsJl_iM1yyknyRbjfvyAjE8gjd4qaMtGVNlw6pMvngy-elOev5WPMHpBJKR6P7_lWYq0RT-pJTUzSE9GTtYwh2FLvInmIfcDO6VmCp3c4MgyMfbPvv_W_Q_uedb1sh1ccJcwtrA93CA7-vzlfb_Wpdo9DFCpJ8JkC4qFcCFgtWZZ2plpt4LN246rXmgvNYmoeYk8DJb63sVu9aCAaf_U41sjd87c0NCqCN9eTAl2I9Xo3teV2geN3XlxAERV6TaPQcIbYS1IB876P_hyX3N4T3hKagH4dRYr24VJ9ppTtiaAcDh7vqDMhOsGgPiFpVogJRHm8jW-WP5tHrzAlhui3dw46RmAjhXNQOeqc_8a56nTDiaP3Qox8_QrqQlSxPmB7beXVt2Nx9dxtZBSKpAG2kNBhM9joUwXIC2ZW_CN6E8y7PYfnp-QVN7kLy6H7QgmFrQl2sXt9wBNb_SqTpBYHzNe2DsYFWRW6cqrd25uqgC-cbDjo6ES-Gz3TSxEUBWyvTHICLAz1rwSXPuxKpA3cF2ElbX74tdANEXTjPuJbwEtA4kF4LPZXskBqJcSGP9aWZtYblQdXiMy-I8BGW6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 18:32:54	Name: _GRECAPTCHA Value: 09AG8ZzsuGW3Z_pJZmCi9cqV3mBa18_6JPwIEH40qZK_pWMsLhwY5OdN8AUtUNTPWf1OzrkHhs1jpyO32CZNglIyU
i.liadm.com/s	1970-01-20 14:56:54	Name: _li_ss Value: CgsKCQj_____BxD2FQ
i6.liadm.com/s	1970-01-20 14:56:54	Name: _li_ss Value: CgA
risu.io/	1970-01-20 23:49:42	Name: ahoy_visitor Value: 23e02274-3b79-4dfa-8c1a-77f5da8b05a6
risu.io/	1970-01-20 14:13:42	Name: ahoy_visit Value: 7defb948-0e6e-441b-9002-df197655d731
.risu.io/	1970-01-20 14:13:43	Name: __cf_bm Value: mP48XaVOtlRp.YecSw23lnYTw.15rpc3TR.qZu6wa3g-1692822006-0-AXZNj3+t6CXZqszOp8PkFVepVjn+LUD4EX0ahz28nhRbsmYnDvQLwjus4pIdMNPSFAApMRUkbFmC2Qht/vMmbfk=
risu.io/	1969-12-31 23:59:59	Name: _risu_session Value: NR3mEuCSyCzoIfQ6qVEucvekLB1EpbUb8QjFbW%2FuU7iaXy1WPQd%2FbqBlenyL3TBdivVl1dc0mN54Px%2FDD0%2BSORSItcLo7wL0peSFENL7tCCPkcsyL8EYmv0zet%2FiCpGAZfIPC8W2TdBsvsT28GjygUKNiWZJ%2B4DU6S%2BvKTgYGICq6z8Ap%2BCC--l%2B%2Fy%2BQzbrfdmd4jS--0wLJq%2BIjG0uWhbz2XXqD2w%3D%3D
risu.io/	1969-12-31 23:59:59	Name: prefers-color-scheme Value: light
.risu.io/	1970-01-20 22:59:18	Name: cf_clearance Value: .jR0GHnuratSY6vC7CFbchA.fHaRrBzQV7_lSJjq5j4-1692822009-0-1-2a5e6c2d.5efbcd12.7fccc418-0.2.1692822009
.risu.io/	1970-01-20 23:35:18	Name: __gads Value: ID=ec4896cdbccce36f-2238105fb2e3008d:T=1692822009:RT=1692822009:S=ALNI_MZIcJIhJizzPslJJ_f6yniFvf192A
.risu.io/	1970-01-20 23:35:18	Name: __gpi Value: UID=00000d8d64dac1d2:T=1692822009:RT=1692822009:S=ALNI_Ma-ynlXcriKduXBAvsG_wzlAHCeLw
.risu.io/	1970-01-20 14:15:08	Name: _gid Value: GA1.2.80874431.1692822010
.risu.io/	1970-01-20 14:13:42	Name: _gat_UA-146086888-1 Value: 1
.risu.io/	1970-01-20 23:49:42	Name: _ga_H814P3QJ03 Value: GS1.1.1692822009.1.0.1692822009.0.0.0
.risu.io/	1970-01-20 23:49:42	Name: _ga Value: GA1.1.2090007071.1692822009
.risu.io/	1970-01-20 23:49:42	Name: _ga_ZH634PL121 Value: GS1.2.1692822010.1.0.1692822010.60.0.0
.aralego.com/	1970-01-20 22:59:18	Name: sspid Value: 653790b0-5c82-3304-b845-4badb4d0b387
.doubleclick.net/	1970-01-20 23:49:42	Name: IDE Value: AHWqTUmtOfSX1emYYIZ7nFl728qXFcsqeTdy-BsSRcvAnJYxAD_iKIdfEYPwRD7zOXs
.criteo.com/	1970-01-20 23:35:18	Name: uid Value: 3129673b-ede1-49de-8ab0-a9c48b1f8296
.doubleclick.net/	1970-01-20 18:32:54	Name: APC Value: AfxxVi5pRtSprx4CPLt7VYOB95myyErABRP9rN5F_7e0h0ZJt0WLOQ
.doubleclick.net/	1970-01-20 14:13:45	Name: DSID Value: NO_DATA
.zemanta.com/	1970-01-20 22:59:18	Name: zuid Value: FvE98OXIajnYxJs2mSdp
.blismedia.com/	1970-01-20 22:59:22	Name: b Value: 64E669FDD1351C1C86C2EB26BLIS
.mxptint.net/	1970-01-20 23:49:42	Name: mxpim Value: R33645_107E06948_C0E8054D.1.64E669FE
.adform.net/	1970-01-20 14:58:20	Name: C Value: 1
.acuityplatform.com/	1970-01-20 22:59:18	Name: auid Value: 817860304704
.acuityplatform.com/	1970-01-20 22:59:18	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRQkBYCyWmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUJAWAslo90aGlyZFBhcnR5VXNlcklkWkNBRVNFQzFISUozX1RlT0p6Y2RMUHNaS24tQfv7hnZlcnNpb27C+w=="
.sitescout.com/	1970-01-20 22:59:18	Name: ssi Value: 134677ca-f1b5-4785-8648-524132e053aa#1692822013322
fksnk.com/	1970-01-20 14:23:46	Name: AWSALBCORS Value: VevKw+qon6Rh2mAin+775SPf8EpS0UeSs7L7tmNYj9S/JkV9PCdU/twkR/658ERDo3+Sd8/C4boGFCqe6t1PdCjr07Cv9rISdR4bQu4qCg/7AiPkXGlEXP7Fb1Gk
.fksnk.com/	1970-01-20 16:23:18	Name: f_001 Value: 7448A0E23EDBF2D5
.fksnk.com/	1970-01-20 14:15:08	Name: g_001 Value: 1
.bidswitch.net/	1970-01-20 22:59:18	Name: tuuid Value: 60fccb77-ed00-4c6b-82f8-a9dc7f5137db
.bidswitch.net/	1970-01-20 22:59:18	Name: c Value: 1692822013
.bidswitch.net/	1970-01-20 22:59:18	Name: tuuid_lu Value: 1692822013
.everesttech.net/	1970-01-20 22:59:18	Name: everest_g_v2 Value: g_surferid~ZOZp-QAHm79xJwBV
.dotomi.com/	1970-01-20 14:13:42	Name: DotomiTest Value: 59778e7a8de72109
.teads.tv/	1970-01-20 22:57:51	Name: tt_viewer Value: e79971fe-ab5e-44a7-bd1e-4e5b3be119a6
sync.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id Value: s%3A0-74edf62d-dff7-5b94-4027-5b4109ac3c09.NGFBgPibnm5cSQsZ7gwlXf7t8XIcjj1gYZsxDUes2iI
.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id Value: s%3A0-74edf62d-dff7-5b94-4027-5b4109ac3c09.NGFBgPibnm5cSQsZ7gwlXf7t8XIcjj1gYZsxDUes2iI
sync.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id-v2 Value: s%3AdO32Ld_3W5RAJ1tBCaw8CWjtwRw.kg1GbiZdPLWk5SqEof1Rxi%2BnHSDhNE0Ljf2cyh1PsCs
.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id-v2 Value: s%3AdO32Ld_3W5RAJ1tBCaw8CWjtwRw.kg1GbiZdPLWk5SqEof1Rxi%2BnHSDhNE0Ljf2cyh1PsCs
sync.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id-v3 Value: s%3AAQAKIMvWFsLF6Z-fLYa0UV35oQ1H3NrFW2S0EMSj10le7Nm8EHwYBCD905mnBjABOgT88vAPQgR_7r9J.9wi%2BEy2XB%2BqMrwHmNYUR7lEZcYQp7gCEusjV6S9zdl8
.srv.stackadapt.com/	1970-01-20 22:59:18	Name: sa-user-id-v3 Value: s%3AAQAKIMvWFsLF6Z-fLYa0UV35oQ1H3NrFW2S0EMSj10le7Nm8EHwYBCD905mnBjABOgT88vAPQgR_7r9J.9wi%2BEy2XB%2BqMrwHmNYUR7lEZcYQp7gCEusjV6S9zdl8
.uuidksinc.net/	1970-01-20 22:59:18	Name: jcsuuid Value: zCBPVgSxF2sRqc0gC90q
.linkedin.com/	1970-01-20 22:59:18	Name: bcookie Value: "v=2&6f3a76d8-0cdd-4017-8e94-6f43883d6589"
.linkedin.com/	1970-01-20 14:15:08	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2623:u=1:x=1:i=1692822013:t=1692908413:v=2:sig=AQH0UyV0bQ0TocNrb0sLbV9CEJpboIGs"
.adform.net/	1970-01-20 15:40:06	Name: uid Value: 5898207241689305492
.owneriq.net/	1970-01-20 23:49:42	Name: si Value: Q7461084131591244616P
.owneriq.net/	1970-01-20 14:28:06	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 14:28:06	Name: gguuid Value: 1
.sitescout.com/	1970-01-20 14:56:54	Name: _ssuma Value: e30
.c.appier.net/	1970-01-20 23:00:44	Name: _auid Value: EoOCnTlwAEmj8Ns9_WnmZA
.yandex.ru/	1970-01-20 23:49:42	Name: yuidss Value: 3335926311692822013
.yandex.ru/	1970-01-20 23:49:42	Name: yandexuid Value: 3335926311692822013
.adx.opera.com/	1970-01-20 22:59:18	Name: UID Value: OPUb8a69f013a2a40edac2ab5bb4403a4f0
.googleadservices.com/	1970-01-20 16:23:18	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 16:23:18	Name: ANON_ID Value: aOntuJSyZaRHRT8vnPIvClMFZan7icMslprTvDehSjbI2tZb9Arc3YsrFVhjhe5SjWDyDtZd8DbPk60Swu9UKKSCZcUMr
.creative-serving.com/	1970-01-20 23:35:18	Name: tuuid Value: 1d04d785-8efa-4683-869c-9fdb964f7fbd
.creative-serving.com/	1970-01-20 23:35:18	Name: c Value: 1692822014
.creative-serving.com/	1970-01-20 23:35:18	Name: tuuid_lu Value: 1692822014
.aralego.com/	1970-01-20 22:59:18	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:59:18	Name: gdpr Value: 1
.rubiconproject.com/	1970-01-20 22:59:18	Name: khaos Value: LLO6IR1O-3-L85N
.risu.io/	1970-01-20 23:35:18	Name: cto_bundle Value: xpisfF9tOTFhVHBSOWdNT0tQSWcwbllNMGFXQ2FVeVFzelJzb01URzNyQzNjYWd5RXlveDZCR3lpVHd2S0FBcWIyZWFLWEZwSG5NTEw4dlZqVERpMG5qcXE2WGxSWVhOeW55OGlXYnJnN2xBMWY5NjRVZUh4MXd0ek12MFRBR0pyeWFmcVF4M1lvTUglMkJUTGhER21JUnkybm9sdyUzRCUzRA
.adsrvr.org/	1970-01-20 23:00:44	Name: TDID Value: a2c487c4-f49b-48b0-bef4-33169bd9fe2a
.yahoo.com/	1970-01-20 22:59:39	Name: A3 Value: d=AQABBABq5mQCEN09ICprhykBuXtwQS1opdMFEgEBAQG752TwZAAAAAAA_eMAAA&S=AQAAAl0bMGdE2imrP6rFul139w4
.amazon-adsystem.com/	1970-01-20 23:49:42	Name: ad-privacy Value: 0
.adnxs.com/	1970-01-20 16:23:18	Name: uuid2 Value: 3568480235601892336
.smartadserver.com/	1970-01-20 23:45:22	Name: pid Value: 8089305421988103199
.smartadserver.com/	1970-01-20 23:45:22	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:00:44	Name: csync Value: 79:k-NXANlMOz8wSX6VYBf-F6EMFClS0JdGtZoPcorA
.sharethrough.com/	1970-01-20 14:56:54	Name: stx_user_id Value: 92405088-f80f-438c-b449-7445da77ddf5
.3lift.com/	1970-01-20 16:23:18	Name: tluid Value: 4436583257385919359902
.media.net/	1970-01-20 22:59:18	Name: visitor-id Value: 3358236161193210000V10
.media.net/	1970-01-20 14:56:54	Name: data-c-ts Value: 1692822016
.media.net/	1970-01-20 14:56:54	Name: data-c Value: k-n-tnR8Oz8wSX6VYBf-F6EMFClS2S2lbpXKtKrA~~3
.taboola.com/	1970-01-20 22:59:18	Name: t_gid Value: ec7074bd-33f6-409b-bbe0-18c47190a019-tuctbdfef81
.analytics.yahoo.com/	1970-01-20 22:59:18	Name: IDSYNC Value: 18zh~2dik
.mediawallahscript.com/	1970-01-20 23:49:42	Name: mCookie Value: 79747370-41f2-11ee-9125-d51d25a5abd9
.mediawallahscript.com/	1970-01-20 23:49:42	Name: mUserCookie Value: %7B%7D
.casalemedia.com/	1970-01-20 22:59:18	Name: CMID Value: ZOZqAULTzVDKt4NB-vbK3gAA
.casalemedia.com/	1970-01-20 16:23:18	Name: CMPS Value: 464
.casalemedia.com/	1970-01-20 16:23:18	Name: CMPRO Value: 464
.adnxs.com/	1970-01-20 16:23:18	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hb:Dj5X%!@wnfH1YdP.dEXlSkg.F+ov>IqxJA%-_WX*Cv)aq]t?IqkSbRGrAF/+8`JT$naE1.!6Qp(RCiP(hw9P-HC_#tvaA+8V@8
.bluekai.com/	1970-01-20 18:32:54	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 18:32:54	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LEUyYWLvvuiv5Xdyz/AlBEWmYSfyu6phYugtuxXL+xpHOxeOOhVr
.bluekai.com/	1970-01-20 18:32:54	Name: bku Value: uUW999a38ZEQ/wzk
.amazon-adsystem.com/	1970-01-20 19:33:22	Name: ad-id Value: A2y1uJ0Hw055r6ABfZEytkQ
.rubiconproject.com/	1970-01-20 22:59:18	Name: audit Value: 1\|k6/KyxYg67JpP7IbA1fKgpZvl374O3NOF0cKporhwYrr1JKW4ws3nk/B6YLi0IFDyH3vw9OJ+lsiZ07GJqnMno4BjqNRGrmz
.omnitagjs.com/	1970-01-20 14:56:54	Name: ayl_visitor Value: 845d7c80db67c3a5dd4203263da582d9
.bing.com/	1970-01-20 23:35:18	Name: MUID Value: 0CCA36D4664B69BC113325A267356869
.c.bing.com/	1970-01-20 14:23:46	Name: MR Value: 0
exchange.mediavine.com/	1970-01-20 14:33:51	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2279b4d7d0-41f2-11ee-b9f2-d72352c1bdd1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:33:51	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%2279b4d7d0-41f2-11ee-b9f2-d72352c1bdd1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:33:51	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2279b4d7d0-41f2-11ee-b9f2-d72352c1bdd1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:33:51	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%2279b4d7d0-41f2-11ee-b9f2-d72352c1bdd1%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:33:51	Name: criteo Value: %7B%22id%22%3A%22k-K5A4u8Oz8wSX6VYBf-F6EMFClS0UyAxcx3TUJw%22%2C%22version%22%3A%22criteo%22%7D
.postrelease.com/	1970-01-20 22:59:18	Name: visitor Value: fb2dd606-4f80-4c83-954e-d1f663475f39
.postrelease.com/	1970-01-20 22:59:18	Name: status Value: 0
.360yield.com/	1970-01-20 16:23:18	Name: tuuid Value: 8630cfc6-266d-472b-b0e7-351980a88f20
.360yield.com/	1970-01-20 16:23:18	Name: tuuid_lu Value: 1692822017
.liadm.com/	1970-01-20 23:49:42	Name: lidid Value: 049680d4-ba71-4666-832a-cf82527527e6
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.360yield.com/	1970-01-20 16:23:18	Name: um Value: !38,S1Dj.oef-4ofAGscNmSTbZSsbhx9sbVb5lA6XAS0zpVhIGq8jQ44.KCRCf3CUDETpXx75vek,1700598017
.360yield.com/	1970-01-20 16:23:18	Name: umeh Value: !38,0,1755030017,-1
.socdm.com/	1970-01-20 23:49:42	Name: SOC Value: ZOZqAcCo8YEAAOitmQoAAAAA
.pubmatic.com/	1970-01-20 14:56:54	Name: KRTBCOOKIE_97 Value: 3385-uid:k-mHyWfcOz8wSX6VYBf-F6EMFClS3Jf7ION20NQA&KRTB&23144-uid:k-mHyWfcOz8wSX6VYBf-F6EMFClS3Jf7ION20NQA&KRTB&23286-uid:k-mHyWfcOz8wSX6VYBf-F6EMFClS3Jf7ION20NQA&KRTB&23287-uid:k-mHyWfcOz8wSX6VYBf-F6EMFClS3Jf7ION20NQA
.pubmatic.com/	1970-01-20 14:56:54	Name: PugT Value: 1692822016
.smaato.net/	1970-01-20 14:43:56	Name: SCM Value: ebf1f5b61c
.demdex.net/	1970-01-20 18:32:54	Name: demdex Value: 29624931678218019672772041494413199971
.dpm.demdex.net/	1970-01-20 18:32:54	Name: dpm Value: 29624931678218019672772041494413199971
.smaato.net/	1970-01-20 14:28:49	Name: SCM1001851 Value: ebf1f5b61c
.adsrvr.org/	1970-01-20 23:00:44	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPTs_dmMiJI8EAUYASABKAIyCwiusP-To4iSPBAFOAFaB3Z4c3J2M2lgAg..
.mediawallahscript.com/	1970-01-20 14:15:08	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_08_2023 Value: %7B%227bYSR%22%3A1%7D
.agkn.com/	1970-01-20 22:59:18	Name: ab Value: 0001%3AFgdxOUg3KIpe76aGRtXS5kloeSaMnxt2
.rqtrk.eu/	1970-01-20 14:23:46	Name: browser_id Value: 1:664034b0-dd98-4b6d-b21e-77d32fcaea78

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271802&client=ca-pub-9208708170783140&fa=2&ifi=6&uci=a!6&btvi=5&xpc=WTVP2QKF4M&p=https%3A//risu.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9208708170783140&fa=3&ifi=7&uci=a!7&btvi=6&xpc=RoKJZn5mnl&p=https%3A//risu.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f92ce0cf7b0c20f9c1ee742667110c7.safeframe.googlesyndication.com
4c527e3c7a8f45218bd8b131fa34203e.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.sitemaji.com
ad2.apx.appier.net
ads.aralego.com
ads.creative-serving.com
ads.stickyadstv.com
ads.us.criteo.com
aep.mxptint.net
agent.aralego.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
assets.risu.io
b1sync.zemanta.com
b6dd71039edd5be9b6e1a51671937458.safeframe.googlesyndication.com
b71c4754d1dd356c3538c245d036ab6d.safeframe.googlesyndication.com
beacon.walmart.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c1.adform.net
cat.va.us.criteo.com
cdn.aralego.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
criteo-sync.teads.tv
csi.gstatic.com
csm.us.criteo.net
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
im.bluevoox.com
imasdk.googleapis.com
img.feebee.tw
jadserve.postrelease.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pmp-beacon.apx.appier.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
r2---sn-vgqsknek.c.2mdn.net
risu.io
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.sitemaji.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.extend.tv
sync.outbrain.com
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trends.revcontent.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-ad-track.aralego.com
visitor.omnitagjs.com
widget.va.us.criteo.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
100.25.87.174
104.107.25.203
104.110.17.251
108.138.128.44
124.146.215.50
130.211.28.216
130.35.192.4
141.226.224.48
142.250.31.155
142.250.65.226
142.251.40.226
15.235.42.102
151.101.130.49
162.210.196.208
172.105.235.90
18.211.192.157
184.28.206.17
185.167.164.39
192.40.39.223
192.96.203.13
195.244.31.10
20.114.74.38
2001:4860:4802:34::181
207.198.113.87
207.244.102.141
23.105.14.106
23.52.160.7
23.52.163.93
2600:1f18:4e9:5a01:e00c:7c10:6fd8:d8f6
2600:1f18:ed:550a:ae19:cc5b:1b2b:71e3
2600:9000:2511:5000:1b:5138:8a40:93a1
2606:4700:20::681a:467
2606:4700:3108::ac42:2902
2606:4700::6810:3865
2606:4700::6811:180e
2606:4700::6812:19ad
2606:ae80:1451:18::1720
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4017:3a::7
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:402a:80f::2003
2a02:6b8::90
31.220.27.155
34.117.157.22
34.200.65.202
34.203.128.117
34.205.126.51
34.81.191.174
34.96.105.8
34.98.102.251
35.173.111.127
35.174.68.73
35.186.215.140
35.190.36.98
35.211.178.172
35.71.131.137
38.98.69.175
52.207.129.225
52.223.22.214
52.23.107.16
52.45.175.185
52.46.128.147
52.72.213.198
52.73.38.232
54.158.1.177
54.204.243.99
54.237.181.95
60.199.208.47
63.251.28.133
64.202.112.159
64.74.236.127
67.220.224.144
68.67.160.76
68.67.179.87
69.90.254.78
74.119.119.139
74.119.119.147
74.119.119.150
8.28.7.83
8.43.72.98
82.145.213.8
96.17.65.140
01b2b3683edf271f251b58f5d4c3d642722b99ecad1852df29fe11e31120a955
01ccd8a43da5422d946282abb3a78ebe0cefebf05dc9ef6dcc9795dd60842466
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4
0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82
059b76d8d9f534b4f615f0d9fdf961f6163196868d5e3a647f475b393a757297
085c572c6d41eb40542e21f048f6b6f0377649fb83cf8e1ff7122df4cd8dc1d1
0889915bc5dc8cf5134756ad0327e00083eb5350d8009be80218d994fb10fb0f
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d663e1a37acb9ed1a0f4451256f26f7d2d9426cabf91bff4c6ca8246cca405e
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
11d9f84a3c7f61533317a7802d7de8bb3b93e6fde63e21de43f158057c4f7945
13ed38ad1518c0af17b5cb3e35bb3bc701c84fe5ab42476ce6d524a19471e4ad
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1dfd0d02ab1ddb13cdb7b690d53f504a2021b91633ff1e53887070a570145131
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
2594740ec2d6758fffa81d2276c31fc5d8ac2a6317d4c9cff72ae94b282c413d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e519d381c3411377e72ce6adced315a27cc77acf75c3efa470823c4bb0f3c1
27fbedfb725bfce210e9c5db356535636d905bee7d755c2527540a3f1d54bbec
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ba9cfae7f416a5fe24f84dabb8b0a9ac003c5f3c5ce45eb985af35eb2ae821c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
31b859edf9f0a7bdcbdc8e78e9b29e050389c45af3b40c7665f4d673c31fc8c2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342ed4e15ebf20765f48fa1b00d753eaaf04949a8e56b5af3e928b4bf95d27a6
358c4def7a1b073b5780891db67948eb5fec9615927a2abea29984746cdf33d3
35a2dc2f099cc3655956fcf6d089490459ad85e5893beb9279a128f6d04eae74
3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1
3a3e18bcafab0ccc2692f3ebc902ba9baeaddcb9ae57d8f9cdcd742d6fd919c5
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3aa0c7294ee264246022df4f9b08a3380975462cbfbc322dfc8400818c1650b0
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3f941610115375a50f1b14a1e449e0bdd6c1acf60f3c0d0bb80ccda2a22a8411
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401dc3cb7482e8652be239910c0ac1d0c32db5820b530f1468263f87466a7d2d
403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489
41ba1f8e5048b9664d41ea3fc8be8dc7d77c347661624e14cfc9e83c89a720c6
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d2be441abfc2cf869ab94160fa27c540ae8243b2c48726644fbd758de7f892
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
4e80cd7a028ea44ab55906bf7eb5c8dce0a769afcee3d08225632de1125b097a
4e9f523718a0134833da739b9b7badcc94aa380a0ad894b0391f29667b1f53bf
500ea9648952b6dc93fddbccbbfa87e56e26e172726a17e0e9fd821cd0c887ff
519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df
523dc82136787d8e229972771469277d21182ffb2d804d3d0907cf9d85495870
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55308e59e049fec4f7f86c526cce8f69d63074b7303710869b72ff74dfe272bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599cc8e517d110de9474cccef29d042743d300b377408318b5dd1d10517f988b
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c32a0123eb656905f4d266e2328ed943045ff5a5fea6a84cc20c342ac66f28b
5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e3756cda0d1fd737baa182555b0c7770368713201eddbb843e08ed3391f1dd
646acb453a536763dd3230fd2bb2398bd259dd9014ccc961525beaa895aa5560
64bb69d4f744af98616f5803136d9e2d96bcbf371e6eae0b11ccb9c8249edf49
65806270702ccbfca59e09538a535d1248418f58ab2e5379ce10a366bc12f1e6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66b5d7f2d13f732f84dca41f56815e29a1fa6f8d25abba2deb9d6bd8c656c343
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e61e1e3e91a968a89b4f8522aa6c67dc74242c82065eb4941eefd8742efd664
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
6ff016ac3ddc0f73013ae28222edc12597462b33d24b8ba13d97b162c7892281
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72dd6eb9dff384e8171df4fa8e1f33487c4c4592d209352bc2cd5c847bc36ec3
7561a3f742de0c6feb99819c53bd1cf0f0d11ac11f025e956430fec296bd6613
75948de46e3eed8d8b5c2a7affc62ec7b395ef8bf516c9d96e8f0516c0ac56f2
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
779d3e9da09a1428d3498b0d12b362ee5a6ec72a2faf29b64c3040cccc445828
7840a63d709f5e598f3df937ea1500209271f88ad907611c3a873353256b3d13
7b82f06d40dbde003b7670694e84929ebd3172a9d4bbbe67178adb2101e1f9a3
7b8dfff29e93218b10c8f19f0f9a85c37eff6e1916d274d05d74306aa02588c1
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
8203fc7c813d94d252c5f599d4b7c3270cb66370bb85e4e49df8035da7d5bc2c
84602f64fc84d28ef6cffadec3ee067161aaeb93c73083d7a5a4bb9e7a257d9e
84c6d40320585a08fc76d420c18e8ff1d63a6631352ff1b26ff4def26dc5b65a
84efcb7ab1e930a079e73c58c3ebe600a7ab6128291978d9c14b969ec0d84559
85c41e649de18382b334a7b6e9a9d82bcf43b403856f650d8161225d50318d34
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d25234769530b89fc7e9bce0064fea774951a2ccd749ed536d01f97e979f730
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee05fc9631fe85bd5668dbae5680741a0187f61a1896b278eb3621910c6514c
910eefd68516bd0be76d19de45209fedd17b96cf68701a80aacfec02a0a5d5af
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94157ae9b66976e8e9ab87ba7be3275f51f0bcb4fa988b626889ddd47bfccf2d
94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
96ccb39e05cad920da3efbf7fc39bddea0fc8f56c1780635e33ae05af624abf1
97c9fb8b642aa27b99c137435e733b258090e0df1ba62b01b21fb1c703d5cdbb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c16d671c6096ec259694f48fbed9c6897c46dd9043cc2cdbd623a7220642fd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fe426a3c5e082daf8fc9cc9b66037f855de131bae17dc901324bc97f372ab3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5bd89242693e0aaec4c3e58ea9776ae6415d7e3c1171165300999be6c9761c
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26218f338e11343a04a8c77be193dd349e4f002c21a6a74e0157dbf2609d29a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30be55fea4e00d0c8fa788fead233e68228b1fa0e7e72a9bd42dfa62a3c89e3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
adabb5a29b96ba650980af675dc8f5bff59a5f3bd4df14c28da69e7c19a7f49f
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
ae8ec0cb8492d6a32655a51410cf1860f9ef6001a5119d5d31eecbf7bec72887
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0a91a41a6ec9c734bc44436d01ba752dc0b5ae0a3697c04f0059432b437b5d4
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
b8184f50e07e4a7934270ffbdaddd6f868a39319bf1e59eb316197da02714d8a
b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb30ab692076231ad215fc262079108bb9150375825474acbf80384dfea8e1af
bdb72c1b0c379fca288dda27a63f6429a3dd09095ed8dc568fea5e72c70a1c65
beb4c5e9d6960fd8dc08a8014530c7692e1555672238e561aa134814cbc3a01e
bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdb6e02553ccfac85c1a01801890e7a1ea7752b91e2954b48157977d03b0a884
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d36c0e8963ba8d247929ee95ce99cc9b1e364a8e369dc5858c393df710536ed1
d5a0b444496ae8c594ed7fa222b60434a646accc5a90c0c8feac0bea205b4d16
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e2d666cf6c2760854a4f7f49d7d67abbf6ae592041ca6412289c35f966b237d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84
e82d0099fcc517b52af91b4d49c92e524ec2f5de77520697c00145dd418e68a7
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
edde73fe73db28d5351fae1b28d1b3b81ac8172322be03fd920670f45d69f7ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647
f0dacd63d3cb5c672b2a7f917708a1ecf793e0cbdec8fdc2ed36123e3d45f295
f0e294930c7feedcb70bcbec3026d6f8752ea841ad69b8f0743f57c1e5f72aa2
f10e39617c4cdbe202bd5d01eabc1ff072f9c7c262622b434c05a3f04871d1ed
f34efcad411f70b681b773d3e25ca821db3b976fb3384039e1ba050acec71432
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc889eb338a1c1924f600d6125b664d5bced06be542605715f1460261821a78f
fcb4b25905cb60fdeb638d1caa5734e8cb13e626c2bed76f730c1b6a7b44e428

risu.io Open in urlscan Pro 2606:4700:3108::ac42:2902 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

442 Requests

84 %HTTPS

34 %IPv6

75 Domains

114 Subdomains

79 IPs

9 Countries

5552 kBTransfer

14771 kBSize

116 Cookies

6 Outgoing links

Page URL History

Redirected requests

442 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2902 Public Scan

Screenshot
Live screenshot

Full Image

442
Requests

84 %
HTTPS

34 %
IPv6

75
Domains

114
Subdomains

79
IPs

9
Countries

5552 kB
Transfer

14771 kB
Size

116
Cookies

442 HTTP transactions
4 data transactions