l.riftv.net Open in urlscan Pro
109.234.162.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zizouit.com/r.php?v=dD1jJmQ9MTI5NTkmbD03MjgyJmM9NDU1NzQ3
Effective URL:
http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Submission: On June 12 via api (June 12th 2021, 9:21:33 am UTC) from BE

Summary HTTP 114 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 16 domains to perform 114 HTTP transactions. The main IP is 109.234.162.107, located in France and belongs to O2SWITCH, FR. The main domain is l.riftv.net.

This is the only time l.riftv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	139.99.133.160 139.99.133.160	16276 (OVH) (OVH)
2 15	109.234.162.107 109.234.162.107	50474 (O2SWITCH) (O2SWITCH)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	54.39.20.207 54.39.20.207	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
14	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
114	29

1 139.99.133.160 (Sydney, Australia) 1 redirects

ASN16276 (OVH, FR)
PTR: vps-2a0a7142.vps.ovh.ca

zizouit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 109.234.162.107 (France) 2 redirects

ASN50474 (O2SWITCH, FR)
PTR: dinde.o2switch.net

l.riftv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.20.207 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: edge02.devgrid.net

api.miniature.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	276 KB
19	google.com 2 redirects cse.google.com www.google.com fundingchoicesmessages.google.com clients1.google.com adservice.google.com	254 KB
16	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	58 KB
15	riftv.net 2 redirects l.riftv.net	116 KB
14	criteo.net static.criteo.net static.eu.criteo.net pix.eu.criteo.net csm.eu.criteo.net	172 KB
9	cloudflare.com cdnjs.cloudflare.com	35 KB
4	googletagservices.com www.googletagservices.com	139 KB
3	criteo.com rtb.nl.eu.criteo.com ads.eu.criteo.com cat.nl.eu.criteo.com	46 KB
2	google.de adservice.google.de www.google.de	272 B
2	googleapis.com www.googleapis.com fonts.googleapis.com	505 B
2	google-analytics.com www.google-analytics.com	19 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	googleadservices.com partner.googleadservices.com	256 B
1	miniature.io api.miniature.io	86 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	zizouit.com 1 redirects zizouit.com	348 B
114	16

	Domain	Requested by
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	l.riftv.net	2 redirects l.riftv.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	l.riftv.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.google.com	2 redirects cse.google.com www.google.com l.riftv.net tpc.googlesyndication.com
9	cdnjs.cloudflare.com	l.riftv.net ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	pix.eu.criteo.net	ads.eu.criteo.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	l.riftv.net www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	static.eu.criteo.net	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.de	l.riftv.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	l.riftv.net
1	www.googleapis.com	l.riftv.net
1	api.miniature.io	l.riftv.net
1	www.googletagmanager.com	l.riftv.net
1	zizouit.com	1 redirects
114	29

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
l.riftv.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
miniature.io R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-08` - `2021-09-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-08` - `2021-09-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-17` - `2021-07-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Frame ID: 796F21C2847CD7E260C9A45B7F34D370
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 2997DA5105470B06AF35A78DF38AA202
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623489675&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&ea=0&flash=0&pra=5&wgl=1&dt=1623489675068&bpp=129&bdt=245&idt=44&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2274582933156&frm=20&pv=2&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: F7498C4BAB160F4B478F840BE79036DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193
Frame ID: 78A6A6049D2A866322B8BAA0E6D13C6D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197
Frame ID: DB27FEBC418B980FB9B086C8E2467B47
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200
Frame ID: D63CFEC691C705F0CC9B3C1A31121AD5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=4&bdt=245&idt=136&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5SpGVJjLsf&p=http%3A//l.riftv.net&dtd=203
Frame ID: 44F654F9890A3F121953E30821C058DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 112E33AF7E991D9B7BBF1B6CF6C5B3DB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 89587CB942FB3BCE95F08F1215E78AD1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Frame ID: 4E6311ECB620A062CF4A1137A75B4787
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js
Frame ID: 5C75B82AEC56B57FB8E0C6419660A413
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Frame ID: EF941AB1AF0C9E37D93EB39B5607E106
Requests: 18 HTTP requests in this frame

Frame: https://static.eu.criteo.net/empty.html
Frame ID: 552C5A1936F7EA2C195339F49306B3FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 8645D321C614D42EC6BC3F43D203D8EA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9239A59FB0B084C39A94106F2D90F738
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zizouit.com/r.php?v=dD1jJmQ9MTI5NTkmbD03MjgyJmM9NDU1NzQ3 HTTP 302
https://l.riftv.net/KcOhP?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747 HTTP 301
http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

114
Requests

94 %
HTTPS

72 %
IPv6

16
Domains

29
Subdomains

29
IPs

6
Countries

1248 kB
Transfer

3036 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zizouit.com/r.php?v=dD1jJmQ9MTI5NTkmbD03MjgyJmM9NDU1NzQ3 HTTP 302
https://l.riftv.net/KcOhP?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747 HTTP 301
http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1

Request Chain 10

http://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

Request Chain 11

http://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

Request Chain 13

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

Request Chain 14

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

Request Chain 16

http://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

Request Chain 22

https://l.riftv.net/rCAGL/i HTTP 302
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

114 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set rCAGL Show response
l.riftv.net/
Redirect Chain

http://zizouit.com/r.php?v=dD1jJmQ9MTI5NTkmbD03MjgyJmM9NDU1NzQ3
https://l.riftv.net/KcOhP?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

12 KB
4 KB

144ms
127ms

Document
text/html

109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: HTTP/1.1
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 / PHP/7.4.20
Resource Hash: 5abeccadd85d2b0f6f671e4a62b18d943dff93a9700e3cd20599164c81c60979

Request headers

Host: l.riftv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=7a33a796392dbec7ab25c2ccdc1473f8; short_KcOhP=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 09:21:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.20
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: short_rCAGL=1; expires=Sat, 12-Jun-2021 09:51:16 GMT; Max-Age=1800; path=/; HttpOnly
Server: o2switch-PowerBoost-v3
Content-Encoding: gzip

Redirect headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
x-powered-by: PHP/7.4.20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7a33a796392dbec7ab25c2ccdc1473f8; path=/ short_KcOhP=1; expires=Sat, 12-Jun-2021 09:51:16 GMT; Max-Age=1800; path=/; HttpOnly
server: o2switch-PowerBoost-v3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 38ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d45210c94f35daaa1999be70652b41de8d934bfdb626ac6a09cfe6bd275ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48388
x-xss-protection: 0
server: cafe
etag: 352979060397452839
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 09:21:14 GMT

GET
H2 200 bootstrap.min.css
l.riftv.net/static/css/ 89 KB
14 KB 120ms
112ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/css/bootstrap.min.css
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: fa9a3880a0d54a4bd990e2f63278be581b068336f34a39863e47ba65774d82d7

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
l.riftv.net/themes/cleanex/ 87 KB
13 KB 122ms
114ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/themes/cleanex/style.css
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: fff5f15db7a6346794d255fa1e22caa0090efa107f34215e36cf5a7d986f776f

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 components.min.css
l.riftv.net/static/css/ 19 KB
2 KB 122ms
114ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/css/components.min.css
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 fa-all.min.css
l.riftv.net/static/css/ 56 KB
12 KB 125ms
118ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/css/fa-all.min.css
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
l.riftv.net/static/js/ 82 KB
28 KB 164ms
157ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/js/jquery.min.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 05a8a5125b36da55ff02702436ee672fa3ddd45ccebd499a8fbff0461c8cba10

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
l.riftv.net/static/ 3 KB
1 KB 167ms
160ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/bootstrap.min.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 application.fn.js Show response
l.riftv.net/static/ 4 KB
1 KB 167ms
161ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/application.fn.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: fc6c45fb43f51dfc76b7770b2e751e3400575327793dcd1eb257373af7857627

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2

200

blockadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1

5 KB
2 KB

19ms
17ms

Script
application/javascript

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4798857
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1309
cf-request-id: 0aa11f965e00004eb6cc9c5000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NxhPXYKmpnCQEwAJTY4gLAbGcTejSqNcyX6F2R7MXeRpmZwWt3VPozvYfZOGT3tUtNRUOgB%2FFtaDS3y1o687idaoOlbHcQAne02FbIzlqteyGdn%2FvxES9V0JSVID3ZFATGy1%2B0NtCCB2DTX%2F8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca4c4eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
Non-Authoritative-Reason: HSTS

GET
H2 200 detect.app.js Show response
l.riftv.net/static/ 440 B
370 B 167ms
161ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/detect.app.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 35a7a78646d1367107f41a8e337a96914cdcff35df8d014508a380ab86b4c49d

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2

200

chosen.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

26 KB
6 KB

18ms
16ms

Script
application/javascript

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219371
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5483
cf-request-id: 0aa11f966000004eb6afbcd000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e23-6956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q0wxnIU8yS4y3Pi3NvrQaqb5k4%2BB1OiCcd2kFuojJEUAnvwn65jVdw5LV30MxrxDM6up6HaKecTBZKm5yCdenk%2BUH6T1kUap2e7dvIR8HUmc1pvUGGDaS4BVaUnz97ISCaahw%2FxlolqiIHmoRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca4d4eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Non-Authoritative-Reason: HSTS

GET
H2

200

icheck.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

4 KB
2 KB

15ms
13ms

Script
application/javascript

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2022634
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1911
cf-request-id: 0aa11f965f00004eb6921fb000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-11a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qacV%2BTqT1Tro3YmY4EcSdgza2T2xpK1YKW67%2BtM%2B9Eoap0iHvdBEvpPIiX27r9jsBqcoFkandAG0cSyl683UfcRfcoZiXfRqyErdRqB85eyxHpLkuvkZ8ykfTrIoEK7x5Xjgy9FONI5RHMb%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca4f4eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Non-Authoritative-Reason: HSTS

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 10 KB
3 KB 19ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2022931
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2906
cf-request-id: 0aa11f965e00004eb6d190c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lcZKdG97T0ZoSQJ%2BrpuklTHeRuOkIRmeckHjp9S4P4LaO6eBtKRYH9nG9J5xzC48Uh8rMgfrVtLpmw4%2Fi8mxZlVaK%2BQvET3Tyhrl19k4Ra4OXIiByJS94Y%2Bmv4pfNDGevAcmNJGUv4mMSTnbbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca434eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

GET
H2

200

cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

19 KB
6 KB

15ms
14ms

Script
application/javascript

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2022133
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5676
cf-request-id: 0aa11f965f00004eb6e108d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nBkzqKgtkedv80eCMYyJyvNMzcccFuuv2lEH3apoQ3YCMwbx9YP3o3NDpqMeTNGd5QMHvt5E1tGP80b8mV6fwWxjUuNEVEXYNwz77u7eMcJ1gnrhx3qAJBz93zutpEJbmxlTXtre6B478aeebg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca544eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Non-Authoritative-Reason: HSTS

GET
H2

200

cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

4 KB
1 KB

17ms
16ms

Stylesheet
text/css

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217188
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 948
cf-request-id: 0aa11f965f00004eb6bcad0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hchMulmFKSyXLepz6P2iIFb8D15%2FNCgMezVpHVvUVtqnDQlXEfHZG%2BU48PTMhMImKxR2CEpcHQ1%2BFpatDK8E0A0cJJLUlAGGy%2FoZf5yDEnJMNgD0kaypJlam1k0he9dhW9%2FdoDHdxO%2BQ1xKptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca524eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Non-Authoritative-Reason: HSTS

GET
H2 200 jquery.autocomplete.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 13 KB
4 KB 20ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 211022
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3860
cf-request-id: 0aa11f965e00004eb6ec9de000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-331b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gZCqxTfJaER3CbGxfUr9e4kRVxoaPlX7X2a4GOgV6fkKGFMKPDQNi3tRgjKqF7ibunJ%2Fgg%2FVVMZBx1Gu8NERZxA44kznegqstbVBJW8u04ZH%2FBoyCQvTwXT%2Fsu7ybZluFT7l8HNviwncgi1KYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca494eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

GET
H2

200

pace.js Show response
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

25 KB
5 KB

16ms
15ms

Script
application/javascript

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 738975
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5158
cf-request-id: 0aa11f965f00004eb69c0e6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-621b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dfBopF7snyUTa3549wjZlARyaJl%2FU5iv7G122dblQ70ME43ij%2B%2BNfoTFOOTKWsKI240Ovu0KRLdipwhgHedspaW9Y6bCg8uMabcC2OKXb4DY2aqi%2FX6%2BDEv6qa8SWah6JOpR2%2FK0NozrNhwnVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e20203ca554eb6-FRA
expires: Thu, 02 Jun 2022 09:21:14 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Non-Authoritative-Reason: HSTS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186817945-1

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cf312f9dbbfeb70309f4ceade4de8ded72a826ca6935b0ba9d23b86613bfef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36064
x-xss-protection: 0
last-modified: Sat, 12 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H2 200 application.js Show response
l.riftv.net/static/ 20 KB
5 KB 166ms
162ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/application.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 2433d15cf3fc19f8f5cafb0ac8bfa2a3eea71cea8c41b3e4a7ee84252a33bb1c

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 server.js Show response
l.riftv.net/static/ 12 KB
3 KB 178ms
175ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/static/server.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 7d11e7e384579b55d578f3aec8bf96ba7ab144a1f34e36451556019113bb2b5f

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 auto_site_logo.png
l.riftv.net/content/ 32 KB
32 KB 79ms
78ms Image
image/png 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.riftv.net/content/auto_site_logo.png
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 35f79e2956b19a8822e2f2edbe9eae2c79507dd3f37cbf10d45ba6dd2cbff91d

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
last-modified: Mon, 19 Apr 2021 00:50:09 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 32340
content-type: image/png

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=9e2274aae0c331a16

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3880309a6469717ea0ac619930b9ded06cbf62f795f6fd887b98fec9cd402cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2836
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H2

200

/
api.miniature.io/
Redirect Chain

https://l.riftv.net/rCAGL/i
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1

86 KB
86 KB

223ms
223ms

Image
image/png

54.39.20.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.20.207 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: edge02.devgrid.net
Software: openresty /
Resource Hash: d7c851eb9cd1d95dc6185309c5e5e22bfba134783dda393553242ae0c7ea746e

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-response-type: content
cache-control: max-age=86400
access-control-allow-headers: X-Requested-With

Redirect headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:16 GMT
server: o2switch-PowerBoost-v3
x-powered-by: PHP/7.4.20
content-type: text/html; charset=UTF-8
location: https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 main.js Show response
l.riftv.net/themes/cleanex/assets/js/ 892 B
340 B 65ms
64ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://l.riftv.net/themes/cleanex/assets/js/main.js
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 13de570acd88a220c7ded609d1d89a23bf3799113b60466fed8e8ddf663f70d4

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 10:22:36 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 232 KB
85 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1302099d6a8fa575f4036bb2101cba795169c22d4c674712d7522a3f8e4e331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87488
x-xss-protection: 0
server: cafe
etag: 4971492028454062861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 2997 10 KB
4 KB 6ms
5ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 12 Jun 2021 08:20:10 GMT
expires: Sat, 26 Jun 2021 08:20:10 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 3664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET glyphicons-halflings-regular.woff
l.riftv.net/static/fonts/ 0
0

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 275 KB
90 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92401
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 11:29:21 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 06:04:59 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Jun 2021 09:22:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1358
date: Sat, 12 Jun 2021 08:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 12 Jun 2021 10:58:37 GMT

GET
H2 200 ca-pub-4786732530380180 Show response
fundingchoicesmessages.google.com/i/ 89 KB
33 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4786732530380180?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

210c1cf1b16989a89b6947d5f9b0ff5ff64c2118bf0afae7db66b1fdeedfd6bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XUqE/Nw+cPfo7JC16Z900Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-XUqE/Nw+cPfo7JC16Z900Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-XUqE/Nw+cPfo7JC16Z900Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-XUqE/Nw+cPfo7JC16Z900Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=199163832&t=pageview&_s=1&dl=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&ul=en-us&de=UTF-8&dt=riftvshurtlink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1229061449&gjid=55872388&cid=1023363580.1623489675&tid=UA-186817945-1&_gid=1828278978.1623489675&_r=1&gtm=2ou690&z=2072528884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://l.riftv.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 186 KB
65 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a468e720ccf24b6fc35c4af0138acf35ee109270b7a6110e74ff820971d607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 09:21:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: sffe
X-Content-Type-Options: nosniff
ETag: "12071231439353319562"
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:54:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 16017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Sun, 12 Jun 2022 04:54:18 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:42:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 5922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1512
x-xss-protection: 0
expires: Sun, 12 Jun 2022 07:42:33 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
37 B 6ms
5ms Image
text/plain 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 5ms
5ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 09:21:15 GMT
Content-Length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-186817945-1&cid=1023363580.1623489675&jid=1229061449&gjid=55872388&_gid=1828278978.1623489675&_u=YEBAAUAAAAAAAC~&z=2087528812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 12 Jun 2021 09:21:15 GMT
content-type: text/plain
access-control-allow-origin: http://l.riftv.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET glyphicons-halflings-regular.ttf
l.riftv.net/static/fonts/ 0
0

POST
H3-29 204 AGSKWxXSC11CqY1wFgX4K2ogleXpi5vMcI7Mx-c33Nusd76S0cD7yrJxJPLjVCzdEnqZwn4UTboSRC_WKS-fkluapYg= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 49ms
35ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXSC11CqY1wFgX4K2ogleXpi5vMcI7Mx-c33Nusd76S0cD7yrJxJPLjVCzdEnqZwn4UTboSRC_WKS-fkluapYg=?pvid=2E05C0BB-CA7C-496A-B900-6D30C3162C39&anonid=651E74C3-0622-40B8-9B6A-8526006A3F18

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.gSdft5N7Od8.es5.O/d=1/rs=AJlcJMxmjORbJBXC4K2kOGe9_5KK5ev1zg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-adMhtDTgeU4jjWS0ABm3Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-adMhtDTgeU4jjWS0ABm3Dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: http://l.riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-adMhtDTgeU4jjWS0ABm3Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-adMhtDTgeU4jjWS0ABm3Dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="ContributorLoggingHttp"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxWSYypJuteK3txdOE2hrND1HvdXexmk_XgyLlPN3rwIn5hwilohV2ND_7ESXZZtpUTdHXZ03UxMleOZv6vfs6k= Show response
fundingchoicesmessages.google.com/f/ 64 KB
24 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWSYypJuteK3txdOE2hrND1HvdXexmk_XgyLlPN3rwIn5hwilohV2ND_7ESXZZtpUTdHXZ03UxMleOZv6vfs6k=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIzNDg5Njc1LDI0MzAwMDAwMF0sIjJFMDVDMEJCLUNBN0MtNDk2QS1COTAwLTZEMzBDMzE2MkMzOSIsIjY1MUU3NEMzLTA2MjItNDBCOC05QjZBLTg1MjYwMDZBM0YxOCIsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vbC5yaWZ0di5uZXQvckNBR0wiXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.gSdft5N7Od8.es5.O/d=1/rs=AJlcJMxmjORbJBXC4K2kOGe9_5KK5ev1zg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f9d5374c04649dcc72063654c1cdf1bfbdc0d378d7302f11a4357856a9f8040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SL5+SmpUIGTABQblJHYS0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SL5+SmpUIGTABQblJHYS0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-SL5+SmpUIGTABQblJHYS0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-SL5+SmpUIGTABQblJHYS0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
256 B 39ms
39ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=l.riftv.net&callback=_gfp_s_&client=ca-pub-4786732530380180

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

49362909761a8d06d50be710e0b553bce6603b152e3caad2e27a2677e870346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&tn=DIV&cls=cc-window%20cc-floating%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-right%20cc-color-override-1971232268%20&ign=false

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 09:21:15 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 38ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Jun 2021 09:21:15 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=l.riftv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=l.riftv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F749 5 KB
737 B 100ms
99ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623489675&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&ea=0&flash=0&pra=5&wgl=1&dt=1623489675068&bpp=129&bdt=245&idt=44&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2274582933156&frm=20&pv=2&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=187

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e039a0ef894c06713cbf76c0a07f698357cb0aa4d1d776b01b9af9d9c2242fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623489675&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&ea=0&flash=0&pra=5&wgl=1&dt=1623489675068&bpp=129&bdt=245&idt=44&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2274582933156&frm=20&pv=2&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=187
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 12 Jun 2021 09:21:15 GMT
server: cafe
content-length: 714
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Jun-2021 09:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78A6 10 KB
5 KB 520ms
520ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

79733f3037f6247b220d22c28e37c56f5723d14785045e4af6f91e877f1fcaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 12 Jun 2021 09:21:15 GMT
server: cafe
content-length: 4717
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Jun-2021 09:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB27 60 KB
22 KB 339ms
339ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

90cf2c90bdb74ca4235841031fceda344cc6e0a467b21422a23dfd985c0250f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 12 Jun 2021 09:21:15 GMT
server: cafe
content-length: 22882
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Jun-2021 09:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D63C 68 KB
25 KB 270ms
269ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

be8c235f276b370225b34e73f637c5b25b48a8ab8032ad8bda4a44b43e6a0354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 12 Jun 2021 09:21:15 GMT
server: cafe
content-length: 25808
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Jun-2021 09:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44F6 436 B
236 B 331ms
331ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=4&bdt=245&idt=136&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5SpGVJjLsf&p=http%3A//l.riftv.net&dtd=203

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

fa19f218adcbfdbdd53a27707e5417c5a9b6720d6f47506a8ab26067e72e4f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=4&bdt=245&idt=136&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=5SpGVJjLsf&p=http%3A//l.riftv.net&dtd=203
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 12 Jun 2021 09:21:15 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 12-Jun-2021 09:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 16ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-186817945-1&cid=1023363580.1623489675&jid=1229061449&_u=YEBAAUAAAAAAAC~&z=261788129

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-186817945-1&cid=1023363580.1623489675&jid=1229061449&_u=YEBAAUAAAAAAAC~&z=261788129

Requested by

Host: l.riftv.net
URL: http://l.riftv.net/rCAGL?sub1=1&sub2=12959&sub3=40&sub4=7282&sub5=455747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxX8i94YcCKNiLKkPVhm-apz5AQzd0NzquergyY5QdQAdb3FEO_gTFUROo77U2h8kzuTTOnU0_17bMESpm7Ssn5okL_ZZrPvOi1mlQJhEixsFe2KrGzfNSw539rwAUv4sh-ibQfn2qAxw5OgNwjB1LIXLsHYCH4S9CGdKiGCqZkFmVASl-ey9I2G8QfG Show response
fundingchoicesmessages.google.com/l/ 0
27 B 26ms
25ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxX8i94YcCKNiLKkPVhm-apz5AQzd0NzquergyY5QdQAdb3FEO_gTFUROo77U2h8kzuTTOnU0_17bMESpm7Ssn5okL_ZZrPvOi1mlQJhEixsFe2KrGzfNSw539rwAUv4sh-ibQfn2qAxw5OgNwjB1LIXLsHYCH4S9CGdKiGCqZkFmVASl-ey9I2G8QfG

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.kjHxdPb8sPk.es5.O/d=1/rs=AJlcJMzkmTNV4E1Znp5AJ9N26jdlbPAQ6Q/m=iabccpawebsignalscript

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q6zCyYUdAooyWLV3Z+qabw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Q6zCyYUdAooyWLV3Z+qabw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: http://l.riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Q6zCyYUdAooyWLV3Z+qabw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Q6zCyYUdAooyWLV3Z+qabw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxX8i94YcCKNiLKkPVhm-apz5AQzd0NzquergyY5QdQAdb3FEO_gTFUROo77U2h8kzuTTOnU0_17bMESpm7Ssn5okL_ZZrPvOi1mlQJhEixsFe2KrGzfNSw539rwAUv4sh-ibQfn2qAxw5OgNwjB1LIXLsHYCH4S9CGdKiGCqZkFmVASl-ey9I2G8QfG Show response
fundingchoicesmessages.google.com/l/ 0
26 B 59ms
59ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qpGJPsJV/00/fSiTDDWQKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qpGJPsJV/00/fSiTDDWQKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://l.riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qpGJPsJV/00/fSiTDDWQKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qpGJPsJV/00/fSiTDDWQKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxXkEazcszvgbW_7MvDy7c5J3xClo70-5HXRaaiU-69RmMLZUDYz2EtsK0_Nsg9HWs9KmXdckpmawuIc6tU6sll43sPgZdoUB8efk7IT8TZTWSUej1lDEQLEH7KtvCCJM49bMu5TKnUDLTo3auKE11zDUYfhDUlEwzD4SwDaRRt0ePGf693GF6XYqSOW Show response
fundingchoicesmessages.google.com/f/ 66 KB
24 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkEazcszvgbW_7MvDy7c5J3xClo70-5HXRaaiU-69RmMLZUDYz2EtsK0_Nsg9HWs9KmXdckpmawuIc6tU6sll43sPgZdoUB8efk7IT8TZTWSUej1lDEQLEH7KtvCCJM49bMu5TKnUDLTo3auKE11zDUYfhDUlEwzD4SwDaRRt0ePGf693GF6XYqSOW?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIzNDg5Njc1LDM0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cDovL2wucmlmdHYubmV0L3JDQUdMIl0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

075be59f6005623d3214d1c31e467ad901b2865695f405e55115508beb6e1da2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LkTT3ygAUlIWp9LPeZAjJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LkTT3ygAUlIWp9LPeZAjJw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-LkTT3ygAUlIWp9LPeZAjJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LkTT3ygAUlIWp9LPeZAjJw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 18180876349437945998
tpc.googlesyndication.com/simgad/ Frame D63C 22 KB
22 KB 102ms
102ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18180876349437945998?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnPuQFdh6aHFclyfcSBbYdmqfEHRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55c800be08807f600bceeaaad0879cb93f7554080b69f9f50a388358df82fd22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 08:46:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22213
x-xss-protection: 0
expires: Sun, 12 Jun 2022 09:21:15 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame D63C 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:17:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D63C 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:09:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D63C 122 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D63C 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:19:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D63C 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d87f99ddbcbaa60e78bdeeaa0f4ab0ec69e6124030f14bfe2c091bc54cd29e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10595
x-xss-protection: 0
server: cafe
etag: 3266988658244827530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 07:17:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D63C 0
0 68ms
68ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1QvGi3zEYMSREqOKmLAP_vuc-An2j7P4YtKForn9Df_1kOPXAhABIIa6tX9gu4aAgNAKoAGt1r7JA8gBAqkCfsYep6lQtD6oAwHIA8kEqgT8AU_QnibHWZ9Bmg0Q7LJujddJNqW1nxm6smz0cBw05izmqBhJJYpeNFiYNdQ_8syeXuwVHzhUx7ZA6PyjfVHLiMg49cAElLF2o-LzgH9fX74W3pOJHYjjq8RCzLw8xQb7_3zecakGH2n8egV_4SxZUdZIixDnwVSbzXwK0DjM5N5FDS76COMeVJ5us4Jy_4ANsdYFpDO5Dcj12jGq8NHY4MN5YgZ3VHZ9srkadnqhfsra1mfWJXGQV1urwzsL846siN1KK7nJEa29d0ki7cUWCkF0GKdZz06qc0Ow-rKiFx2AywqSSMy6UhDlwnYn_wtqdmuOehys0ZsHYyAQlcAE-tWxq88DoAYCgAe7qcE2qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELb6AtIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00Nzg2NzMyNTMwMzgwMTgw&sigh=pxRVMPPKi18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 12 Jun 2021 09:21:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 112E 143 B
163 B 31ms
31ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 12 Jun 2021 08:51:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D63C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b94f6ff90287b206be83e48ddb02edeba31a7546fcec62c203e9d9a7339bc79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5422232585578074597
tpc.googlesyndication.com/simgad/ Frame DB27 29 KB
29 KB 20ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5422232585578074597?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk9foSZ3Pt4O4Sg4sKHqoJL9U5Kyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a19d2cce7f6bd48e925b1a91a0d3acd58b7325ceac208276a21c67a83768444d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:11:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 19:36:28 GMT
server: sffe
age: 58158
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29567
x-xss-protection: 0
expires: Sat, 11 Jun 2022 17:11:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame DB27 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:17:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame DB27 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:16:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB27 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame DB27 13 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:19:48 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame DB27 25 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d87f99ddbcbaa60e78bdeeaa0f4ab0ec69e6124030f14bfe2c091bc54cd29e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10595
x-xss-protection: 0
server: cafe
etag: 3266988658244827530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 07:17:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB27 0
0 67ms
66ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMxNKi3zEYJDwEY6d1wav95bYAr6fm_piyqHrpJIOsJAfEAEghrq1f2C7hoCA0AqgAb3hwdcDyAECqAMByAPJBKoE9gFP0IZADy13BjSNk5r1T25ZDmqKO-eBGPcEyS27_W2wONG8-2aLo9vxHp1cR1Ha3Ev4QH-ds5Ta_gQTcgr2CHLuX7aFLUtbCiRxGtfTJRy2RCxmOEAZFp_mRewJikunlRqXfltAeYZ8jaqsbIqNbeZ-7JUChb89YGGNCoZmJjcfpKtheSflRMU21LefdrRy2dU5LjUbKe9hSMc6rG86gxlWK5JJPkR694qDpabc57dFdzvcK8PC_t6pldTBpz3lZ9IVaUGuG1VMZ1f5Vvve36AG5LuSO2bxhxyAY3yP5R2UUhb7LXKg1KrDimHN68-_lvLoRu0przPABN2fgK_JA6AGAoAHq56-KKgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC4hALSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNDc4NjczMjUzMDM4MDE4MA&sigh=UupyGFbpRhw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 12 Jun 2021 09:21:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 112E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

63ms
63ms

Document
text/html

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl40fowME2SfNgY5I0preUl9pppTT7LEMvW5JUDawt5B6rHHx70Fw5k0BxccCU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 12 Jun 2021 09:21:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 12-Jun-2021 10:21:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 12 Jun 2021 09:21:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8958 143 B
163 B 31ms
30ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl40fowME2SfNgY5I0preUl9pppTT7LEMvW5JUDawt5B6rHHx70Fw5k0BxccCU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 12 Jun 2021 08:51:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DB27 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ff6cb8e8e530de8516f8f5ae98e790d9d9da6ba06fdf5ac0d651489f5d4a75f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8958
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

63ms
63ms

Document
text/html

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl40fowME2SfNgY5I0preUl9pppTT7LEMvW5JUDawt5B6rHHx70Fw5k0BxccCU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 12 Jun 2021 09:21:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 12-Jun-2021 10:21:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Jun 2021 09:21:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 12 Jun 2021 09:21:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E63 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:42:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 07:42:52 GMT

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C75 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:42:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 07:42:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 78A6 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:16:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78A6 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 78A6 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Jun 2021 09:19:48 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78A6 0
0 68ms
67ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP5Bni3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE6wFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VXkkJ1zKfe4gjOSoc28Sbdp0bgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNDc4NjczMjUzMDM4MDE4MA&sigh=i9tt10baoEU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 12 Jun 2021 09:21:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 78A6 0
0 46ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UJjdD7_6RPQImAKH-lcYAgAAAOHADw3fflQOEIp8xGAgWirmB0fasRbzTQAS&wp=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 286077

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EF94 132 KB
46 KB 99ms
72ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=14&bdt=244&idt=81&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JcTKXD17fW&p=http%3A//l.riftv.net&dtd=193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: e794409f065eaf49f240d8cebc294d3dcddebb9af7ad3816d2bb6232243e3e3b

Request headers

:method: GET
:authority: ads.eu.criteo.com
:scheme: https
:path: /delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lBdeAIMMtkwN_dc7urudZCEvPDcKrUBWonB_CFmjc0jx5zEc6Rkdo6gZ3-iwC9midnMDkbV6I_x7tu66KX_llOt-yn_ZhvCaGDJWIVlpcm-kV5-KoH8-OEtpR3SYdW-HPN-f4WrxBuJ_4SiP4uuvoYIi82RpUQ7s4nU_slAE-4vffh-xI59DpVyW_cB4Ame3YHu1DQLBAIfM3BzcqKnhBnyx9WwM8Gu88RqJ3gUQFyCzwxL5X9W3JzJd6UcTkJJKudUH9g"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 59721912
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 78A6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dac70f92ef853ae90ebaae2db6c26b25e6d01373507fc5f439fe9d65ce5660de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EF94 2 KB
1 KB 66ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame EF94 2 KB
1 KB 66ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EF94 308 B
574 B 68ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame EF94 507 B
773 B 66ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame EF94 43 B
353 B 123ms
42ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aqwayKe3BgtAuPPJlOeKNMd9I1ubVEEVcmogaMxDvEVOfu32iI1g7lCnIpuJK9dnk-MJiduIJkzSJW5xQm8jdJURhXzkIclaqdAb1Fa4XjnrCxDwKd8SKvQXT6S16Bh1ox1U3Yw6qrQIGx5aQL11p2thEXW5EHifaHvb-oq3--DPsg-MNpcKWgraVeC4j8ryFnqwaDXiOn0-M_n8hNcyDnk3hSuMrWnmRQRhXE4RoKScynqPvDxC2bTYC6MzRD6I0qfQxmSfnzkxeqdtA8gvsqXoaJuJGlP-WscmACXXEGmXXGb97r0-zEeUvT_pFeQTIh0JjAFsv1xWJgu8sEN7L8rZbqW9HZJ9cXCB2wN7ST6Yd2EAsSPXslBtdKSva9FmUjOd3tB3ORMV43SiHaerx179D0RRx5SfslSs5y8vv_q775y0
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5115
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EF94 12 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1437641
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4420
cf-request-id: 0aa11f9abf000005b7d3b60000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sZ9%2FeEwVe1TUvsRp30ARClIu1ZzGqskbTGS1JsIQpKzyCrK0C0nKYlx1J34N5APJZRR%2BbmFJPQFLcZp5qdr%2FpxmVCn5A%2F505w%2B7zOtVw76KU4KPNwYQQB903YEUXlkFLYOslK82UMSeTA9Y32g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65e2020acac105b7-FRA
expires: Thu, 02 Jun 2022 09:21:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EF94 12 KB
6 KB 46ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 empty.html Show response
static.eu.criteo.net/ Frame 552C 214 B
481 B 71ms
27ms Document
text/html 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eu.criteo.net/empty.html
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3ca8c8b4370ff878afbd3f136b7a32063f18e66f253789b2a482649392832707

Request headers

:method: GET
:authority: static.eu.criteo.net
:scheme: https
:path: /empty.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.eu.criteo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.eu.criteo.com/

Response headers

server: nginx
date: Sat, 12 Jun 2021 09:21:16 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Aug 2008 18:21:54 GMT
etag: W/"48b59b42-d6"
expires: Tue, 07 Jun 2022 09:21:16 GMT
cache-control: max-age=31104000 public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF94 4 KB
5 KB 127ms
42ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=556&m=0&partner=83848&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F83846%2F210407%2F6b7e959ec0d948b0905e75fa850505f7_logo.png&v=3&w=196&s=AEpadfy7MCOTMAOj7xXuIcWi
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 6876e56ecf97091578da89e6ee28c8e834ec996b330b1e635faabc3310871492

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4428
expires: Sun, 12 Jun 2022 09:21:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF94 32 KB
32 KB 179ms
94ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83848&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1354%2F4767%2Fproducts%2Fassets_2Fimage_2Fbal0143046_blk_00-original-3503091.jpg%3Fv%3D1615289768&v=3&w=800&s=CgiARDKBVBgjp3JYMv7dYFc7&b=1200
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 48f43f871e7709a81613978382e0cd57dd889334f7d02e955de4ac717ce8d975

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32770
expires: Sun, 12 Jun 2022 09:21:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF94 51 KB
51 KB 128ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83848&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1354%2F4767%2Fproducts%2Fassets_2Fimage_2FCI3871001-1-original-2661001.jpg%3Fv%3D1621326906&v=3&w=800&s=1Ww4gGf8ke_TCBiBHETmOMpk&b=1200
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e516e9beaf6b5344cd4b0d5c729960cc181e98104623ef4a9c4e77deffa89423

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51858
expires: Sun, 12 Jun 2022 09:21:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF94 71 KB
71 KB 185ms
101ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=83848&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1354%2F4767%2Fproducts%2Fassets_2Fimage_2Fsp_51084_252Fimages_252FE50---nike---DB4636022_1_M1-original-3283446.jpg%3Fv%3D1611897426&v=3&w=800&s=LtVtoondHNfEViAGktMdBX5U&b=1200
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 471c8e4f5fc85be553e3282c2d8f4820a91e7009c7ceca38d20d3fe7488c4b38

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72640
expires: Sun, 12 Jun 2022 09:21:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EF94 0
99 B 124ms
41ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=9DrhHIMMtkwN_dc7urudZCEvPDcKrUBWonB_CFmjc0jx5zEc6Rkdo6gZ3-iwC9midnMDkbV6I_x7tu66KX_llOt-yn_ZhvCaGDJWIVlpcm-kV5-KoH8-OEtpR3SYdW-HPN-f4WrxBuJ_4SiP4uuvoYIi82RpUQ7s4nU_slAE-4vffh-xI59DpVyW_cB4Ame3YHu1DQLBAIfM3BzcarclNds2rfNH4eZY1UQeInbFDJMP51zmhkea1hEmHKO5ObqaYKVYbA&sds=2&rev=77644&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 12 Jun 2021 09:21:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EF94 2 KB
1 KB 32ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EF94 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Jun 2022 09:21:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF94 705 B
468 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ce5ea21759f6438096fe0508507ef203dd3d5125b1528c1b635310fef9dab9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Jun 2021 08:58:50 GMT
server: ESF
date: Sat, 12 Jun 2021 09:21:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Jun 2021 09:21:15 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v15/ Frame EF94 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v15/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ads.eu.criteo.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:07:18 GMT
x-content-type-options: nosniff
age: 18838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11164
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:51:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:07:18 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 27ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a103b7244b6a8fc8b990de435c02022abe81a7949f775b3aade5eb1609e8af53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7896
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 12 Jun 2021 09:21:16 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8645 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 12 Jun 2021 09:12:14 GMT
expires: Sun, 12 Jun 2022 09:12:14 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9239 783 B
530 B 25ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fbdcf1225aed74a7eeb42354b58ca1813c4896118eb4b07386a9daf5a7326f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eJdU1nENr8P9V3sxaWau/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://l.riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://l.riftv.net/

Response headers

expires: Sat, 12 Jun 2021 09:21:16 GMT
date: Sat, 12 Jun 2021 09:21:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eJdU1nENr8P9V3sxaWau/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8645 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 11:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jun 2022 11:32:41 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=3060604987102094&bg=!jo2ljcnNAAY6sG-_OrA7ACkAdvg8WvsbYBMbb220ED5du4qsmq0PzWOzcJqo7XbvJmh8uQ9aTst3fQIAAABQUgAAAAtoAQcKAMk3ugX4obDxmRjEVQhe1m78_rE3haXDhnV8EwevD0iLyd30K4FdPHiYrwo-W4tlhpTJliHLAXsOo-EH1deMiNF6_G0bk-ft_EHMrE-HtBKdf6f-JUycfwYBItW5LRpGt7D3H0KuOTvYtlz4PSFryosUI22NA7bKCjNrimbEmC4gtkAOIHbJLwNtoC5rZd9QmLGJQz5e9Q286-zL1jH7VIl8gm-pY3RCPf0hliOBBZmE46fR_oyghvNQafu2lqs8nf5XjprLksN6nhaZAmuNZr_m0SLJ61Xd0lq-tMWVMjgfmJsdMoqPUNg27BP21rLiLL4d6bJ462K_GBH-v5rPS1hlPBdPo-H1Z4HEqVaxTgiRdjTb31eNPEQ5yvyAdPN3kUCIO6LIAUCQVgk0NPx89ViOqBZObxeScczH8K-57hfsf2MKQw6VkgkFR97WJwCLkAoEC36mV39CBXxSjvPsJQqD8gL5Ac1djsC_B0SXeDW2jR5dgqrxqf8see7HRafqniDkgmNuHccZyuA6xojc5Zn03IUhhMaGWIfT-FqmMnKMS_wi2pCJQtDdf7Fbb1ndaatnW9o6DInrvb5yDI7b2nQInTKY6JSV4Qfv-MtepWf_kbjxQgJcUFRC-H0gZaKK7ON6tThCG07lnwxsLkttuix3Z_BS7iQg45BbcUhTp-AqdaQkkRyVtPNJa_al57XupdIuDuZnZly3BYvzHSNICn1SpeRUp0DkeetnSqgC5HM08zUq1GUCjE4xdD9x2OZBwee_DVgfTQqSoqPtlwY32mjsDuejCnaQkDC494MGi0-TgEuSDozTfSM2bAnyYN4NIPA4MKM2IDnd2-ugMRQb3C142mzFtF9mv0vxDFaswIcNDfU7vEadSXeYloErPrdzU7gv0Um87wU_kbazTUypUocq_HIb3eUp2Sba4jxbw2b3Nudx4dujujbxGoALKVriCTZRXz6yaJmKB8Y85V8xD-4vQWqnp3Pmg-k_VMCbz5_wh9NucHPzv_NzrIXGKq3TlLWn62R3VuI6QPoEnUFxlEtsE4f2AR6Ba2ELn_NGRay0LlEjddF3vaOLniAfuHzsmjhq5O5quk_j

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://l.riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D63C 0
0 68ms
68ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CObc-i3zEYMSREqOKmLAP_vuc-An2j7P4YtKForn9Df_1kOPXAhABIIa6tX9gu4aAgNAKoAGt1r7JA8gBAqkCfsYep6lQtD6oAwGqBPwBT9CeJsdZn0GaDRDssm6N10k2pbWfGbqybPRwHDTmLOaoGEklil40WJg11D_yzJ5e7BUfOFTHtkDo_KN9UcuIyDj1wASUsXaj4vOAf19fvhbek4kdiOOrxELMvDzFBvv_fN5xqQYfafx6BX_hLFlR1kiLEOfBVJvNfArQOMzk3kUNLvoI4x5Unm6zgnL_gA2x1gWkM7kNyPXaMarw0djgw3liBndUdn2yuRp2eqF-ytrWZ9YlcZBXW6vDOwvzjqyI3UoruckRrb13SSLtxRYKQXQYp1nPTqpzQ7D6sqIXHYDLCpJIzLpSEOXCdif_C2p2a456HKzRmwdjIBCVwAT61bGrzwOgBgKAB7upwTaoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQtvoC0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTQ3ODY3MzI1MzAzODAxODA&sigh=--N59IzzAfs&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623489675&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&wgl=1&dt=1623489675068&bpp=1&bdt=244&idt=97&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=fgjyBWiHuP&p=http%3A//l.riftv.net&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 12 Jun 2021 09:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D63C 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIsXilTaa6NhJq23H1_-GvlTUtHhUq3fQrjPC0hVpVswSaAYtYosbkHYFtXV8hD275ULQEuOjiPx16Vt2XnomQmSjPyNUrV3AxpIcA33iJpm6F6zKU5hxs57kOIA&sai=AMfl-YSj_TBh-6xQs2_uuS1qEkf7qT0dvTh9-3jwD_m_K1fhuHVEFVHWlWN3a56fGb775OrzbJj3UYTqmQ9b&sig=Cg0ArKJSzM0OWJc1EiNHEAE&id=lidar2&mcvt=1000&p=922,625,1063,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=33470798&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623489675275&dlt=267&rpt=42&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB27 0
0 67ms
67ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjrdWi3zEYJDwEY6d1wav95bYAr6fm_piyqHrpJIOsJAfEAEghrq1f2C7hoCA0AqgAb3hwdcDyAECqAMBqgT2AU_QhkAPLXcGNI2TmvVPblkOaoo754EY9wTJLbv9bbA40bz7Zouj2_EenVxHUdrcS_hAf52zlNr-BBNyCvYIcu5ftoUtS1sKJHEa19MlHLZELGY4QBkWn-ZF7AmKS6eVGpd-W0B5hnyNqqxsio1t5n7slQKFvz1gYY0KhmYmNx-kq2F5J-VExTbUt592tHLZ1TkuNRsp72FIxzqsbzqDGVYrkkk-RHr3ioOlptznt0V3O9wrw8L-3qmV1MGnPeVn0hVpQa4bVUxnV_lW-97foAbku5I7ZvGHHIBjfI_lHZRSFvstcqDUqsOKYc3rz7-W8uhG7SmvM8AE3Z-Ar8kDoAYCgAernr4oqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELiEAtIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00Nzg2NzMyNTMwMzgwMTgw&sigh=5FI0yzTqEpY&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623489675&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FrCAGL%3Fsub1%3D1%26sub2%3D12959%26sub3%3D40%26sub4%3D7282%26sub5%3D455747&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623489675068&bpp=7&bdt=245&idt=84&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=2274582933156&frm=20&pv=1&ga_vid=1023363580.1623489675&ga_sid=1623489675&ga_hid=199163832&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3060604987102094&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VJYvqIsxVr&p=http%3A//l.riftv.net&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 12 Jun 2021 09:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB27 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuM_IVr2ysovExyKwaCFioE-IYNBhsqqBxsFdeDDxs6z9DpJHoCnRDyDLp6x_HrcmB_ONeKtRrURuZT_xmkX3o-_IxcpNpJI7YOYLVUm13jHcxwtqsqJgrX-NApgg&sai=AMfl-YQZ6hKKT1a1sajJvB_sGF7K4vNN-YqINM5dlE2GlpoLN6V4B2dAogcSqsYC-_RfGR0N22rVpraIFIHU&sig=Cg0ArKJSzMcZg6p9HpZSEAE&id=lidar2&mcvt=1000&p=470,436,658,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3577450996&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623489675275&dlt=347&rpt=40&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78A6 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxHu7xqL2ehPckzpc_tC3_86lCWFQiiu_KFU5R7z_y6g9xFryCZDsLCLIn25VSsYvEl6hgqj9CQjyCNThLdlzVFr1c5QtBdA&sig=Cg0ArKJSzH8bus_obnJfEAE&id=lidar2&mcvt=1000&p=115,230,395,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=394597393&rs=2&met=ie&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1623489675275&dlt=558&rpt=34&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Jun 2021 09:21:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EF94 0
99 B 40ms
40ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=9DrhHIMMtkwN_dc7urudZCEvPDcKrUBWonB_CFmjc0jx5zEc6Rkdo6gZ3-iwC9midnMDkbV6I_x7tu66KX_llOt-yn_ZhvCaGDJWIVlpcm-kV5-KoH8-OEtpR3SYdW-HPN-f4WrxBuJ_4SiP4uuvoYIi82RpUQ7s4nU_slAE-4vffh-xI59DpVyW_cB4Ame3YHu1DQLBAIfM3BzcarclNds2rfNH4eZY1UQeInbFDJMP51zmhkea1hEmHKO5ObqaYKVYbA&sds=2&rev=77644&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YMR8iwAEa1QKUf9MAATE1L6eK7DDhkR41v3XIA&u=%7C%2F0BeOlwDRNBlAWF1fHoyV7bLGNeCeI7C8AR%2B1WOTDJY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvVI5BJNsqtOon9mSRTjkGJ8LLH-yevMwr-ZPT2Olbz1rvBAUMM1l0-x1zAF3b3xVXk61-keZ9ubnrkbG5l0G3VS9l1Fbi8G1bczCp93WLcnVLKLGy6dS6ZpJlKIv6KNXXdWfDVbOUk8oLX2OB7jcRIAsr4Buq1qdv2dXKsiOh8ECaGVegkeh6az2sPSEZU4vDNn4jgvcuFvkmrZPQKIPeQ1KLA4LAMk0aqEnw7dmoFE0dNQM8kM-7RKmUWoMm3uHSKno5WwGm9W8FAPv3Pw-Lg7ZwTxtb2_ca72AKcXpZ5y8y9Q545pOSkOCcprhRQbBFuLvAJYt3XKZsoArarHhqzCP03436WpT7rUoKg-aVbMNM5qnWhxjFYu1zwJPoVASMXeM3AkZ8cfvfZvRGCuRdXApXOf-CkP2susmav0emx0WQKc4Km5bXSuXU1n8k8GHH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIK24i3zEYNTWEcz-xwLUiZPoAuSP0rFc3-XhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3ODY3MzI1MzAzODAxODCgAb3UiOsDyAEJqQLxCCG5fau3PqgDAaoE7gFP0M0ta0viPKfAagKyVcyDjCYHjCE-nRsPWPzC3vudySsJZuAkNQbx_n-7wfSWBV0PzJYszd-mcjpSRcqfDTwr_J7_qH-BqRsdIjYHCfR-UBIEkjE3omGg4sjqEbN1J_2MM5RGqfXLd2wP-oORnQV6LIumNOfqyVp7RgO3ksIpMgxqhINPgwyRC4Xabb17sULiijRAEicZWmbOpM-bCa5V2_QQAHDNNbUgkHUhL6uQ3rw8xjr-yggm9nfHcFDYuH2Pzp9hm5ExS9yQvKfhAnGMikCJTpnenJ8VHEsEReERiY2wyyWEWKAH3Z4P6-zZgAaY4c-hy-CnpOEBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09AWKZcYmbP9vmtPBfLd9rzY3LQg%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 12 Jun 2021 09:21:16 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: l.riftv.net
URL: https://l.riftv.net/static/fonts/glyphicons-halflings-regular.woff

Domain: l.riftv.net
URL: https://l.riftv.net/static/fonts/glyphicons-halflings-regular.ttf

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:58:10	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 18:58:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:19:45	Name: IDE Value: AHWqTUl40fowME2SfNgY5I0preUl9pppTT7LEMvW5JUDawt5B6rHHx70Fw5k0BxccCU
.riftv.net/	1970-01-19 18:59:36	Name: _gid Value: GA1.2.1828278978.1623489675
.riftv.net/	1970-01-20 12:29:21	Name: _ga Value: GA1.2.1023363580.1623489675
l.riftv.net/	1970-01-19 18:58:11	Name: short_KcOhP Value: 1
.riftv.net/	1970-01-20 04:19:45	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1623489675225],null,null]
.riftv.net/	1970-01-19 18:58:09	Name: _gat_gtag_UA_186817945_1 Value: 1
l.riftv.net/	1970-01-19 18:58:11	Name: short_rCAGL Value: 1
.riftv.net/	1970-01-20 04:19:45	Name: __gads Value: ID=870838d335ddb7c3-2253f5e2e5c800b3:T=1623489675:RT=1623489675:S=ALNI_MYU1670SpXzNgIOzbPK6WqkGQztFA
l.riftv.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7a33a796392dbec7ab25c2ccdc1473f8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
api.miniature.io
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
clients1.google.com
cse.google.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
l.riftv.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
static.criteo.net
static.eu.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
zizouit.com
l.riftv.net
109.234.162.107
139.99.133.160
172.217.23.98
178.250.0.162
178.250.2.135
178.250.2.148
216.58.212.130
2606:4700::6810:135e
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9a
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
54.39.20.207
04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89
05a8a5125b36da55ff02702436ee672fa3ddd45ccebd499a8fbff0461c8cba10
075be59f6005623d3214d1c31e467ad901b2865695f405e55115508beb6e1da2
07d45210c94f35daaa1999be70652b41de8d934bfdb626ac6a09cfe6bd275ea8
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0fbdcf1225aed74a7eeb42354b58ca1813c4896118eb4b07386a9daf5a7326f6
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
13de570acd88a220c7ded609d1d89a23bf3799113b60466fed8e8ddf663f70d4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372
210c1cf1b16989a89b6947d5f9b0ff5ff64c2118bf0afae7db66b1fdeedfd6bb
2433d15cf3fc19f8f5cafb0ac8bfa2a3eea71cea8c41b3e4a7ee84252a33bb1c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
35a7a78646d1367107f41a8e337a96914cdcff35df8d014508a380ab86b4c49d
35f79e2956b19a8822e2f2edbe9eae2c79507dd3f37cbf10d45ba6dd2cbff91d
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079
3ca8c8b4370ff878afbd3f136b7a32063f18e66f253789b2a482649392832707
3cf312f9dbbfeb70309f4ceade4de8ded72a826ca6935b0ba9d23b86613bfef5
3f9d5374c04649dcc72063654c1cdf1bfbdc0d378d7302f11a4357856a9f8040
3ff6cb8e8e530de8516f8f5ae98e790d9d9da6ba06fdf5ac0d651489f5d4a75f
42a468e720ccf24b6fc35c4af0138acf35ee109270b7a6110e74ff820971d607
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
471c8e4f5fc85be553e3282c2d8f4820a91e7009c7ceca38d20d3fe7488c4b38
48f43f871e7709a81613978382e0cd57dd889334f7d02e955de4ac717ce8d975
49362909761a8d06d50be710e0b553bce6603b152e3caad2e27a2677e870346a
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55c800be08807f600bceeaaad0879cb93f7554080b69f9f50a388358df82fd22
5abeccadd85d2b0f6f671e4a62b18d943dff93a9700e3cd20599164c81c60979
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
6876e56ecf97091578da89e6ee28c8e834ec996b330b1e635faabc3310871492
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d
79733f3037f6247b220d22c28e37c56f5723d14785045e4af6f91e877f1fcaee
7d11e7e384579b55d578f3aec8bf96ba7ab144a1f34e36451556019113bb2b5f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b94f6ff90287b206be83e48ddb02edeba31a7546fcec62c203e9d9a7339bc79
8ce5ea21759f6438096fe0508507ef203dd3d5125b1528c1b635310fef9dab9c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90cf2c90bdb74ca4235841031fceda344cc6e0a467b21422a23dfd985c0250f9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a103b7244b6a8fc8b990de435c02022abe81a7949f775b3aade5eb1609e8af53
a19d2cce7f6bd48e925b1a91a0d3acd58b7325ceac208276a21c67a83768444d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
be8c235f276b370225b34e73f637c5b25b48a8ab8032ad8bda4a44b43e6a0354
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c1302099d6a8fa575f4036bb2101cba795169c22d4c674712d7522a3f8e4e331
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d7c851eb9cd1d95dc6185309c5e5e22bfba134783dda393553242ae0c7ea746e
d87f99ddbcbaa60e78bdeeaa0f4ab0ec69e6124030f14bfe2c091bc54cd29e5c
dac70f92ef853ae90ebaae2db6c26b25e6d01373507fc5f439fe9d65ce5660de
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e039a0ef894c06713cbf76c0a07f698357cb0aa4d1d776b01b9af9d9c2242fca
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3880309a6469717ea0ac619930b9ded06cbf62f795f6fd887b98fec9cd402cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e516e9beaf6b5344cd4b0d5c729960cc181e98104623ef4a9c4e77deffa89423
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e794409f065eaf49f240d8cebc294d3dcddebb9af7ad3816d2bb6232243e3e3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa19f218adcbfdbdd53a27707e5417c5a9b6720d6f47506a8ab26067e72e4f3a
fa9a3880a0d54a4bd990e2f63278be581b068336f34a39863e47ba65774d82d7
fc6c45fb43f51dfc76b7770b2e751e3400575327793dcd1eb257373af7857627
fff5f15db7a6346794d255fa1e22caa0090efa107f34215e36cf5a7d986f776f

l.riftv.net Open in urlscan Pro 109.234.162.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

94 %HTTPS

72 %IPv6

16 Domains

29 Subdomains

29 IPs

6 Countries

1248 kBTransfer

3036 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

l.riftv.net Open in urlscan Pro
109.234.162.107 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

94 %
HTTPS

72 %
IPv6

16
Domains

29
Subdomains

29
IPs

6
Countries

1248 kB
Transfer

3036 kB
Size

11
Cookies

114 HTTP transactions
3 data transactions