apk.ryzendesu.vip Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apk.ryzendesu.vip/
Submission: On January 03 via api (January 3rd 2024, 11:54:48 am UTC) from US — Scanned from US

Summary HTTP 44 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2607:f8b0:4020:804::2013, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is apk.ryzendesu.vip.
TLS certificate: Issued by GTS CA 1D4 on January 3rd 2024. Valid for: 3 months.

This is the only time apk.ryzendesu.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:f8b0:402... 2607:f8b0:4020:804::2013	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
4	173.233.137.60 173.233.137.60	7979 (SERVERS-COM) (SERVERS-COM)
1 11	162.159.128.233 162.159.128.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
5	162.159.134.233 162.159.134.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
44	12

2 2607:f8b0:4020:804::2013 (Montreal, Canada)

ASN15169 (GOOGLE, US)

apk.ryzendesu.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)

midgerelativelyhoax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.159.128.233 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.159.134.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	discord.com 1 redirects discord.com — Cisco Umbrella Rank: 1526	850 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	224 KB
8	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10066	221 KB
5	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2020	81 KB
4	midgerelativelyhoax.com midgerelativelyhoax.com
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	5 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	11 KB
2	ryzendesu.vip apk.ryzendesu.vip	63 KB
44	9

	Domain	Requested by
11	discord.com	1 redirects apk.ryzendesu.vip discord.com
8	blogger.googleusercontent.com	apk.ryzendesu.vip
6	pagead2.googlesyndication.com	apk.ryzendesu.vip pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdn.discordapp.com	apk.ryzendesu.vip
4	midgerelativelyhoax.com	apk.ryzendesu.vip
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	apk.ryzendesu.vip
2	apk.ryzendesu.vip	apk.ryzendesu.vip
1	www.google.com	tpc.googlesyndication.com
1	fundingchoicesmessages.google.com	apk.ryzendesu.vip
44	11

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.facebook.com
www.instagram.com
t.me
discord.gg
www.nldblog.com
github.com
policies.google.com

Subject Issuer	Validity	Valid
apk.ryzendesu.vip GTS CA 1D4	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
midgerelativelyhoax.com R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
discord.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://apk.ryzendesu.vip/
Frame ID: 89D1CDD8F2AE659BE19F90983CC00ED7
Requests: 25 HTTP requests in this frame

Frame: https://discord.com/widget?id=1151809131427151963&theme=dark
Frame ID: C87C291D48F83AE956DBE1AF9CCF4BDB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 8518A08EB5675ACCEEE94DF2D27122BD
Requests: 1 HTTP requests in this frame

Frame: https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 6882F3C73176E87E1A78D0E61129AD84
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-xxx&output=html&adk=3953984709&adf=2873229911&lmt=1704267553&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapk.ryzendesu.vip%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704282882623&bpp=4&bdt=567&idt=327&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1865560281248&frm=20&pv=2&ga_vid=1699939180.1704282883&ga_sid=1704282883&ga_hid=3951076&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3958818115574515&tmod=1969097608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363
Frame ID: 9B3B1F0079A9AE81901E1ABBA10CAEED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 43D40A767B27DE019790572D6DC36AEA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81A9EDC81F80948316F2716AA374019D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ryzendesu APK

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

44
Requests

98 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1484 kB
Transfer

4357 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/00946341341342285932
Title: Shirokami Ryzen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Nao.Tomori.UwU

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ryzen_vermillion/

Search URL Search Domain Scan URL

URL: https://t.me/ShirokamiRyzen

Search URL Search Domain Scan URL

URL: https://discord.gg/ywcX6aZZs5
Title: here

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/7475420277906279422/5992859295642967708

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/7475420277906279422/6619238823951693399

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/7475420277906279422/2682811132357947984

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/7475420277906279422/9085990951628471673

Search URL Search Domain Scan URL

URL: https://www.nldblog.com/
Title: Fineshop Design

Search URL Search Domain Scan URL

URL: https://github.com/ShirokamiRyzen

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies
Title: More Details

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

44 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
apk.ryzendesu.vip/ 241 KB
58 KB 180ms
107ms Document
text/html 2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05f272a883c36c9c4cc6106876fb1abf1aba166d48f323fe5c9be9a11a575b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 59413
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 11:54:42 GMT
etag: W/"0dafbea8202e39a58681a59f323b4925e2c49c8c2f6e5165bb80414b85741537"
expires: Wed, 03 Jan 2024 11:54:42 GMT
last-modified: Wed, 03 Jan 2024 07:39:13 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pub-3865396264243461 Show response
fundingchoicesmessages.google.com/i/ 23 KB
10 KB 116ms
58ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-3865396264243461?ers=1

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ac9caa59450894552d35ffc309351ea38abd142a933c4eef84850bb81af140b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kF_lsSvuCNqXmpCI8-Wlkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kF_lsSvuCNqXmpCI8-Wlkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVvXsEhlGr-DV-Cyv6rKPuBQDCcAIhMbAUoawgAizbdV2uZwur6XW2KDG9Ve8QNnVt2Ank3FY5-yq-q5szdC8AUOD8Z6rW9VEYIFyiES3sviuRyM4S0bea5Z_IHKWQfkFf9ArW8vQ3vCVsP0sCUCw5uk8gozFNGTGbzLRi8AltUFh0bXWdO3ZE4drbDRda3BtNM=w200
blogger.googleusercontent.com/img/a/ 13 KB
13 KB 370ms
319ms Image
image/png 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhlGr-DV-Cyv6rKPuBQDCcAIhMbAUoawgAizbdV2uZwur6XW2KDG9Ve8QNnVt2Ank3FY5-yq-q5szdC8AUOD8Z6rW9VEYIFyiES3sviuRyM4S0bea5Z_IHKWQfkFf9ArW8vQ3vCVsP0sCUCw5uk8gozFNGTGbzLRi8AltUFh0bXWdO3ZE4drbDRda3BtNM=w200

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

87ef20f23e47e3f65f350e2e7358e64dc6511551fbaadef5779ea6d752893f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v424f"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="header.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13512
x-xss-protection: 0
expires: Thu, 04 Jan 2024 11:54:42 GMT

GET
H2 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v16/ 15 KB
15 KB 54ms
14ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v16/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Origin: https://apk.ryzendesu.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:31:17 GMT
x-content-type-options: nosniff
age: 329005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14856
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:54:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:31:17 GMT

GET
H/1.1 403
Forbidden invoke.js
midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/ 0
0 334ms
18ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://apk.ryzendesu.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 03 Jan 2024 11:54:42 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 289 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d42d50419a11e8aa5cf8f3519ba132b77186c6e26759aa939fdd080c21d24e04

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
fonts.gstatic.com/s/googlesanstext/v16/ 14 KB
15 KB 38ms
16ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v16/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Origin: https://apk.ryzendesu.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:14:09 GMT
x-content-type-options: nosniff
age: 405633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14836
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:54:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 19:14:09 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 403
Forbidden invoke.js
midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/ 0
0 11ms
11ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://apk.ryzendesu.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 03 Jan 2024 11:54:42 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/ 0
0 12ms
11ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://apk.ryzendesu.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 03 Jan 2024 11:54:42 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 widget Show response
discord.com/ Frame C87C 2 KB
2 KB 49ms
22ms Document
text/html 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=1151809131427151963&theme=dark

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b489097ac3240e864bfda9f6228c761ba5a603f35f175346c5bf12b29c4818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apk.ryzendesu.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83fb0c6fbca143e0-EWR
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 11:54:42 GMT
last-modified: Thu, 05 Oct 2023 23:01:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsY1SFpJw1hijkfpgn3peohQn9F2xqsZBMqkFNnN3hSLH3bvphz%2BhKtBKRUb5fi1IVgiUgCMnZB9l3QtA%2BqIx%2FeGnGbyBUwgSqDanm9%2FX3kW1dSueLKsbKIq%2BP0l"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-build-id: 8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 95ms
54ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-xxx

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efb02ab861ce45bb065c2155344c9d17cc0ea79a380ea108df90c50bc3e512eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Origin: https://apk.ryzendesu.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51263
x-xss-protection: 0
server: cafe
etag: 750359365059800117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 11:54:42 GMT

GET
H/1.1 403
Forbidden invoke.js
midgerelativelyhoax.com/63d295cbab94962b1edd26b34e3635dc/ 0
0 15ms
14ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://midgerelativelyhoax.com/63d295cbab94962b1edd26b34e3635dc/invoke.js
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://apk.ryzendesu.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 03 Jan 2024 11:54:42 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 index.c28a9f9cf58c0cfb74b1.css
discord.com/assets/ Frame C87C 125 KB
17 KB 25ms
24ms Stylesheet
text/css 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Requested by

Host: discord.com
URL: https://discord.com/widget?id=1151809131427151963&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://discord.com/widget?id=1151809131427151963&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Sep 2023 21:57:40 GMT
server: cloudflare
etag: W/"a3d977528c57cccef14644b54c0a22ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pvij3EUq59Psnc19pP8tp%2FGu1PxDlMLDxTQCoARYaDLvw1yySvBeWIbPV6DdRM5T3r5IwuvycxIaEoF695XTxZYyVF06CtHrCNZGc2xRaJ7uCqVrTVluHXelzZML"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 83fb0c6fecbe43e0-EWR

GET
H2 200 050107a671106733d869.js Show response
discord.com/assets/ Frame C87C 3 MB
706 KB 18ms
18ms Script
application/javascript 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/050107a671106733d869.js

Requested by

Host: discord.com
URL: https://discord.com/widget?id=1151809131427151963&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://discord.com/widget?id=1151809131427151963&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Oct 2023 22:45:15 GMT
server: cloudflare
etag: W/"6a4492248e70f6469195aa9c94db47ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYSOcukr%2BUE2JdgsyUYVuhq%2FHJWnA7Hw%2BuJcSyIaebr4Ze8B53y4vBJ81gev029OQNUXsX9vCAP74HG3QAaeiNvg%2BKjtJGmnoSsKTnMsV793LwDvSMZyA05TLEJX"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 83fb0c6fecc043e0-EWR

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 135ms
99ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 5399571436788735572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 11:54:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8518 9 KB
4 KB 63ms
11ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 18:52:32 GMT
etag: 5585625838579639069
expires: Tue, 16 Jan 2024 18:52:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 widget.json Show response
discord.com/api/guilds/1151809131427151963/ Frame C87C 2 KB
2 KB 94ms
94ms XHR
application/json 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/api/guilds/1151809131427151963/widget.json

Requested by

Host: discord.com
URL: https://discord.com/assets/050107a671106733d869.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb7ca430453e3d38ea1d37fa6de1f0c517d3fc5f6cb60cf79f1f400ea477ecc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://discord.com/widget?id=1151809131427151963&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Jan 2024 11:54:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJxMDKFilWXIqp1c8mIQQBo%2FSBKB2xICrHYks%2FmP88wzJUJT08s%2Fa57oqhIyWkLNIycF2aIf%2BixqFt1rAGNBj%2Be8fUFv7w2GQ3tttTs1XUM0WRgQo51uTnJQwbGu"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=300
cf-ray: 83fb0c71aaccc34a-EWR
expires: Wed, 03 Jan 2024 11:59:42 GMT

GET
H3 200 8f20d57d7d0ea34489dcdd432437f71c.svg
discord.com/assets/ Frame C87C 5 KB
3 KB 21ms
21ms Image
image/svg+xml 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com/assets/8f20d57d7d0ea34489dcdd432437f71c.svg

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 18:28:00 GMT
server: cloudflare
etag: W/"8f20d57d7d0ea34489dcdd432437f71c"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEcdp32enpd6OeebM0zc6cY4%2F0Yt22agjdmmv9vS%2FbXXUCgk9Nl7nzvF8bE82IjdJEjiPMWwHVJGIljpUx3yzJT35BWVQIIsgED254jVH%2Bwfr6FIQAc3X09yTqIj"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 83fb0c71bae5c34a-EWR

GET
H3 200 ff5eccde83f118cea0224ebbb9dc3179.woff2
discord.com/assets/ Frame C87C 39 KB
39 KB 24ms
23ms Font
font/woff2 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/ff5eccde83f118cea0224ebbb9dc3179.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39724
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "ff5eccde83f118cea0224ebbb9dc3179"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMGfeV0dyTtOVKZp%2FS1cNXP1jxzdjaCYXABeFNG%2FhFVBKy%2FVPF23l%2FzlPMC6RVsHJyjJ4m%2Bq0xXMp5tA4dOy8aDcniaXdcy6ghUGyYh1h81kX%2BB%2BwQOBud8FOgyh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 83fb0c71cae7c34a-EWR

GET
H3 200 3d6549bf2f38372c054eafb93fa358a9.woff2
discord.com/assets/ Frame C87C 37 KB
38 KB 22ms
21ms Font
font/woff2 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/3d6549bf2f38372c054eafb93fa358a9.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 38156
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "3d6549bf2f38372c054eafb93fa358a9"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbE7OeeUTHHkv0vzXrPTCznG%2BGxjcdM8L%2FrJ79wQvXWep5EP9uquyQMIgx%2B12Z80J%2FU4Hcgtx1hD54hJ816GpGsT7kFBkIUqqS%2BVb2qIsaZzeWbfBFJH9VJVkCfY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 83fb0c71cae9c34a-EWR

GET
H3 200 7f63813838e283aea62f1a68ef1732c2.woff2
discord.com/assets/ Frame C87C 39 KB
39 KB 29ms
28ms Font
font/woff2 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/7f63813838e283aea62f1a68ef1732c2.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39424
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "7f63813838e283aea62f1a68ef1732c2"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1TRte2yagtw%2F%2BmESqC4kvQCZR%2F00eQNdeMudPX2zNHba8swv51eRI6k6evBTwnp8cz8bfol9j1LLWsKVSFS%2BUFEbETKraYMhqPryFnm0%2FYuJUhceLGBw5LallRY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 83fb0c71caeac34a-EWR

GET
H3

200

main.js Show response
discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 6882
Redirect Chain

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

9ms
9ms

Script
application/javascript

162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036ad5bd6c295125cb911f39830d853375d9aeaab097274dfd96562cf6a1b1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFTVlHiy2FxvlQ2q%2BFNOJudtGjAqyu6IMgwdQfbLIVeklyO32mVIofGaSbiXGpm4Erp19SfaGWkpqVSz%2B0dAojqtGprYWGPQTT8Yg4cwR0GDAwhI31YralYjOc7A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83fb0c72bb77c34a-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Jan 2024 11:54:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jrrqv294rqVJwuzZ8axgpDFqDsjWw72WHzjdTUeASwQ0CiQnPwJeD5ANeD8K2%2B8GzENXASwy1O0Ulirm84Eeu%2BnvUVTEk%2FrkPWty%2BxbD1BZsF%2Boz%2FxUbOCBEv12Q"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83fb0c725b33c34a-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 -BR7z921-URz11wdTlZi6JUkJp6i3ddliC2bCQw7Cc7Em_qbJaEDVfmt1GVn8cdchHOielxqRRktm_aCupDzOZxZfqKrH7nPW03TUP3rsLHVcjYItwL84iuSOnSOcJ5Rik8WP1L0k-VIiQ
cdn.discordapp.com/widget-avatars/SKZ3HlIdhOcVhJ4YkJjOd6ALTZyO5TS5DjzdvJyABgg/ Frame C87C 19 KB
20 KB 84ms
40ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/SKZ3HlIdhOcVhJ4YkJjOd6ALTZyO5TS5DjzdvJyABgg/-BR7z921-URz11wdTlZi6JUkJp6i3ddliC2bCQw7Cc7Em_qbJaEDVfmt1GVn8cdchHOielxqRRktm_aCupDzOZxZfqKrH7nPW03TUP3rsLHVcjYItwL84iuSOnSOcJ5Rik8WP1L0k-VIiQ
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c2e7e41e71728c456183504e923e677964f40b35bc7e736543027604bf5dd8

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11922
alt-svc: h3=":443"; ma=86400
content-length: 19946
last-modified: Thu, 29 Jun 2023 14:16:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jy2JS47j2BQoD8LJKvE3wsL1g50Dq55OEZLWH1fB%2B6E4gcNYGKLBXGS4G1iZMWu8hDRKHPAkTi8bX08DiqBUw2Js3rz1w6n%2FECNXNXBKoX9Ee5ewcUxFM0u7BMfYcgSyw1eOXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83fb0c72ad53423b-EWR
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 02 Jan 2025 11:54:43 GMT

GET
H2 200 NpJdC4Pk9dDXgWY_prkrzRQFNZbaWTTOOQgN1-DFXR13e1nQ44v3gaxZXac-a-PkPKU7bl5QdS0AG48FfyXzeFV6EPBIVrXsLQoSjMhK-oupopGNHdHGBulSqz43E6s6xpRWlM3E_e8MfA
cdn.discordapp.com/widget-avatars/7i_zPzgKwCx115YE9YcY7c3WRbkFEDYLmUa-FwqlTAA/ Frame C87C 18 KB
19 KB 106ms
63ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/7i_zPzgKwCx115YE9YcY7c3WRbkFEDYLmUa-FwqlTAA/NpJdC4Pk9dDXgWY_prkrzRQFNZbaWTTOOQgN1-DFXR13e1nQ44v3gaxZXac-a-PkPKU7bl5QdS0AG48FfyXzeFV6EPBIVrXsLQoSjMhK-oupopGNHdHGBulSqz43E6s6xpRWlM3E_e8MfA
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d518ec033e5040d55e5a2ac48ddd0316e061685027f21f8d8724857d9f7d52

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18565
last-modified: Thu, 28 Dec 2023 14:00:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLfi2zad%2BjrE1DSN%2BjnYXHuRw1H34ehQzxqK%2FPes6tCcoIRzPc6QYoXJRQ%2BDo6b5XgPoHoP4I5u9fOplWlFA0fi8uaxoVMyPVe8zeS5qG8o9hjOorp92fW5441OGA0DirGKuKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83fb0c72ad52423b-EWR
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 02 Jan 2025 11:54:43 GMT

GET
H2 200 Q10kcQLAE-0oZQUSb58bKsgCeZizjhSf-OfSUqo97heg1AFMIAQp4eVXL-aX1LSDt34OZOx_rnoGMXBS3io9WdiONM6fWMjmalC-NHMHt4TK3v9sWbYRZCrwuRMeKDUfwKyVFCm0AA3xYg
cdn.discordapp.com/widget-avatars/i23awV1YpKLs6fTZ5DDbKU-gv7_XtH14YLsw27I8umg/ Frame C87C 28 KB
28 KB 71ms
28ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/i23awV1YpKLs6fTZ5DDbKU-gv7_XtH14YLsw27I8umg/Q10kcQLAE-0oZQUSb58bKsgCeZizjhSf-OfSUqo97heg1AFMIAQp4eVXL-aX1LSDt34OZOx_rnoGMXBS3io9WdiONM6fWMjmalC-NHMHt4TK3v9sWbYRZCrwuRMeKDUfwKyVFCm0AA3xYg
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23f558ce94c372762f2d6c22748c0b0f696b72869b05f1714a02608acbe6614

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11922
alt-svc: h3=":443"; ma=86400
content-length: 28205
last-modified: Thu, 25 Aug 2022 08:29:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8KUy2ZgDjcqAz3m%2BOEzSTCzSxN3B1Nn3CEEGH%2F1Zl4GvCp7Q7m5UGgLmoNadQ7yTIVCxYkZVQAcEUzYPPLjERpao9NDLezYOKaGZlNi8geQm16adYnbo4FThVyPItR%2FaWBLFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83fb0c72ad55423b-EWR
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 02 Jan 2025 11:54:43 GMT

GET
H2 200 etVsMele-PAsmuDe86F6ZRLkABeKP1OFc0YoVDnz519TVwCeAn9oau7mHwq86xc4ieU2hrpKOUSv0xAW8WWEqJdR__nW25vFk22PwfjfB9-N_kyQI6u-XheeBS2rRqucSjPA_-HBfau2jQ
cdn.discordapp.com/widget-avatars/PREE-fnRTPxTbfnynO7nIv8sQ5_WIcvgkrbVadWAqkA/ Frame C87C 2 KB
2 KB 72ms
29ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/PREE-fnRTPxTbfnynO7nIv8sQ5_WIcvgkrbVadWAqkA/etVsMele-PAsmuDe86F6ZRLkABeKP1OFc0YoVDnz519TVwCeAn9oau7mHwq86xc4ieU2hrpKOUSv0xAW8WWEqJdR__nW25vFk22PwfjfB9-N_kyQI6u-XheeBS2rRqucSjPA_-HBfau2jQ
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42685cb80fb2c3c1658a55ca7a32a0272aac5d4813f2a8f953a96956e7a3d9e5

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 621718
alt-svc: h3=":443"; ma=86400
content-length: 1959
last-modified: Fri, 05 Oct 2018 18:44:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0skVhKlwooXUds%2BLkAy%2BC4XB5bbL5OB6CEgTEBhwsbMRwqKw2azYNq6iZhtGC4xoWtQjyql5sftcyts8Df0OUXARmg3GnNwQDR74JVd4%2BJG%2F50ErvEuc3bAVHmuJA%2F2ipsyrew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83fb0c72ad56423b-EWR
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 02 Jan 2025 11:54:43 GMT

GET
H2 200 r1fUhbnsdy6CyfNHwZscTgW7Hsz2vLFcz5y0Dc-dku5sjVYK_WMG065PEXA-RJOdLHyJcOGH4j1D7DJKhknAptjrnRzY0Yc574ttcEUb2nINJTEbVuI1IbHz4zrVpz-zOiOaCaQm_aaxAA
cdn.discordapp.com/widget-avatars/C8Tb1xVVvma8D1DeXVIBvDLz8VBM64qUPv0CQsC_eWc/ Frame C87C 10 KB
11 KB 78ms
35ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/C8Tb1xVVvma8D1DeXVIBvDLz8VBM64qUPv0CQsC_eWc/r1fUhbnsdy6CyfNHwZscTgW7Hsz2vLFcz5y0Dc-dku5sjVYK_WMG065PEXA-RJOdLHyJcOGH4j1D7DJKhknAptjrnRzY0Yc574ttcEUb2nINJTEbVuI1IbHz4zrVpz-zOiOaCaQm_aaxAA
Requested by: Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb890ef1d6515a4b6f2c39c5e48ad8447563109c0c8fecfd2a0d9c0212a7690

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627282
alt-svc: h3=":443"; ma=86400
content-length: 10256
last-modified: Fri, 12 Nov 2021 16:21:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Brjkip1XOXJgmfPdZJzSma60A7lbzr4URKpdrT8E9vRc2kJT4SGNwYSiBgYe0YbOv0yCowHPwPSGzxrawqBZYXUm%2FLvOK%2BXyClVBw6G04dsQ9IjPfUNIuR%2BjXUftmtQQTcdnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83fb0c72ad58423b-EWR
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 02 Jan 2025 11:54:43 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B3B 603 B
245 B 47ms
46ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-xxx&output=html&adk=3953984709&adf=2873229911&lmt=1704267553&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapk.ryzendesu.vip%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704282882623&bpp=4&bdt=567&idt=327&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1865560281248&frm=20&pv=2&ga_vid=1699939180.1704282883&ga_sid=1704282883&ga_hid=3951076&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3958818115574515&tmod=1969097608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=363

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 11:54:43 GMT
expires: Wed, 03 Jan 2024 11:54:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 83fb0c6fbca143e0 Show response
discord.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6882 0
572 B 25ms
24ms XHR
text/plain 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/cdn-cgi/challenge-platform/h/g/jsd/r/83fb0c6fbca143e0

Requested by

Host: discord.com
URL: https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v3nJ3E5j6v45I%2BkENAYPqYnUoNWNZYnwuTR0evS66IIn9aNo4vgl6qZYPwiFkO9An3FQMyzNs%2Fz9IccdEsAlZMDN58zE2pJqE3udbCEHAcrYLBH%2F8JJHgmBvqfi"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83fb0c743c58c34a-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eec87d519dc402fe59a421aaeb2421288a9bacb4b02c2a4821cdeb257593da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12202
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
49ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 11:54:43 GMT

GET
H2 200 Spotify_App_Logo.svg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS9cp4zwzCyuvZLy80sjCj5pZLck-uhKXzqLeyefUPe7k8KjL1qevCmA6OgK5I08plgrQckdLMB6-FT85R_zlrVrtu39F22g58UA9T-Arnlg_qV0Fuo2bg2PigpR0qBIsIHg-WKuhSxBFW8c47... 70 KB
71 KB 179ms
177ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS9cp4zwzCyuvZLy80sjCj5pZLck-uhKXzqLeyefUPe7k8KjL1qevCmA6OgK5I08plgrQckdLMB6-FT85R_zlrVrtu39F22g58UA9T-Arnlg_qV0Fuo2bg2PigpR0qBIsIHg-WKuhSxBFW8c47viKTCCxAm5vhDJMp8cHXgVRVb6WXu_ixfhZubJQCIk4/w600-h600-p-k-no-nu-rw-e30/Spotify_App_Logo.svg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86f36c838e64f70576e9a40be7cbfd3de2cef108e3cd8904d23ee3c0df174cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v426e"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="Spotify_App_Logo.svg.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72026
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:43 GMT

GET
H2 200 microG.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRi0jg0mPUGvfdPQpvlL1Lu9YpNDMDpCdgzafKC1CFRtztxBGWEv9a_lyJ6ipZEAaX7u56mQKxDrsW6c8fQSSWxAG5KmkE5D22PKDd7uKkUwOftTI2uCI1oOQBX3ukZV9MG9nsd4Nkdqn9waSr... 11 KB
11 KB 193ms
193ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRi0jg0mPUGvfdPQpvlL1Lu9YpNDMDpCdgzafKC1CFRtztxBGWEv9a_lyJ6ipZEAaX7u56mQKxDrsW6c8fQSSWxAG5KmkE5D22PKDd7uKkUwOftTI2uCI1oOQBX3ukZV9MG9nsd4Nkdqn9waSrjNdc7j6Fyk9S4a3mcA5LbX4iw1oDIUfVLA54DXUq0T4/w600-h600-p-k-no-nu-rw-e30/microG.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f4ba2150e1d12556b88980692235ee35c6d2f672f70f3d0bcda0e960918ae39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v4268"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="microG.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11334
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:43 GMT

GET
H2 200 101597779.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhg1tvZomKEvg1ifoNfaG3HFYGgix2AGpRIC-5XPr0S2XiahwLXuQ7jwjKX6a0hkJjJ0yvZS1Zvrp_ThGfDfT09zAdd8RadLYULvLEDWPwoMqSAOp5GQoy6qXKDhCQNc7srQT7jN-OC-qIexqtr... 6 KB
6 KB 279ms
278ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhg1tvZomKEvg1ifoNfaG3HFYGgix2AGpRIC-5XPr0S2XiahwLXuQ7jwjKX6a0hkJjJ0yvZS1Zvrp_ThGfDfT09zAdd8RadLYULvLEDWPwoMqSAOp5GQoy6qXKDhCQNc7srQT7jN-OC-qIexqtr7A4ndnw4i-GT7FLBDp52HcO46npwjAZmYVQ-fIug5Hw/w600-h600-p-k-no-nu-rw-e30/101597779.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80761643cb67da983f97bc5290a191b4b7ce1084f8cde657aa491ed6a18904a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v425f"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="101597779.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5676
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:43 GMT

GET
H2 200 a1f699085dec07370abd7ca37e8eaa5a.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC6dnRNV3YPGUebyumLA_JOjmFpajGs9F0gaWEKl6C198SakTmS3xHioTVuZu6zsREg1abYTzphVVmqwoois-cl8h-hgWk9rKf-myptrY3o4mJ4eMOGLcgWYOJcoJ-1p8aVrk1PaDSVEk1L38y... 1 KB
1 KB 476ms
476ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC6dnRNV3YPGUebyumLA_JOjmFpajGs9F0gaWEKl6C198SakTmS3xHioTVuZu6zsREg1abYTzphVVmqwoois-cl8h-hgWk9rKf-myptrY3o4mJ4eMOGLcgWYOJcoJ-1p8aVrk1PaDSVEk1L38ycm48Y9GoKxy0uAMUXgbZmqajKVY/w60-rw-e30/a1f699085dec07370abd7ca37e8eaa5a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7056b515b3b8f3754d52c66b9b817bd0e018479672e9f170f80a2593507cdf51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v213d"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="a1f699085dec07370abd7ca37e8eaa5a.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 43D4 13 KB
5 KB 13ms
11ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk.ryzendesu.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 144568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 19:45:15 GMT
expires: Tue, 31 Dec 2024 19:45:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81A9 829 B
1 KB 83ms
39ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e31795dbfbd378b423ef834be2269b8341d673258fcf7c807cdfb93d9846baf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aNxW0XUh3Ka8HRbdWnMXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apk.ryzendesu.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aNxW0XUh3Ka8HRbdWnMXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 11:54:43 GMT
expires: Wed, 03 Jan 2024 11:54:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 App Show response
apk.ryzendesu.vip/feeds/posts/default/-/ 28 KB
5 KB 242ms
241ms XHR
application/json 2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apk.ryzendesu.vip/feeds/posts/default/-/App?alt=json&orderby=published&max-results=6

Requested by

Host: apk.ryzendesu.vip
URL: https://apk.ryzendesu.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

a394280a86e604411ed21c7cc683a70cc7dc4e42bc88b64ec7267bb3d43d7f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 07:39:13 GMT
server: blogger-renderd
etag: W/"527c2223f7ae2853bf6c42412af5ea9e2e1f92b87db8b17d2ed292d1a3184d66"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 4681
x-xss-protection: 0
expires: Wed, 03 Jan 2024 11:54:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 43D4 39 KB
15 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 14:15:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81A9 0
0 74ms
73ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3958818115574515&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Spotify_App_Logo.svg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS9cp4zwzCyuvZLy80sjCj5pZLck-uhKXzqLeyefUPe7k8KjL1qevCmA6OgK5I08plgrQckdLMB6-FT85R_zlrVrtu39F22g58UA9T-Arnlg_qV0Fuo2bg2PigpR0qBIsIHg-WKuhSxBFW8c47... 70 KB
70 KB 385ms
384ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86f36c838e64f70576e9a40be7cbfd3de2cef108e3cd8904d23ee3c0df174cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v426e"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="Spotify_App_Logo.svg.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72026
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:44 GMT

GET
H3 200 microG.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRi0jg0mPUGvfdPQpvlL1Lu9YpNDMDpCdgzafKC1CFRtztxBGWEv9a_lyJ6ipZEAaX7u56mQKxDrsW6c8fQSSWxAG5KmkE5D22PKDd7uKkUwOftTI2uCI1oOQBX3ukZV9MG9nsd4Nkdqn9waSr... 43 KB
43 KB 222ms
221ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8407b9c4a9fde67bf6bdcec6f087f1e8b8f76270013e7dd5b9be0b372ab803c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v4268"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="microG.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43892
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:43 GMT

GET
H3 200 101597779.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhg1tvZomKEvg1ifoNfaG3HFYGgix2AGpRIC-5XPr0S2XiahwLXuQ7jwjKX6a0hkJjJ0yvZS1Zvrp_ThGfDfT09zAdd8RadLYULvLEDWPwoMqSAOp5GQoy6qXKDhCQNc7srQT7jN-OC-qIexqtr... 6 KB
6 KB 468ms
467ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80761643cb67da983f97bc5290a191b4b7ce1084f8cde657aa491ed6a18904a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v425f"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=2592000, no-transform
content-disposition: inline;filename="101597779.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5676
x-xss-protection: 0
expires: Fri, 02 Feb 2024 11:54:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 43D4 0
10 B 12ms
12ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_DboIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:54:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3958818115574515&bg=!ICOlI2zNAAY3kmNgF5I7ADQBe5WfOGAn0SEzO7SRR6Gqr6kvvOZwh794feQXUs6yzTgSFiIhJb7wraCRPA05jQS_OjGcAgAAAI1SAAAABGgBB5kC7DBJw3f7qFOKEJGLku9crA6VPEJw_qXIlA5oAWL92u9qkwGA2kCIJNOjfR8zV9xjtBjU5YYCNkUbmRvQMMBBwMe3YwQtZ2L_XiVGRShk73P3QohM2TkCHEqQYMpksbvlGUH28aQtBp6rgdZIhqL_SdMNdFye4t9ZwmW5ViYd-A3CpeEri8aS3By08cP0IuYcB2DF0kcvoWc_HC_N7RLpR1euwd062jEw5ExBzxU1JsZjGliQaQwhzp3fGi0LkKPtqCoSjfXXIYFeoYj2xsJdeV8lOe-zhuYiN8bCs-IyCwxg1sIQgCWXIgGFOPDGgLfSNCjN0k3I5y9LA1YJEd3yxrOzkCvxmoXYRBDnKZtcdAlpm3Yl6qFDGZ6KAcjrlV5TaRhKjn80fFmTK35UEXOONACICJ_9IVnlkSu7zxUpQcGSCMXe6yzjOwdJ6N7iDKagl5UJukBWSqQfOjT-JmDrNyZiFfc8rGTCdaxrIJSnd-nWPALS3jWBq-nVkhdi06cl1fmYtoYt9sAqvTLs4NdOA2D3AzCE8QL4xzm2iq4_DP8bmDinDJopAPiLge1Vm_9WFhNiyObJ3Og_pbfuMYIETTlPRB4r2MLRZx9zcydwgxgvsjM1uoouai71rvhSNKBelQZaD7getkgGdsmM-ACAD9E3XbN6SM0fVh7Ibh2DiZ32m3KFFXh0mhoMhoV6g-7x1spo7u7HQjHKl_IqaqsjCfy6ljeLtsHQeA9DdAOmAiUJxU1QR2yVSAySInQuMPvxdwZeH_9gmb_HqV_SXugua31kRArKA8Sgb6MtbqbKhQvhaREWsgZISkKW8WVi3wEUrAVdhq6UA7ONq96rSG_IaEaPLWyloCCUTBRUBxtSq2cOTE8iqqWMkfj5n1aJ0rOb6_SDxrwRLo3lx9st4rhrGqLke4PKNrzz5WWGUCq6O2H2gUphGrZGbtV4sBLpdzTTLllVdOTS5wqKdHOqK_9ffkZtU9jiHbncqUTgubA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apk.ryzendesu.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: 21f2909c10685c08a8cfbe559808ee233877a186-1704282882
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Hs5P4__6d3e4odU6ybDDHocjFpBCJrsrGkSJWFpLoCE-1704282882536-0-604800000
.doubleclick.net/	1970-01-20 17:24:43	Name: test_cookie Value: CheckForPermission
.discord.com/	1970-01-21 02:10:18	Name: cf_clearance Value: irqe3BEI.xUlHtQgc5aE3vxvI.E41eYWkdsUyYAMM7Q-1704282883-0-2-9e34c733.a4409ada.857793d0-0.2.1704282883

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 763) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 763) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 832) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 832) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 1037) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 1037) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://midgerelativelyhoax.com/f7e71e4ce6ee545461d0bd5b545fef07/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 1183) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/63d295cbab94962b1edd26b34e3635dc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://apk.ryzendesu.vip/(Line 1183) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://midgerelativelyhoax.com/63d295cbab94962b1edd26b34e3635dc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://midgerelativelyhoax.com/63d295cbab94962b1edd26b34e3635dc/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apk.ryzendesu.vip
blogger.googleusercontent.com
cdn.discordapp.com
discord.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
midgerelativelyhoax.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
162.159.128.233
162.159.134.233
173.233.137.60
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:804::2013
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
036ad5bd6c295125cb911f39830d853375d9aeaab097274dfd96562cf6a1b1c1
05d518ec033e5040d55e5a2ac48ddd0316e061685027f21f8d8724857d9f7d52
05f272a883c36c9c4cc6106876fb1abf1aba166d48f323fe5c9be9a11a575b3f
0eb7ca430453e3d38ea1d37fa6de1f0c517d3fc5f6cb60cf79f1f400ea477ecc
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc
1ac9caa59450894552d35ffc309351ea38abd142a933c4eef84850bb81af140b
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6
42685cb80fb2c3c1658a55ca7a32a0272aac5d4813f2a8f953a96956e7a3d9e5
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b489097ac3240e864bfda9f6228c761ba5a603f35f175346c5bf12b29c4818
5bb890ef1d6515a4b6f2c39c5e48ad8447563109c0c8fecfd2a0d9c0212a7690
5e31795dbfbd378b423ef834be2269b8341d673258fcf7c807cdfb93d9846baf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c2e7e41e71728c456183504e923e677964f40b35bc7e736543027604bf5dd8
6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69
6f4ba2150e1d12556b88980692235ee35c6d2f672f70f3d0bcda0e960918ae39
7056b515b3b8f3754d52c66b9b817bd0e018479672e9f170f80a2593507cdf51
80761643cb67da983f97bc5290a191b4b7ce1084f8cde657aa491ed6a18904a9
86f36c838e64f70576e9a40be7cbfd3de2cef108e3cd8904d23ee3c0df174cc1
87ef20f23e47e3f65f350e2e7358e64dc6511551fbaadef5779ea6d752893f84
8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104
8eec87d519dc402fe59a421aaeb2421288a9bacb4b02c2a4821cdeb257593da7
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
a394280a86e604411ed21c7cc683a70cc7dc4e42bc88b64ec7267bb3d43d7f56
c8407b9c4a9fde67bf6bdcec6f087f1e8b8f76270013e7dd5b9be0b372ab803c
d42d50419a11e8aa5cf8f3519ba132b77186c6e26759aa939fdd080c21d24e04
d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831
e23f558ce94c372762f2d6c22748c0b0f696b72869b05f1714a02608acbe6614
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb02ab861ce45bb065c2155344c9d17cc0ea79a380ea108df90c50bc3e512eb

apk.ryzendesu.vip Open in urlscan Pro 2607:f8b0:4020:804::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

73 %IPv6

9 Domains

11 Subdomains

12 IPs

3 Countries

1484 kBTransfer

4357 kBSize

4 Cookies

12 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

apk.ryzendesu.vip Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1484 kB
Transfer

4357 kB
Size

4
Cookies

44 HTTP transactions
3 data transactions