urlscan.io logo urlscan.io
SecurityTrails logo

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe  Public Scan

Go To Rescan Add Verdict Report
URL: https://risu.io/TqZcM
Submission: On June 19 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 9 countries across 44 domains to perform 267 HTTP transactions. The main IP is 2606:4700:3108::ac42:2afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io. The Cisco Umbrella rank of the primary domain is 393110.
TLS certificate: Issued by E1 on June 2nd 2022. Valid for: 3 months.
This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:310... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.186.215.140 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
30 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.146 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
25 203.75.214.136 3462 (HINET Dat...)
1 4 35.201.76.93 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 18 34.96.119.68 15169 (GOOGLE)
8 10 139.162.78.222 63949 (LINODE-AP...)
6 54.238.107.229 16509 (AMAZON-02)
24 2a02:2638:1::3 44788 (ASN-CRITE...)
3 6 2a02:2638:1::13 44788 (ASN-CRITE...)
3 34.117.219.39 15169 (GOOGLE)
3 178.250.0.157 44788 (ASN-CRITE...)
15 54.95.78.196 16509 (AMAZON-02)
3 103.132.192.30 138552 (RTBHOUSE-...)
6 178.250.2.131 44788 (ASN-CRITE...)
3 210.59.219.181 3462 (HINET Dat...)
2 116.50.36.71 18046 (DONGFONG-...)
3 3 216.58.212.162 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
3 2a02:2638::b 44788 (ASN-CRITE...)
1 178.250.0.163 44788 (ASN-CRITE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 178.250.2.150 44788 (ASN-CRITE...)
3 178.250.0.160 44788 (ASN-CRITE...)
8 178.250.2.135 44788 (ASN-CRITE...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 213.202.235.10 ()
267 48
18    2606:4700:3108::ac42:2afe (United States)

ASN13335 (CLOUDFLARENET, US)
risu.io
5    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
30    2600:9000:2156:1800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
25    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
3    2600:9000:2156:400:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
18    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
pmp-beacon.apx.appier.net
10    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
gocm.c.appier.net
6    54.238.107.229 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
24    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    34.117.219.39 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
15    54.95.78.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
ccm.holmesmind.com
3    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
3    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
3    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr.eu.criteo.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
8    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.202.235.10 (None, )

ASN- ()
m.exactag.com
Apex Domain
Subdomains		 Transfer
63 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 131430
fcm.holmesmind.com Failed
c.holmesmind.com — Cisco Umbrella Rank: 99037
adcdn.holmesmind.com — Cisco Umbrella Rank: 133649
ad.holmesmind.com — Cisco Umbrella Rank: 87281
fp.holmesmind.com — Cisco Umbrella Rank: 129810
ccm.holmesmind.com — Cisco Umbrella Rank: 307467
m.holmesmind.com — Cisco Umbrella Rank: 235070
144 KB
38 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
csm.eu.criteo.net — Cisco Umbrella Rank: 6838
pix.eu.criteo.net — Cisco Umbrella Rank: 6662
249 KB
28 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 35046
gocm.c.appier.net — Cisco Umbrella Rank: 2561
pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 201974
6 KB
25 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 88598
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net
18 KB
23 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2507
bidder.criteo.com — Cisco Umbrella Rank: 739
ads.eu.criteo.com — Cisco Umbrella Rank: 6834
widget.fr.eu.criteo.com — Cisco Umbrella Rank: 15882
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8615
dis.criteo.com — Cisco Umbrella Rank: 750
152 KB
18 risu.io
risu.io — Cisco Umbrella Rank: 393110
1 MB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
267 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
11 KB
5 gstatic.com
fonts.gstatic.com
154 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1049
11 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246
15 KB
3 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 57206
235 B
3 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17344
507 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
region1.google-analytics.com — Cisco Umbrella Rank: 9409
20 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
2 KB
2 exactag.com
m.exactag.com
2 KB
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 172231
940 B
2 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 8448
geo.yahoo.com — Cisco Umbrella Rank: 1256
ads.yahoo.com Failed
ups.analytics.yahoo.com Failed
921 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
www.google.de — Cisco Umbrella Rank: 5111
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
108 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 382
30 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
641 B
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 101127
11 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 444
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1332
5 KB
0 yieldmo.com Failed
sync-criteo.ads.yieldmo.com Failed
0 yieldlab.net Failed
ad.yieldlab.net Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 teads.tv Failed
criteo-sync.teads.tv Failed
0 taboola.com Failed
sync-t1.taboola.com Failed
0 smartadserver.com Failed
rtb-csync.smartadserver.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 rubiconproject.com Failed
pixel.rubiconproject.com Failed
0 pubmatic.com Failed
simage2.pubmatic.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 mediavine.com Failed
exchange.mediavine.com Failed
0 media.net Failed
contextual.media.net Failed
0 360yield.com Failed
ad.360yield.com Failed
0 casalemedia.com Failed
r.casalemedia.com Failed
0 omnitagjs.com Failed
visitor.omnitagjs.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 adnxs.com Failed
ib.adnxs.com Failed
secure.adnxs.com Failed
267 44
Domain Requested by
30 cdn.holmesmind.com ad.sitemaji.com
cdn.holmesmind.com
ad.holmesmind.com
risu.io
24 static.criteo.net cdn.holmesmind.com
risu.io
ads.eu.criteo.com
20 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
18 risu.io risu.io
static.cloudflareinsights.com
16 ad2.apx.appier.net 8 redirects risu.io
15 ccm.holmesmind.com risu.io
cdn.holmesmind.com
10 gocm.c.appier.net 8 redirects risu.io
ad2.apx.appier.net
9 pagead2.googlesyndication.com risu.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 pix.eu.criteo.net risu.io
6 csm.eu.criteo.net risu.io
6 bidder.criteo.com static.criteo.net
6 gum.criteo.com 3 redirects static.criteo.net
risu.io
6 ad.holmesmind.com cdn.holmesmind.com
risu.io
5 c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net risu.io
cdn.holmesmind.com
t.ssp.hinet.net
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com risu.io
cdnjs.cloudflare.com
4 c.holmesmind.com 1 redirects cdn.holmesmind.com
4 unpkg.com 2 redirects risu.io
3 cat.fr.eu.criteo.com risu.io
3 cdnjs.cloudflare.com risu.io
3 ads.eu.criteo.com cdn.holmesmind.com
3 cm.g.doubleclick.net 3 redirects
3 prebid.scupio.com cdn.holmesmind.com
3 prebid-asia.creativecdn.com cdn.holmesmind.com
3 mug.criteo.com
3 fp.holmesmind.com cdn.holmesmind.com
3 adcdn.holmesmind.com cdn.holmesmind.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 m.exactag.com risu.io
2 m.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 pmp-beacon.apx.appier.net ad2.apx.appier.net
2 www.google.com tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com risu.io
www.googletagmanager.com
1 dis.criteo.com risu.io
1 widget.fr.eu.criteo.com ads.eu.criteo.com
1 www.google.de
1 geo.yahoo.com
1 ads.yap.yahoo.com s.yimg.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 s.yimg.com ad.sitemaji.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ad.sitemaji.com risu.io
1 cdn.jsdelivr.net risu.io
1 static.cloudflareinsights.com risu.io
0 sync-criteo.ads.yieldmo.com Failed risu.io
0 ad.yieldlab.net Failed risu.io
0 ups.analytics.yahoo.com Failed risu.io
0 ads.yahoo.com Failed risu.io
0 eb2.3lift.com Failed risu.io
0 criteo-sync.teads.tv Failed risu.io
0 sync-t1.taboola.com Failed risu.io
0 rtb-csync.smartadserver.com Failed risu.io
0 s.ad.smaato.net Failed risu.io
0 match.sharethrough.com Failed risu.io
0 pixel.rubiconproject.com Failed risu.io
0 simage2.pubmatic.com Failed risu.io
0 sync.outbrain.com Failed risu.io
0 exchange.mediavine.com Failed risu.io
0 contextual.media.net Failed risu.io
0 ad.360yield.com Failed risu.io
0 r.casalemedia.com Failed risu.io
0 visitor.omnitagjs.com Failed risu.io
0 x.bidswitch.net Failed risu.io
0 secure.adnxs.com Failed risu.io
0 ib.adnxs.com Failed risu.io
0 fcm.holmesmind.com Failed cdn.holmesmind.com
267 72

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
m.me
Subject Issuer Validity Valid
*.risu.io
E1		 2022-06-02 -
2022-08-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
feebee.com.tw
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-13 -
2022-08-03		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-02 -
2022-08-03		 5 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-11 -
2022-08-10		 6 months crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.apx.appier.net
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.c.appier.net
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2021-11-29 -
2022-12-07		 a year crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2021-08-16 -
2022-09-14		 a year crt.sh

This page contains 33 frames:

Primary Page: https://risu.io/TqZcM
Frame ID: EC9409FA014DDC46AE4332716D064651
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: C42D7B0040F28A12A3CAA4572CD65764
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1655606290&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frisu.io%2FTqZcM&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655606289704&bpp=3&bdt=400&idt=491&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4468256077292&frm=20&pv=2&ga_vid=998406147.1655606290&ga_sid=1655606290&ga_hid=393108190&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2869206730227398&tmod=519600684&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508
Frame ID: B401A4DC00A906AD37363C629D07BCF3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 664CF85E25437A84040E662F0485DFE5
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: AA20A96E502E0FDBB09F3F37382CE56F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 10A44E162E58FF90C7526C42E85BC645
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86CC31F68CBD26DED3F9C1F4D33FC8DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E39B42F4427F59805A749853438C478E
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 19C0BBC6F8D649074700EECED2CB5F68
Requests: 1 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=hBPs3z0uCtWAJKCBE4yuYg&id=id0vcn5lbjos5z7xp
Frame ID: 8D8243ABA0DFC9203A09786AE997AA9E
Requests: 2 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=Pdl695VOA2CR7SWgE4yuYg&id=id0vcn5lbjos5z7xp
Frame ID: 46435C0A9642F8CEA4082BCBDB556046
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: F7C4F6D817408F0CC15BC353A9A9254D
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Frame ID: 8E2F7687F9AE325C97E0AEC2CA92896F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 62CC7ACCAB76D0DDDDA6B31B2F3A6F97
Requests: 8 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: B128EC93E779F8CA1BF4CBAA91CAC4AB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: E13BC99005DA5A4E3DDB3CCEF406057D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 1053D158F79579C13519E9E33217EE07
Requests: 20 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 818EBD0C4CD74E2D2865714B961D4C34
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B303B61F53C7C0E5304CE2BEF65B9A85
Requests: 19 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: BFFF24392833AAAEDBAF7474F213637F
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 28A30502D68B91B54D903DAD0D771F79
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHWHy2xHIerR1_1GC6AieoZ9d2g2VyL2-BfuwZGFaNuuOAfPZQpEBxeF4Y4cdkGlvwqufA9MdThUD0jSZKyQXyEt-PqSs8xq5h6TYso9j9LgkwZWvQtx0B-SOLFLybkLcImgR6Y8-eykS-PRZbz95o6yTmZcS7fe1C8WAO6sHwmKW26uiVkoMOCxlujthoycq-QXwP01RvnMrezvwztf1wY8eU4f6CVRw8GvRbz9Ad-Q5Zarx-ABloyyu0utsywxSJGMcegHPbwzptXpT9SzMeD5ieT-1M9TYfRUQD1WIrhJu9Mh4QVpTT5m4tdkiJCT15iud6X9zw2QQR0wVdQlvIt6bllhunwwl9WPCynKWqkCN1ReqqF17tS7_-GDzuQpAyi4b9lsJl08qZFU4MoWLJzlgXirnVMkQxqc-5szHTTGuyLvDlPyxZiqZII8VQkdGag
Frame ID: 09F72E132CA169D4DE025B3792700F5C
Requests: 1 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62ae8c13d51aef1e6aef3a19bf86e0a8
Frame ID: 0BE5B2EA9BA5478021582B1783E52132
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Frame ID: C14D9611EEF5D821BA15FFB78021E7D1
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 104DB2996601D1FA618313CF620F8AE4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: DD374273801AB75676B63B7858DA3A60
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Frame ID: D21D1B28FB8317F6568D7193A385097A
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Frame ID: BDE38BE4D05252395476B20723D561AD
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Frame ID: 0481725DD6DB7950D2F2F95172F058AF
Requests: 30 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Frame ID: 40ED1C78114E2D8B36E534AC6808B597
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Frame ID: 3D5ACF69CF6A1193247BCD27AC5174A4
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/flash/icon/privacy_small.svg
Frame ID: 412FE4FC579FD5992FCAEA406C5DE28E
Requests: 18 HTTP requests in this frame

Frame: https://static.criteo.net/flash/icon/privacy_small.svg
Frame ID: 4398A1820296F3C984487BEEFEA1809C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

短網址。行銷。分析 - Risu.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

267
Requests

81 %
HTTPS

52 %
IPv6

44
Domains

72
Subdomains

48
IPs

9
Countries

2367 kB
Transfer

9041 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/video.js@7/dist/video-js.min.css HTTP 302
  • https://unpkg.com/video.js@7.20.1/dist/video-js.min.css
Request Chain 11
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css HTTP 302
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Request Chain 58
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 65
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=hBPs3z0uCtWAJKCBE4yuYg&id=id0vcn5lbjos5z7xp
Request Chain 66
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=Pdl695VOA2CR7SWgE4yuYg&id=id0vcn5lbjos5z7xp
Request Chain 79
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KmrWqnxIWjlTM0lUcVFyeThBRHdlQ1FVOTlQZ0dTY2VSTkV0dE9rWGQ3TlR0L3UzMlpKeldibTJvdXVHa2lvK2IxcFhIS2lvTzY3WkNhNitTbWhBN2xtbzJMeW9oMmZoSU15cXY0V2JhWU00R0NibTVZRVhlYUQxQUYrSElZSlpocGRsNkJqalFJY2J1eThvRUFacGJqaGFhSWh2RHhDd0Y5aUVNbFZVMEJrczAxdTNqS2VGSkFvbkxZR3BEb2VJZmhwdkM5N2RIZzdUaXlPZGhneWY0UmZwejRTOUNub084MU9SWmEyQWFKWmNxckEwRVMvSDB5TG5NVU8wNkF5SDFOM2pwVFNSWjJISUVIRzc2VkhyOGxxbzdIUT09fA&cppv=2
Request Chain 91
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 92
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEJP42ofS6Qm3PBJHSonwqpc&google_cver=1
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEG4ojmSN5vNOF1zZFsj1h9E&google_cver=1
Request Chain 141
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 143
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 146
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 147
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Request Chain 168
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5RVVONlBaSXJ0ZCUyRnR6SHNvMExMRkpqMWR4aHRYTGlmajZGSHElMkYydEl1UWkwJTJCbE1uZDNSeTRibiUyRlpJS0lqVnBrJTJCMUF2eWxGdmJsNG52JTJCcDFiTnZKaXFOWlRieHZvNWNtbFElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=T3BlEnxCQkFDOTBJam5iRmIxck1ISHJiQzdQcE5HU2pOQXhuZHJpRTNkYnpzUUVrQXd2bkE0NEM3ZFBQSTM1Y2RpVFR2dHlPRXJNbWR2YzZEck1zR2ZGOERMemN6VDFXQ2Q2anZvTnNuS0trenl4VURsYUlPU1lTYVlNZUZ6STYzWklXOUlaaVV4Y3pGQ2FsUnNCUDFaRGFFVjN6NDB3RFNaSS92VGN2MUVxQjdoa09VWTg4SDZkc3ZBdklST3A4cWdLdlFlU2Z6bGNJZHJkZ3A0citXTFBZWjQzTVNlMzRVTEdPUURIQlliUjNTYVRMRkYxTGh5ZGYzU1dpS1RmMFp4SURYbUphdFlud2lXNlZzL0pGbjFvNkVFZz09fA&cppv=2
Request Chain 173
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5RVVONlBaSXJ0ZCUyRnR6SHNvMExMRkpqMWR4aHRYTGlmajZGSHElMkYydEl1UWkwJTJCbE1uZDNSeTRibiUyRlpJS0lqVnBrJTJCMUF2eWxGdmJsNG52JTJCcDFiTnZKaXFOWlRieHZvNWNtbFElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=lpi1YXx2ekk1ZGd2Yyszamt4LytEVGlSbmZvdW1tOHVOaXRncjkxbFYvWHYxUTJScngvUDhVVFlnL1pYMGFNVGpaMWJldW1Ydi9wYzNyUjFNWGVubVpHd1haSzFnZzJQWlcveU9kdGt1cUQ4TnkwRWJxUkE1K0RDWVJDKysyVUZRbmJSSTJCVTRlUlhnOVNybi94VFF5eTB4Vmk0eU1mVlhkNVBHUlcvMllOeXJhWnpPWGxGdkJLSEZLWThubWhISG5kMW1vSVB4ZGZlK1BpWDR4NklCM1JYdDlUVFB4VzMyTGhxdXNqcXhSTDQ4bWdNbHFVQWFZTk45ajBJOGFYbTNFU3VuMFdMVVFSMzdIQmcraVh5QTcwbElmZz09fA&cppv=2
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_cm&google_hm=ay02U3lDM21sRGVVTFRRR2hHX2gwOWlQZlNRRU00LWFMNUVtWWotQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_gid=CAESEJt1bdimbNJAL4FIDUCRrqI&google_cver=1&google_ula=913071,0

267 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request TqZcM
risu.io/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea460320d2188f26cb98bf9443335e6b7e09a000e7c1df7c1ddf3c0e73041d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
71d8e309d9259b28-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 19 Jun 2022 02:38:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
32f9c038-14bb-40c0-9ae9-f784dc388adf
x-runtime
0.048577
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		5 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 02:38:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 02:38:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 02:38:09 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f59f83d404f84a3dfcb245682702b9ae1f3f44f8e4b174b501609b8b988109a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 02:38:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 02:38:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 02:38:09 GMT
application-025be2bd.css
risu.io/packs/css/layouts/ 		537 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/css/layouts/application-025be2bd.css
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd03dd863bdd813f118e423535dbf1e419ed3d7952800f40222a68bcab7650b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30c3bf69b28-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 17 Feb 2022 13:39:21 GMT
server
cloudflare
age
9529613
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
header-419e5bb6.css
risu.io/packs/css/commons/ 		226 B
220 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/css/commons/header-419e5bb6.css
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30c4bf79b28-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 08:33:13 GMT
server
cloudflare
age
11546577
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
show-e44e9b15.css
risu.io/packs/css/pages/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/css/pages/show-e44e9b15.css
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627950526c12cc2e36c3c841663dcae04b0a99c6ae3de2ae0ca075c06c7f3989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30c4bf89b28-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 30 Apr 2022 16:22:59 GMT
server
cloudflare
age
4268957
cf-polished
origSize=16660
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
invisible.js
risu.io/cdn-cgi/challenge-platform/h/g/scripts/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655596800
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d71cc8120ff81cfd5503ccb77ed9535ee0bbb3071453cf35ae629502889ad42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
71d8e30c5c139b28-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
71d8e30c6c149b28-FRA
vary
Accept-Encoding
expires
Tue, 21 Jun 2022 02:38:09 GMT
rocket-loader.min.js
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
71d8e30c6c159b28-FRA
vary
Accept-Encoding
expires
Tue, 21 Jun 2022 02:38:09 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
71d8e30cba33994a-FRA
index.css
cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/index.css
Requested by
Host: risu.io
URL: https://risu.io/packs/css/pages/show-e44e9b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffee74a30d36b15e81e213d30fb739860728aa56f4819037b87d5845bd1c34b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15947
x-jsd-version
3.4.115
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-iad-kiad7000022-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"cf0-WUiujpg6FX8rgklwgVmNrMDey0s"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJO0TjYzD%2FHOQVqcTRoa5uoTeAdHzZxwjl4YlsJeLVewiSpbYMre5u%2FvM81mVn9YXULgd9lerafkIlETFzs5lYht1hYvSQzPQDMXIbtJGPoHT1JRUUnY3Mm9o1HH6Ktkqj9YlRXpEZTF9WWz94Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71d8e30cccd05b6e-FRA
access-control-expose-headers
*
video-js.min.css
unpkg.com/video.js@7.20.1/dist/
Redirect Chain
  • https://unpkg.com/video.js@7/dist/video-js.min.css
  • https://unpkg.com/video.js@7.20.1/dist/video-js.min.css
40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/video.js@7.20.1/dist/video-js.min.css
Requested by
Host: risu.io
URL: https://risu.io/packs/css/pages/show-e44e9b15.css
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1578604
fly-request-id
01G4DVN2BSS1JH450K24PE6ART-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"a027-PwCOyCQ3m6Je7s2ICmqG8TWy2n8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71d8e30cff5d91f5-FRA

Redirect headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G5WWWKV4EB50YTMVSPTKF044-fra
server
cloudflare
age
313
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/video.js@7.20.1/dist/video-js.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71d8e30ccf3891f5-FRA
access-control-allow-origin
*
index.css
unpkg.com/@videojs/themes@1.0.1/dist/sea/
Redirect Chain
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
1 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Requested by
Host: risu.io
URL: https://risu.io/packs/css/pages/show-e44e9b15.css
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
12502552
fly-request-id
01FT89TMHQ6K04680108FG0DQS
content-encoding
br
vary
Accept-Encoding
last-modified
Wed, 28 Oct 2020 04:24:35 GMT
server
cloudflare
etag
W/"4f6-vBgwTvo8UG+Hkhbt9c4vT9i+iMU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71d8e30cff5e91f5-FRA

Redirect headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G5WWQKZFYDXG741KCM1VW7TB-fra
server
cloudflare
age
376
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@videojs/themes@1.0.1/dist/sea/index.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71d8e30ccf3a91f5-FRA
access-control-allow-origin
*
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:25:44 GMT
x-content-type-options
nosniff
age
285145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:25:44 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:46 GMT
x-content-type-options
nosniff
age
379823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:46 GMT
bootstrap-icons-dfd0ea12.woff2
risu.io/packs/media/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by
Host: risu.io
URL: https://risu.io/packs/css/layouts/application-025be2bd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer
https://risu.io/packs/css/layouts/application-025be2bd.css
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 12 Mar 2022 12:29:56 GMT
server
cloudflare
age
750805
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71d8e30d3e55914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90528
show-b990d0abe90da307dc20.js
risu.io/packs/js/pages/ 		3 MB
782 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/js/pages/show-b990d0abe90da307dc20.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21720b08009a60f674effa98d57fc68e3e5c60cd8626e18bd1250949ef11e5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30d6e71914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 10:24:04 GMT
server
cloudflare
age
2129599
cf-polished
origSize=2934821
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
zh-TW.js
risu.io/javascripts/i18n/ 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/javascripts/i18n/zh-TW.js?7aea9db0d7da4378d71169b7edde7c80
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b011987bc406d3c3311b7478e9edbcf399bedbf6db642471f4a0b19513511e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30d6e73914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 18 Jun 2022 23:42:14 GMT
server
cloudflare
age
902
cf-polished
origSize=23897
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aea83dea87a1e70bc6a64d4c79d83e2c8397af74490fb4c2de76553be1fc0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56502
x-xss-protection
0
server
cafe
etag
11347930262878258255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 02:38:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c6cc38a6a6e3add0e7f07f944f69c8dc43a120ee1e5cd92862c2cab0a2afd2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56518
x-xss-protection
0
server
cafe
etag
16288175937404133633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 02:38:09 GMT
header-b1422cc1aba63e943bed.js
risu.io/packs/js/commons/ 		477 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/js/commons/header-b1422cc1aba63e943bed.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb87ffb1cefcabf95a6a98fb3da2e2a266032d2fbf5d8ebb793ab49ea76155a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30d6e75914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 10:24:04 GMT
server
cloudflare
age
2129599
cf-polished
origSize=488075
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
application-9a34ff86c45259c43cdf.js
risu.io/packs/js/layouts/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/packs/js/layouts/application-9a34ff86c45259c43cdf.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fa9b92cb6fe06664beddd9c94c87636d4ac9f515e1c37a76db97681ef26a7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e30d6e76914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 10:24:04 GMT
server
cloudflare
age
2129806
cf-polished
origSize=56404
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
pica.js
risu.io/cdn-cgi/challenge-platform/h/g/scripts/ 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38f5a5800f1014657fc6d7d653d0ea04748e68429006d8d1e0a4d9d6ee26797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
71d8e30d6e7a914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70228a2eb5c84e022306ce97ad114ad99bbbc8e3cefc9032258e787697e344fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40234
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Jun 2022 02:38:09 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61ada9b83597e2e32fbd97bcae60e076ec160c1151e58bc18ff6473c2c1a5141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122727
x-xss-protection
0
server
cafe
etag
7626487649187286506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 02:38:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame C42D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 20:15:48 GMT
etag
8616628553774171045
expires
Sat, 02 Jul 2022 20:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ysm_risu.js
ad.sitemaji.com/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_risu.js
Requested by
Host: risu.io
URL: https://risu.io/packs/js/pages/show-b990d0abe90da307dc20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
45fc9afe6d521580609d419509d904e1e0e69f4737c3df6ef5580e2d26cd7726

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 11:54:04 GMT
via
1.1 google
last-modified
Thu, 09 Jun 2022 08:17:08 GMT
server
nginx/1.12.1 (Ubuntu)
age
53046
etag
W/"62a1ac84-93db"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11493
expires
Sun, 19 Jun 2022 11:54:04 GMT
facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 		802 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e310382c914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 08:33:13 GMT
server
cloudflare
age
10640940
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-icon-501a643d.svg
risu.io/packs/media/brands/ 		1 KB
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray
71d8e310382d914a-FRA
date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 08:33:13 GMT
server
cloudflare
age
11446260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo-1a0670e0.png
risu.io/packs/media/adult/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/adult/logo-1a0670e0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/TqZcM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
via
1.1 google
cf-cache-status
HIT
age
5672129
cf-polished
origFmt=png, origSize=4434
content-disposition
inline; filename="logo-1a0670e0.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2888
last-modified
Tue, 29 Mar 2022 13:43:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71d8e310382e914a-FRA
cf-bgj
imgq:100,h2pri
b8bc9af8-297e-428a-bc93-1f2259c5dd5e
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/b8bc9af8-297e-428a-bc93-1f2259c5dd5e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
a61b0345-4b69-47c8-9c97-70d5da5e510d
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/a61b0345-4b69-47c8-9c97-70d5da5e510d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
71d8e309d9259b28
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/71d8e309d9259b28
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655596800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://risu.io/TqZcM
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
br
server
cloudflare
cf-ray
71d8e3119925914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
77c9afb2-2c84-431b-9e38-38fb96afbaad
https://risu.io/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/77c9afb2-2c84-431b-9e38-38fb96afbaad
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
rum
risu.io/cdn-cgi/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://risu.io/TqZcM
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type
application/json

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://risu.io
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
71d8e311992c914a-FRA
vary
Origin
cookie.js
partner.googleadservices.com/gampad/ 		211 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ba1958798de4165e6121471f719e5dcef624b80648cf6e782b51746d4571b748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=risu.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=risu.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Frisu.io%2FTqZcM&tn=DIV&cls=sweet-modal-overlay%20theme-dark%20sweet-modal-clickable%20is-visible%20blocking&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Frisu.io%2FTqZcM&tn=DIV&cls=sweet-modal-overlay%20theme-dark%20sweet-modal-clickable%20is-visible%20blocking&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B401 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1655606290&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frisu.io%2FTqZcM&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655606289704&bpp=3&bdt=400&idt=491&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4468256077292&frm=20&pv=2&ga_vid=998406147.1655606290&ga_sid=1655606290&ga_hid=393108190&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2869206730227398&tmod=519600684&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=508
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b17c01d2401fa5c25e8e751859e9de80c8e78c8f0bf260503017755c25f1f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4569
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:10 GMT
expires
Sun, 19 Jun 2022 02:38:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
770456bda4291dcae2dcf85bfa77bd2724a65aac0689f0372a8556315348140d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10594
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
380d4e780f251207e57c3af5cbc61e99f0dbc30905a659ee8b69cc668e3635d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70246
x-xss-protection
0
expires
Sun, 19 Jun 2022 02:38:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6543
date
Sun, 19 Jun 2022 00:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 19 Jun 2022 02:49:07 GMT
init.js
cdn.holmesmind.com/js/ Frame 664C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
14
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:57 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
K1-lqNi1_BX0S93WKnZ-1xAOZjNp_B10oVVs_VLEXlz2QDkR085RYA==
native.js
s.yimg.com/dy/ads/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
H4W0PMXR7TAGAXZ8
x-amz-id-2
XwDXzmsiBfhJGQEDG02QEkWCmcDCRMCYuR19IC8K8MNufVQ56/PLhjwI3eY9H4cuAV168FcjDyU=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=600
accept-ranges
bytes
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9208708170783140&plah=risu.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Jun 2022 02:38:10 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=393108190&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2FTqZcM&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=102168499&gjid=1727436018&cid=998406147.1655606290&tid=UA-146086888-1&_gid=331285830.1655606290&_r=1&gtm=2wg6f0MR8WJDJ&z=874936035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=2oe6f0&_p=393108190&_z=ccd.v9B&cid=998406147.1655606290&ul=en-us&sr=1600x1200&_s=1&sid=1655606290&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FTqZcM&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame AA20 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25
content-length
3044
content-type
text/html
date
Sun, 19 Jun 2022 02:37:56 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-id
FJbWfOR8eQ8g15sHrIzAk4l_PdTlBgQl2rRaiUd0NSehgXsMWh7u9w==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 664C 		662 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
13
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:58 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
ABP0wnV9TVhyCQi5Y4UvZxzUXYZ8j6LpbX6BiEUxlP87u_2RB-yRhw==
presetfn.js
cdn.holmesmind.com/js/ Frame 10A4 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
28
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:56 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
OyTjmVvWfVpy3MGcbLhRWIE5fRCKQxHJJda5EfXxTDsYspd3Z5V6Lw==
collect
stats.g.doubleclick.net/j/ 		4 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-146086888-1&cid=998406147.1655606290&jid=102168499&gjid=1727436018&_gid=331285830.1655606290&_u=YAhAAEAAAAAAAC~&z=991272887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Jun 2022 02:38:10 GMT
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86CC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35602
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 16:44:48 GMT
expires
Sun, 18 Jun 2023 16:44:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E39B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eb4dfc05daf248baa421a250511bb93a5981d726de4be43ce8f8ece434ea389e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4W7mjUoNs8Rh64l_pa7lzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4W7mjUoNs8Rh64l_pa7lzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:10 GMT
expires
Sun, 19 Jun 2022 02:38:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ 		290 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=3c6242ef-4bfe-4183-89a6-c1c5846d6f98&apiKey=VFSQG6VR6ZX3Z42S2T7P&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2FTqZcM&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-flurry71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
6edf11a91ccdb294c999410dfb1b75b927bbeeaafd94c99984ee2862394b0499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
b
geo.yahoo.com/ 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-type
image/gif
content-length
43
cm.php
fcm.holmesmind.com/ Frame 19C0 		0
0
utag.js
t.ssp.hinet.net/ Frame AA20 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:11 GMT
cm
c.holmesmind.com/ Frame AA20
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Sun, 19 Jun 2022 02:38:10 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 10A4 		577 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11143
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c48615ca4d8b6f6e886e10b2988f0d979efc01a138899b4edf1b61a54bbd5fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-amz-cf-id
2RWUrMpOQvgVu6_P3nGcfUMCXH7_Wd8im8kH8wzo3Tl8-74_iJdJVw==
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146086888-1&cid=998406147.1655606290&jid=102168499&_u=YAhAAEAAAAAAAC~&z=1402276124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146086888-1&cid=998406147.1655606290&jid=102168499&_u=YAhAAEAAAAAAAC~&z=1402276124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Fp7ECwttPu2Qt8V9RhmSdP8PTUkobZWfkzIiSeRIuag.js
pagead2.googlesyndication.com/bg/ Frame 86CC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fp7ECwttPu2Qt8V9RhmSdP8PTUkobZWfkzIiSeRIuag.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
169ec40b0b6d3eed90b7c57d46199274ff0f4d49286d959f93322249e448b9a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:41:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13866
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 16:41:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E39B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2869206730227398&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 86CC 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ifSbXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 8D82
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=hBPs3z0uCtWAJKCBE4yuYg&id=id0vcn5lbjos5z7xp
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=hBPs3z0uCtWAJKCBE4yuYg&id=id0vcn5lbjos5z7xp
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
5b83b2a73aa9c17596f2671073c0beab28d7916f015bb7e0e2e52bb04bf4d103

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
via
1.1 google
server
nginx/1.19.0
cache-control
no-store
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=hBPs3z0uCtWAJKCBE4yuYg&id=id0vcn5lbjos5z7xp
date
Sun, 19 Jun 2022 02:38:11 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
140
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 4643
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=Pdl695VOA2CR7SWgE4yuYg&id=id0vcn5lbjos5z7xp
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=Pdl695VOA2CR7SWgE4yuYg&id=id0vcn5lbjos5z7xp
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
3a80c93d5546cd25cf13e6c003a4efd4015a94396e6e2f06167cbeefe1c29b97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
via
1.1 google
server
nginx/1.19.0
cache-control
no-store
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8

Redirect headers

location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=Pdl695VOA2CR7SWgE4yuYg&id=id0vcn5lbjos5z7xp
date
Sun, 19 Jun 2022 02:38:11 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
140
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ads.js
ad.holmesmind.com/adserver/ Frame 10A4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11143&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=804&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a0b1aa7238f47c2b35dad8813f32842954145f418441b8871b6e26986964830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 10A4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
accept-ranges
bytes
content-length
2773
x-amz-cf-id
aExsnrZQt65GjTznpu1VSJbYKLZidRXzjrnjgPH5YToI7YkAO_RW6A==
publishertag.js
static.criteo.net/js/ld/ Frame 10A4 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Jun 2022 02:38:11 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 10A4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
accept-ranges
bytes
content-length
2443
x-amz-cf-id
kVzQc-fNhvP2Ful33Ha75Fwc4j0rCF4zlfuBk2QvfAlyllnNzWYeAA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 10A4 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
accept-ranges
bytes
content-length
4530
x-amz-cf-id
nJ923TWd6Hpk5sFTe5oDhDExfhVLKaYfV1ceR4biNZykCnItR6gOpA==
appierV2.js
cdn.holmesmind.com/js/ Frame 10A4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"548ed610a8571343fb3022f543174735"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
accept-ranges
bytes
content-length
3177
x-amz-cf-id
fOSfuI9IRMH9uE7w1_FAZflAJd-VnOVLi8ml0dbL9-cC9P2ldI7JGQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 10A4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
accept-ranges
bytes
content-length
2568
x-amz-cf-id
e3tMJKqaeKRvtIuEhD4LCHrooFsl-OfZoEOLmB4Mn_L20qug72tLZw==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2869206730227398&bg=!dXaldjLNAAbASn8N4Eo7ACkAdvg8WlkWiX2hc5AwjHS54ruty83oRC3DAAE2vYg_Ef5ICsfqxf8cKQIAAABcUgAAAAJoAQeZAp17xwsA8flqibrAcM7SYOTb7JKDVlH2YP8vtezHA3NGycP3kZE8bT-JFahChfqInuQZyQdie0428_Qwp3bDRmlJm8Iq_zMTtJMDa9ylDe7t1ezmjX8oJF1W9ZIS3Q4foJtldm3ZQwAW-hq-YvynkhonJyUajtIZ4G5DIh7QEoZ5-kUrBsW2XWFc4a4pFZOKxCnyRga-wLXUqsrHZimn66odof9ijK3RZ6Fm6ajkWBCVNCkVRKyGCEs8_4YvWKTHu9yZGAZq2K2sMWP7wPe2d2au-KdqTk9mqXzQoDpXFQCqb1sv6QTXimeBtQEf0crZzrfjfRs6wAbu-8lJO8Co3IIb7oXVUjxQNZ3F8aNY1TkS-UvBFBP69BDgeO5lEZSExG8XuTqwed09x4ync42It0g_OFdVzX1KIcS3LqspoWgA89c0C3hdnTRLJwSOHe6Zt-Egiw4l8JHZnFxNZHCWKK8PcEselhoMblY_ycWZCPJFT1NHDjntztYVbNd2VICxXn99tGoGeqS7Y7LzgM1B1hBfnNHLoQS0tEqAOBs2YTT861UBm15EHgYb8DZO1Zre2fYha3wkgs6wBRLqAYSC1esiPbi6JTQFy2U96GXoaLCwuU2kNHAx5HEUl0F2872M-3gJBPO2VSUY5Tyl8jP5qIaue0G0Oo5vE6TOArk6kBstSO1n8BeAHJqPdNlpZODrdJzUXRG-Cumt6UNfDcHjiSYSFtpMoQ4OAb62BfVkSuhJSizgiSyGcU3Mgo91QluB8crHE3IwJ40H-UqOV76605Nf0sgp22Rv9c6iVIyvdazGgk0HiZbPTRL1Pw9W9uBJ4H0QGKfI1uMnuz0VZ3QEikz60MrQmWle79YAB77TaMsVhJX3jyHWClCb08kKxuE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame F7C4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6149
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:11 GMT
server-processing-duration-in-ticks
1958
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
landing.php
fp.holmesmind.com/ Frame 8E2F 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 02:38:11 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 10A4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:11 GMT
/
t.ssp.hinet.net/ Frame AA20 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
13f274f056eb816abf6ab4dab9c1e653441a3de63ad6b1ebe4599e066df1e633
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sid
mug.criteo.com/ Frame F7C4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KmrWqnxIWjlTM0lUcVFyeThBRHdlQ1FVOTlQZ0dTY2VSTkV0dE9rWGQ3TlR0L3UzMlpKeldibTJvdXVHa2lvK2IxcFhIS2lvTzY3WkNhNitTbWhBN2xtbzJMeW9oMmZoSU15cXY0V2JhWU00R0NibTVZRVhlYUQxQUYrSE...
452 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KmrWqnxIWjlTM0lUcVFyeThBRHdlQ1FVOTlQZ0dTY2VSTkV0dE9rWGQ3TlR0L3UzMlpKeldibTJvdXVHa2lvK2IxcFhIS2lvTzY3WkNhNitTbWhBN2xtbzJMeW9oMmZoSU15cXY0V2JhWU00R0NibTVZRVhlYUQxQUYrSElZSlpocGRsNkJqalFJY2J1eThvRUFacGJqaGFhSWh2RHhDd0Y5aUVNbFZVMEJrczAxdTNqS2VGSkFvbkxZR3BEb2VJZmhwdkM5N2RIZzdUaXlPZGhneWY0UmZwejRTOUNub084MU9SWmEyQWFKWmNxckEwRVMvSDB5TG5NVU8wNkF5SDFOM2pwVFNSWjJISUVIRzc2VkhyOGxxbzdIUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5328a8bcb3e7ce6dec51718a6f0777afa05615d0681c2fdd39f15f7b8970ed7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4429
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:10 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=KmrWqnxIWjlTM0lUcVFyeThBRHdlQ1FVOTlQZ0dTY2VSTkV0dE9rWGQ3TlR0L3UzMlpKeldibTJvdXVHa2lvK2IxcFhIS2lvTzY3WkNhNitTbWhBN2xtbzJMeW9oMmZoSU15cXY0V2JhWU00R0NibTVZRVhlYUQxQUYrSElZSlpocGRsNkJqalFJY2J1eThvRUFacGJqaGFhSWh2RHhDd0Y5aUVNbFZVMEJrczAxdTNqS2VGSkFvbkxZR3BEb2VJZmhwdkM5N2RIZzdUaXlPZGhneWY0UmZwejRTOUNub084MU9SWmEyQWFKWmNxckEwRVMvSDB5TG5NVU8wNkF5SDFOM2pwVFNSWjJISUVIRzc2VkhyOGxxbzdIUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3279
content-length
541
expires
0
/
t.ssp.hinet.net/ Frame 10A4 		37 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a3c6799721d9a2a04e17a1b830039b35c044f993907f00f50dd304527d2c20cc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame AA20 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=55a60bdc-5c44-436c-9d12-2edc94059c2e
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 10A4 		30 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame 10A4 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11143&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=804&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
11
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:11 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
di2fqHOGW4DZGJ_zLkwL1PjJCN8SyH0_g32U8_K2H6oWHj9-YIYbzg==
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45583%26Tags%3D2364
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45581%26Tags%3D2364
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 664C 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 10A4 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 10A4
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 10A4
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 10A4 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=55757994494
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3b4840c7d416b199827cf1d58f6696f5344bfafbc5b65ec746d45cff13305878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
824
cm
t.ssp.hinet.net/ Frame 10A4 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&mp=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/ Frame 10A4 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/pixel?bd=c17157ee-7431-4d2d-9487-cc57ecdd8c11&t=50ef57
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
prebid.aspx
prebid.scupio.com/recweb/ Frame 10A4 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4258418528603076
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:11 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://risu.io
cache-control
private
access-control-allow-credentials
true
fpc
pmp-beacon.apx.appier.net/v1/ Frame 8D82 		12 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
init.js
cdn.holmesmind.com/js/ Frame 62CC 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
16
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:57 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
9W6Y8AYaYhfk5qe63GXtW960RTi57jKK50XYl6duk6fKGlHeY8zSNQ==
gcm
gocm.c.appier.net/ Frame 62CC 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.78.222 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1558-222.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
fpc
pmp-beacon.apx.appier.net/v1/ Frame 4643 		12 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame B128 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.78.222 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1558-222.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
cache-control
no-store
server
nginx
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
init.js
cdn.holmesmind.com/js/ Frame B128 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
16
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:57 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
6K3tlNAGl019rm5xaWxGzYa12v-XvoR5r7cOHGpa1r6cxqDGH_w29Q==
capmapping.htm
cdn.holmesmind.com/js/ Frame E13B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27
content-length
3044
content-type
text/html
date
Sun, 19 Jun 2022 02:37:56 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-id
VccSmmZ7eQ7HJrysu39hT81154-01mbP_N-UbiRiJEObfbxG2B4FlA==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 62CC 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
15
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:58 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
gaUz2kZ0Lah14OENsgHp3YBRHGqXRYcYclwrFaDZsJtd9fxwDAK6kg==
presetfn.js
cdn.holmesmind.com/js/ Frame 1053 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
30
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:56 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
cnKZsWln6lcHfh8eXzvdwC_aVcnNmEKWJrnN1mh4WbZTzJwXsIhrRw==
events
bidder.criteo.com/csm/ Frame 10A4 		0
208 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
capmapping.htm
cdn.holmesmind.com/js/ Frame 818E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27
content-length
3044
content-type
text/html
date
Sun, 19 Jun 2022 02:37:56 GMT
etag
"b585383190cc538c34a520974872d918"
last-modified
Thu, 24 Mar 2022 11:21:34 GMT
server
AmazonS3
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-id
zDcf1jDuyS78umBIREOsUUNloGrWz6Wb07HwDV_Nd1-x65-Uat_pkA==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame B128 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
15
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:58 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
O-qk3_z24AEtGs-p7XYM5eagsYMiZ41uOlSGNvGYU1-PHc1Qcg4aog==
presetfn.js
cdn.holmesmind.com/js/ Frame B303 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 03:26:21 GMT
server
AmazonS3
age
30
etag
"8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:37:56 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6093
x-amz-cf-id
Cyt5MfaD20zpacjn3_lIR6jZnudwp6o07InM555virNIWxWud7-cAQ==
cm.php
fcm.holmesmind.com/ Frame BFFF 		0
0
utag.js
t.ssp.hinet.net/ Frame E13B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:12 GMT
cm
c.holmesmind.com/ Frame E13B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
/
cm.lndata.com/ Frame E13B 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sun, 19 Jun 2022 02:38:13 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
google
m.holmesmind.com/ml/ Frame E13B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEJP42ofS6Qm3PBJHSonwqpc&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEJP42ofS6Qm3PBJHSonwqpc&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEJP42ofS6Qm3PBJHSonwqpc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 1053 		1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11260
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7083eeb31e206ae9e284d13ae8e4be5efbefe6073397f1cebd7cf8823d311283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-amz-cf-id
KF736oVos-1-cSwh5tJlPnF-TzSa4Nr0hZtQ_Apf2xLrLcldwwtdwg==
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame 818E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 28A3 		0
0
utag.js
t.ssp.hinet.net/ Frame 818E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:12 GMT
/
cm.lndata.com/ Frame 818E 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sun, 19 Jun 2022 02:38:13 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
google
m.holmesmind.com/ml/ Frame 818E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEG4ojmSN5vNOF1zZFsj1h9E&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEG4ojmSN5vNOF1zZFsj1h9E&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEG4ojmSN5vNOF1zZFsj1h9E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame B303 		1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11260
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7083eeb31e206ae9e284d13ae8e4be5efbefe6073397f1cebd7cf8823d311283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-amz-cf-id
FTxYfyowPQgco5SduAQW7TsMuh6mqZckC09F71znPU6mfw5RQFZPFQ==
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
/
t.ssp.hinet.net/ Frame E13B 		36 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a6099c8c95334dca9696f289c5e224d5324b2c4f5dde247bbe85102f0be71ec9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 818E 		36 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a6099c8c95334dca9696f289c5e224d5324b2c4f5dde247bbe85102f0be71ec9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ajs.php
ads.eu.criteo.com/delivery/r/ Frame 09F7 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHWHy2xHIerR1_1GC6AieoZ9d2g2VyL2-BfuwZGFaNuuOAfPZQpEBxeF4Y4cdkGlvwqufA9MdThUD0jSZKyQXyEt-PqSs8xq5h6TYso9j9LgkwZWvQtx0B-SOLFLybkLcImgR6Y8-eykS-PRZbz95o6yTmZcS7fe1C8WAO6sHwmKW26uiVkoMOCxlujthoycq-QXwP01RvnMrezvwztf1wY8eU4f6CVRw8GvRbz9Ad-Q5Zarx-ABloyyu0utsywxSJGMcegHPbwzptXpT9SzMeD5ieT-1M9TYfRUQD1WIrhJu9Mh4QVpTT5m4tdkiJCT15iud6X9zw2QQR0wVdQlvIt6bllhunwwl9WPCynKWqkCN1ReqqF17tS7_-GDzuQpAyi4b9lsJl08qZFU4MoWLJzlgXirnVMkQxqc-5szHTTGuyLvDlPyxZiqZII8VQkdGag
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5b052571337038e1234367642940af85be0b86534e4a8a213a192f3c35af2257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
25797200
strict-transport-security
max-age=31536000; preload;
pragma
no-cache
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 1053 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=679&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cec561efe6fedf1ebcd92d76953e7f4492e78ccbd648fe5ea8cfbd8a7aee6542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 1053 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
0OzimhJ8dXvfaY8rDFMovRtE362MmyqHUsTy630yC3l9A0xohdqoXw==
publishertag.js
static.criteo.net/js/ld/ Frame 1053 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Jun 2022 02:38:12 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 1053 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
jjnBz-mlhCUBvdljV0YCDLaGhbP949XqWwNsFCUvXM-1adX0G8gTzw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 1053 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
1
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
tQLTtjm1ipGqcgidQdLsK9kGoIIqgzxUqNDGmtsewdfYls0B_TAkZg==
appierV2.js
cdn.holmesmind.com/js/ Frame 1053 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
SEpGeV620EZCvCQEstm9Cm7-ENgOSTl3PsT9SscVGYijJxl3jEsBpg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 1053 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
1
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
SR6nhXEaXM86zBgrQpwud8igPSq1bwkOxT9YMyRTaVc341FkgiEPyw==
ads.js
ad.holmesmind.com/adserver/ Frame B303 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=926&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98cc232ef268a8e14a70ee66ff4cf411371aeb2978bec878939b37ebff003208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B303 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
QbqVgznVqPaarPUM7zdybBtL5Gjt76vgPb_cu0eUDmF4XyGTEbN08w==
publishertag.js
static.criteo.net/js/ld/ Frame B303 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Jun 2022 02:38:12 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B303 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
rLigtnccEclD87rnalN_j7aKCz1_iGbiP5E40A0i-KDDsTz6xWk9zA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame B303 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
1
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
vrHoIH5moHWysXLetaANTr9krhGEVoEdnlMbg__1BXRlm26Nuo-tPw==
appierV2.js
cdn.holmesmind.com/js/ Frame B303 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
jQ3g4e853l1v9_Hn4LE0DxJjFXPcX1rdo7t8UZaQI6cqR4-966DZJQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B303 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
1
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:12 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
XDe_MFggpFyOGM7htj39GQ2LT6XKdWaZXxziHw6rFd1nhUDvmlHSrQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1053 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 1053 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.44314793213192316
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://risu.io
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 1053
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
emome2
t.ssp.hinet.net/ Frame E13B 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
bid
ad2.apx.appier.net/v1/prebid/ Frame 1053
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B303 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:12 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame B303 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5090750194171394
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://risu.io
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame B303
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B303
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pdl695VOA2CR7SWgE4yuYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
emome2
t.ssp.hinet.net/ Frame 818E 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
dis.aspx
widget.fr.eu.criteo.com/dis/ Frame 0BE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62ae8c13d51aef1e6aef3a19bf86e0a8
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHWHy2xHIerR1_1GC6AieoZ9d2g2VyL2-BfuwZGFaNuuOAfPZQpEBxeF4Y4cdkGlvwqufA9MdThUD0jSZKyQXyEt-PqSs8xq5h6TYso9j9LgkwZWvQtx0B-SOLFLybkLcImgR6Y8-eykS-PRZbz95o6yTmZcS7fe1C8WAO6sHwmKW26uiVkoMOCxlujthoycq-QXwP01RvnMrezvwztf1wY8eU4f6CVRw8GvRbz9Ad-Q5Zarx-ABloyyu0utsywxSJGMcegHPbwzptXpT9SzMeD5ieT-1M9TYfRUQD1WIrhJu9Mh4QVpTT5m4tdkiJCT15iud6X9zw2QQR0wVdQlvIt6bllhunwwl9WPCynKWqkCN1ReqqF17tS7_-GDzuQpAyi4b9lsJl08qZFU4MoWLJzlgXirnVMkQxqc-5szHTTGuyLvDlPyxZiqZII8VQkdGag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
566504896cbca8644df15f5d6e223da18edac97e5bac81914325858620e73867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
4695131
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C14D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3219182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s97L0LZwwklftU4dLJnws%2BJ5GJHVlaKfx9ZO4ruKZCMDPGwwqG6DoTS4BOc31NhSAgVLxMLTy176vE3CUbXeody%2B2eIbIgP8Mam9PWTLYAPvIAipiUprxDvC4e5YPRYDrY6HSMadM3cvj1vnP01g20Tt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d8e321eb8d9b40-FRA
expires
Fri, 09 Jun 2023 02:38:12 GMT
animejs.js
static.criteo.net/animejs/ Frame C14D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:12 GMT
all
csm.eu.criteo.net/ Frame C14D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JtvtzH4rE0uIrq1Pk0Hk5u1TqIn9HTGNqWYGT4iI2DoJJ1e1kjBdGXW9ipbSqCWiI9OBKUb4q7u15pxDzXPLt2afET2VtukhjVqRaAxui7eaMP0tOGnQXjegZmdiDNw_V_LJr_S15oLKAuW2kUjLvhNt5BjfK7sKjos-mrfgnQmaVK5-KHOIHn921wao8q6y3MZe7JOHvFHOkoZyFlQX3RGAqbgfKyydseacHp8h3wcFWbnAd-oPPtJg7e8&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:11 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy_small.svg
static.criteo.net/flash/icon/ Frame C14D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C14D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C14D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 14 Jun 2023 02:38:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C14D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 14 Jun 2023 02:38:12 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame C14D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cz6KUn3K4v_TrfupZ9XqZ9Y3tHVLQiVcLAhRGSQ8GgyZTprx9E3mWDhnpLErUxId7AxLeHKiVvYaWIOBfUNBedEEcbCIs_Y7mp6rgeLHGiLoKN4GPlY7NyoaeAiqey_rKPbSrj5VUvnbEVK-zvQu2sqxf9dWWemOPkUzgp9NSRSXfXtJ6vyXeKY81eWw9JgOaYjsYYrvrtU9qR9o3_5z8lVhj9jc0mvsfI-I5QX1qA6-UDQXE8yBMXonzhFkbHqpBFFWUaa_n38KYuyt5nr7QVne3guo1QpEH1Oh2zIfk7Pqqs_u6Vf2BvRUCuaiapSzsvaXlca4AxFgiAcqybJVPkJElH_PE7PDCXeknvwF-45p8BjCQuX48ldYJnWkkt4l5speMr3YbbnVWuflIIZLLbcDESe_4R-TZhGz3m7J5Jh0rB5KrXMbhs9gl3okG1yJBRceNA
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4393191
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
pix.eu.criteo.net/img/ Frame C14D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=92118&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F92118%2F220308%2F0d9b022686984a21b0391c9a77326448_wortmarke_roadsurfer_positiv_rgb_150ppi.png&v=3&w=290&s=TVb7pd3LShczrqCH3T-_8sf_
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
220e03dbe721da90f90ba79f2a6414d9a5940f03058d7aca3aca2a775de8b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30249079
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6203
expires
Sun, 04 Jun 2023 05:09:32 GMT
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C14D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C14D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:12 GMT
syncframe
gum.criteo.com/ Frame 104D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6149
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:12 GMT
server-processing-duration-in-ticks
5162
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 1053 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5RVVONlBaSXJ0ZCUyRnR6SHNvMExMRkpqMWR4aHRYTGlmajZGSHElMkYydEl1UWkwJTJCbE1uZDNSeTRibiUyRlpJS0lqVnBrJTJCMUF2eWxGdmJsNG52JTJCcDFiTnZKaXFOWlRieHZvNWNtbFElM0QlM0Q&cb=82774687574
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
be442f57655d6c19afa3ddb88de9bdf84e4ee43498a7c6bb34adf02672b36124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
820
syncframe
gum.criteo.com/ Frame DD37 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6149
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 02:38:12 GMT
server-processing-duration-in-ticks
3606
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame B303 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=184&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5RVVONlBaSXJ0ZCUyRnR6SHNvMExMRkpqMWR4aHRYTGlmajZGSHElMkYydEl1UWkwJTJCbE1uZDNSeTRibiUyRlpJS0lqVnBrJTJCMUF2eWxGdmJsNG52JTJCcDFiTnZKaXFOWlRieHZvNWNtbFElM0QlM0Q&cb=32368943673
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9592246ffb80e1e3d9aac8f2d3e64209bb832487bd487967f65d58ce1a79e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
835
css
fonts.googleapis.com/ Frame C14D 		1 KB
453 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06b2c40ea7b06ebe49f2a02a4b559525936127cae52f232c05c328a22bc18e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 01:42:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 02:38:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 02:38:12 GMT
events
bidder.criteo.com/csm/ Frame 1053 		0
208 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame B303 		0
208 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
sid
mug.criteo.com/ Frame 104D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5...
  • https://mug.criteo.com/sid?cpp=T3BlEnxCQkFDOTBJam5iRmIxck1ISHJiQzdQcE5HU2pOQXhuZHJpRTNkYnpzUUVrQXd2bkE0NEM3ZFBQSTM1Y2RpVFR2dHlPRXJNbWR2YzZEck1zR2ZGOERMemN6VDFXQ2Q2anZvTnNuS0trenl4VURsYUlPU1lTYVlNZU...
422 B
624 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=T3BlEnxCQkFDOTBJam5iRmIxck1ISHJiQzdQcE5HU2pOQXhuZHJpRTNkYnpzUUVrQXd2bkE0NEM3ZFBQSTM1Y2RpVFR2dHlPRXJNbWR2YzZEck1zR2ZGOERMemN6VDFXQ2Q2anZvTnNuS0trenl4VURsYUlPU1lTYVlNZUZ6STYzWklXOUlaaVV4Y3pGQ2FsUnNCUDFaRGFFVjN6NDB3RFNaSS92VGN2MUVxQjdoa09VWTg4SDZkc3ZBdklST3A4cWdLdlFlU2Z6bGNJZHJkZ3A0citXTFBZWjQzTVNlMzRVTEdPUURIQlliUjNTYVRMRkYxTGh5ZGYzU1dpS1RmMFp4SURYbUphdFlud2lXNlZzL0pGbjFvNkVFZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6a1d7271b442a95ee4c349933a89df390282b97e7a238c4403f5383064e81a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:11 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3907
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=T3BlEnxCQkFDOTBJam5iRmIxck1ISHJiQzdQcE5HU2pOQXhuZHJpRTNkYnpzUUVrQXd2bkE0NEM3ZFBQSTM1Y2RpVFR2dHlPRXJNbWR2YzZEck1zR2ZGOERMemN6VDFXQ2Q2anZvTnNuS0trenl4VURsYUlPU1lTYVlNZUZ6STYzWklXOUlaaVV4Y3pGQ2FsUnNCUDFaRGFFVjN6NDB3RFNaSS92VGN2MUVxQjdoa09VWTg4SDZkc3ZBdklST3A4cWdLdlFlU2Z6bGNJZHJkZ3A0citXTFBZWjQzTVNlMzRVTEdPUURIQlliUjNTYVRMRkYxTGh5ZGYzU1dpS1RmMFp4SURYbUphdFlud2lXNlZzL0pGbjFvNkVFZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3590
content-length
541
expires
0
landing.php
fp.holmesmind.com/ Frame D21D 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 02:38:12 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 1053 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:12 GMT
landing.php
fp.holmesmind.com/ Frame BDE3 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&CFFPCKUUID=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&url=https%3A%2F%2Frisu.io%2FTqZcM&maindomain=risu.io
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame B303 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 08:43:40 GMT
server
nginx
etag
W/"6215f3bc-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Sun, 19 Jun 2022 02:48:12 GMT
sid
mug.criteo.com/ Frame DD37
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2do3mV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQlMkZxVWI1TzFCT1BEJTJCYmo0eUpTNEZiNGYlMkJocHhvamx5...
  • https://mug.criteo.com/sid?cpp=lpi1YXx2ekk1ZGd2Yyszamt4LytEVGlSbmZvdW1tOHVOaXRncjkxbFYvWHYxUTJScngvUDhVVFlnL1pYMGFNVGpaMWJldW1Ydi9wYzNyUjFNWGVubVpHd1haSzFnZzJQWlcveU9kdGt1cUQ4TnkwRWJxUkE1K0RDWVJDKy...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lpi1YXx2ekk1ZGd2Yyszamt4LytEVGlSbmZvdW1tOHVOaXRncjkxbFYvWHYxUTJScngvUDhVVFlnL1pYMGFNVGpaMWJldW1Ydi9wYzNyUjFNWGVubVpHd1haSzFnZzJQWlcveU9kdGt1cUQ4TnkwRWJxUkE1K0RDWVJDKysyVUZRbmJSSTJCVTRlUlhnOVNybi94VFF5eTB4Vmk0eU1mVlhkNVBHUlcvMllOeXJhWnpPWGxGdkJLSEZLWThubWhISG5kMW1vSVB4ZGZlK1BpWDR4NklCM1JYdDlUVFB4VzMyTGhxdXNqcXhSTDQ4bWdNbHFVQWFZTk45ajBJOGFYbTNFU3VuMFdMVVFSMzdIQmcraVh5QTcwbElmZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
59bd736b39d5ce74df26a5e0e3628f97fecbec14385fd239f99c5c63bbd8ff29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3655
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=lpi1YXx2ekk1ZGd2Yyszamt4LytEVGlSbmZvdW1tOHVOaXRncjkxbFYvWHYxUTJScngvUDhVVFlnL1pYMGFNVGpaMWJldW1Ydi9wYzNyUjFNWGVubVpHd1haSzFnZzJQWlcveU9kdGt1cUQ4TnkwRWJxUkE1K0RDWVJDKysyVUZRbmJSSTJCVTRlUlhnOVNybi94VFF5eTB4Vmk0eU1mVlhkNVBHUlcvMllOeXJhWnpPWGxGdkJLSEZLWThubWhISG5kMW1vSVB4ZGZlK1BpWDR4NklCM1JYdDlUVFB4VzMyTGhxdXNqcXhSTDQ4bWdNbHFVQWFZTk45ajBJOGFYbTNFU3VuMFdMVVFSMzdIQmcraVh5QTcwbElmZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1680
content-length
541
expires
0
seg
ib.adnxs.com/ Frame 0481 		0
0
seg
secure.adnxs.com/ Frame 0481 		0
0
sync
x.bidswitch.net/ Frame 0481 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0481
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_cm&google_hm=ay02U3lDM21sRGVVTFRRR2hHX2gwOWlQZlNRRU00LWFMN...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_gid=CAESEJt1bdimbNJAL4FIDUCRrqI&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_gid=CAESEJt1bdimbNJAL4FIDUCRrqI&google_cver=1&google_ula=913071,0
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1120972
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6SyC3mlDeULTQGhG_h09iPfSQEM4-aL5EmYj-A&google_gid=CAESEJt1bdimbNJAL4FIDUCRrqI&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0481 		0
0
rum
r.casalemedia.com/ Frame 0481 		0
0
match
ad.360yield.com/ Frame 0481 		0
0
sync
gum.criteo.com/ Frame 0481 		0
0
cksync.php
contextual.media.net/ Frame 0481 		0
0
push
exchange.mediavine.com/usersync/ Frame 0481 		0
0
cookie-sync
sync.outbrain.com/ Frame 0481 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0481 		0
0
tap.php
pixel.rubiconproject.com/ Frame 0481 		0
0
v1
match.sharethrough.com/sync/ Frame 0481 		0
0
/
s.ad.smaato.net/c/ Frame 0481 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 0481 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0481 		0
0
um
criteo-sync.teads.tv/ Frame 0481 		0
0
xuid
eb2.3lift.com/ Frame 0481 		0
0
v1
ads.yahoo.com/cms/ Frame 0481 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 0481 		0
0
m
ad.yieldlab.net/ Frame 0481 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 0481 		0
0
j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ Frame C14D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 23:54:26 GMT
x-content-type-options
nosniff
age
182626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21560
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:46:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 23:54:26 GMT
cm
t.ssp.hinet.net/ Frame E13B 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&mp=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/ Frame E13B 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/pixel?bd=c17157ee-7431-4d2d-9487-cc57ecdd8c11&t=cf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/ Frame 818E 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/pixel?bd=c17157ee-7431-4d2d-9487-cc57ecdd8c11&t=cf
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 818E 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&mp=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame B303 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=926&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
12
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:11 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
tCrWbZsE1KLwolpac5HERKbSQrYj4d8m5U2O9VJ_1ta-jKVr2smZgA==
seg
ib.adnxs.com/ Frame 0481 		0
0
drawV2.js
cdn.holmesmind.com/js/ Frame 1053 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FTqZcM&n=679&o=1&d=1&b=2&ts=1&ii=2&FPCK=834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
12
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 19 Jun 2022 02:38:11 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
mXI2KfmiiTFQRYg4eW-wgKbWG5if3MuR6yjcQJt5jdqX2vHuT1rghA==
seg
secure.adnxs.com/ Frame 0481 		0
0
chtmp.php
ccm.holmesmind.com/ Frame B128 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame B128 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45583%26Tags%3D2364
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame B128 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame B128 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame B128 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 62CC 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 62CC 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 62CC 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 62CC 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks%26SID%3D45583%26Tags%3D2364
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
tp
ad.holmesmind.com/adserver/ Frame 664C 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/tp?tpid=div-criteo-1007259&tp=criteo&c=0.10000104457139969&p=b937d9468961a68d8dd97c706a53c4ff-11143&t=1655606291
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
v1
ads.yahoo.com/cms/ Frame 0481 		0
0
seg
ib.adnxs.com/ Frame 0481 		0
0
/
t.ssp.hinet.net/ Frame 1053 		36 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a6099c8c95334dca9696f289c5e224d5324b2c4f5dde247bbe85102f0be71ec9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
setuid
secure.adnxs.com/ Frame 0481 		0
0
m
ad.yieldlab.net/ Frame 0481 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 0481 		0
0
ajs.php
ads.eu.criteo.com/delivery/r/ Frame 40ED 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d4d3fae3dab4c8c32e43ad76ed4d5999d985c181832c7c7b70d13aa947f069e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
63857791
strict-transport-security
max-age=31536000; preload;
pragma
no-cache
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajs.php
ads.eu.criteo.com/delivery/r/ Frame 3D5A 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98fac7df26bcba67fe491a55a500909ce4e7858f13ac1267e464308defd13b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
59996589
strict-transport-security
max-age=31536000; preload;
pragma
no-cache
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 26 Jul 1997 05:00:00 GMT
cm
t.ssp.hinet.net/ Frame 1053 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&mp=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/ Frame 1053 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/pixel?bd=c17157ee-7431-4d2d-9487-cc57ecdd8c11&t=50ef57
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/ Frame B303 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net/pixel?bd=c17157ee-7431-4d2d-9487-cc57ecdd8c11&t=50ef57
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame B303 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb&mp=c17157ee-7431-4d2d-9487-cc57ecdd8c11
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
all
csm.eu.criteo.net/ Frame C14D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JtvtzH4rE0uIrq1Pk0Hk5u1TqIn9HTGNqWYGT4iI2DoJJ1e1kjBdGXW9ipbSqCWiI9OBKUb4q7u15pxDzXPLt2afET2VtukhjVqRaAxui7eaMP0tOGnQXjegZmdiDNw_V_LJr_S15oLKAuW2kUjLvhNt5BjfK7sKjos-mrfgnQmaVK5-KHOIHn921wao8q6y3MZe7JOHvFHOkoZyFlQX3RGAqbgfKyydseacHp8h3wcFWbnAd-oPPtJg7e8&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy_small.svg
static.criteo.net/flash/icon/ Frame 412F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 412F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 412F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 14 Jun 2023 02:38:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 412F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWIvpnq2ITbsRTif13xqgQnONxyZSDvQwUjU9VayNXZoLiXQumD_pVWhD7GGLtICD4s1D59cUAe9xQNoJv_6L9ux6Ib3BrqBI2Kpa2NsGrXJUO8jl2YMhLcQMiJq5cIVOZWxpVWz_tFIlArDwbkMOfEb08vZB_QKUpWhUKl6QVu5QU0O3VZBlB38t2AsPtvEPSy2kk1Obwe2p5a-WfSHcMFjkIB1W3Vp7PvAijUs3C45mzH8MVgG8xWDNb9CTR0MWmwyd1TKPST-SN6sqTV_nYkWBCz7apBNscwH4G3aXkhYpiwemG76RXhirMFmbDNfEw6D7TntNvCdxIJtbjDrRvGH5WihXg7dvsoXt2h2ZlZxjgeh5MO8loLrY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 14 Jun 2023 02:38:14 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 412F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1492384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0Kpo9hbmusnQ8zy2yKPQJIMG582BLJJXHUWA8rcuNjBU81lswBvUV5Igzg2tVs2lXrUgyADgYrRgzJky50EDgPOyzJCX5KzeIogq0vMqa%2BOEhvF557tHwCReCzAdPmZCPJGr6dNku9k%2FrSjyyaeYYX0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d8e329fd92912b-FRA
expires
Fri, 09 Jun 2023 02:38:14 GMT
animejs.js
static.criteo.net/animejs/ Frame 412F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
all
csm.eu.criteo.net/ Frame 412F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BZtzzn4rE0uIrq1P0fPN1TOKGl4J4RHwquRDvDkzzrApajo0pWoEE6mOFM7BgmcQeRLzK-HJpFnTLgZQm1fwWAcj0etVU7WFNkOc7a5GKrso6RY7LTOoxd_wYBbZvoSkjvCQz9r38y7iYFvDK5vQTDATnk-NgxjFhSuTqJSoQF0YPvaNCVtVL_JDZIeqQzDyW-MBZEdVGUwFF_ALXp1w-W7rzKx6ALk52OyCnVbwLbAr2_NlHENo5rtHRQY&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 412F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 412F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
ai.aspx
m.exactag.com/ Frame 412F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=esprit-criteo&extLi=137655&rnd=62ae8c157cd00fd16339afb8477269e9&criteoid=&consent_string=&iab=1
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
So, 19 Jun 2022 02:38:14 GMT
Server
Microsoft-IIS/8.5
Date
Sun, 19 Jun 2022 02:38:13 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://risu.io
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1788
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 412F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OpXQcqKq80RgBSwm5ng5RmpYK8kVPtnmpayk4m9-RrldsUv1fpTUKmdkL1E3mbWlOx0uI2KFNUXTmJ9hjnhRs-Q4sBSWYfC7nw7uQNZzK2TXsjKSLtooXIadDS5nbuDXiDwjyP4XzbcXuVpGc9_2-a8XkrdT6Oh3FjbNS9_YYTa31TfBzwuTaTuOsVORBxu8Xg1FSwGMxZXJF22QFxmXB0OsNKxYsifyDMvIkiJQyHDzAaqbrSoBypCwhSjgrXAHu6kYVaplluJiT3Uj1IKr1bZiIQmpy96XRiaVQB4cgzOlSC_SuwA1d_P3A0soaxbafVxvFP9m_8vjOMUx2_tHPSQGt8jqUEnSvmt51wRmARIDWI3vpdd4zDJYwJBPuoEIE9USRmD-mRQ3iikrdEDCqrglGa5yBZkE5tXk32YyWqAv8JE743K9sWDpzjpIZyxIE2c_52kHLNEEwxgT9mM9p7xGPRI
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4129673
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 412F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=1998&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1998%2F220602%2Fc941dacbed674c2ead51c41975b5fcae_esprit.png&v=3&w=596&s=NgQTb83_tAJUF_YbWDkyKW2G
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
27f7c65654802f34feaeb89c87452854124dd57c2d6d779232d821ebe5ac74f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29682441
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7178
expires
Sun, 28 May 2023 15:45:35 GMT
img
pix.eu.criteo.net/img/ Frame 412F 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1998&q=80&r=0&u=https%3A%2F%2Fesprit.scene7.com%2Fis%2Fimage%2Fesprit%2F991EE1F310_348_93%3Fwid%3D1080%26hei%3D1080&v=3&w=400&s=YLr_o2pf-jTpaGL5wCuZVKIc&b=400
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
df74d49b0b4f98422813a81de7b02bf7789a39522ad559a72191f5dfaa07d03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29054
expires
Wed, 14 Jun 2023 02:38:14 GMT
img
pix.eu.criteo.net/img/ Frame 412F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1998&q=80&r=0&u=https%3A%2F%2Fesprit.scene7.com%2Fis%2Fimage%2Fesprit%2F042EO1E345_870_93%3Fwid%3D1080%26hei%3D1080&v=3&w=400&s=xE4VLkobxljIXCI_PJmV3DQC&b=400
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f5f72ee400d39129cdb7c6ffde2f59d4913b754fab5e1d9583ecc500494b5b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10360
expires
Wed, 14 Jun 2023 02:38:14 GMT
img
pix.eu.criteo.net/img/ Frame 412F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1998&q=80&r=0&u=https%3A%2F%2Fesprit.scene7.com%2Fis%2Fimage%2Fesprit%2F2840420_356_93%3Fwid%3D1080%26hei%3D1080&v=3&w=400&s=bA__MjWFNcsHy2EIOUYk1dQT&b=400
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d2ca56b1a2ba9243bd706fe325699ee53878fc8d9ae36f73ca1a969be10c4aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
9346
expires
Wed, 14 Jun 2023 02:38:14 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4398 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4398 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4398 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 14 Jun 2023 02:38:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4398 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7CiE3nBsi5U6rBXnc7bjnQuNa80%2BnrhDU49C6s8PWIRiw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHfou0vvtO-sxjPc8H8mGs4J7fjwxDIJD5naE0UzzUPgkdz5GwpHYHaAVU79kKrq0-uHf55ebFUuiVu9ZjRDxWItv0fOadTQB2xw4RoDZUnbYTcUNWsoQRYt3Xc-F6I8WEn2VA7MrY73SHBTqRBlc-1Xthm0icUdNEaFten8F_DbXubBEKnraQNN6UUL0WFRgHdNVBvn5rbK97BueQB5Jju7_hbFdfC_6iF70M7fVBedmvxXzSsM4WR360_4mE4_OkjNFKt9rv1NAsEnvXUdc4H-DL2QagdDI3TeAJLanzELCEElASRAEFT3V9KyBcKywwVOp-pTgVd1AcFVAAbgUaTaYCynC7uHeE8wvBVDMMAaJiF4ONwS_ndIk6ta4BO3r8gdEMCMJymgXiHgSjZXiErYF9yDacbRusVJRA3yByCUEyzaxuwGF4ne5gU_u9IBsqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 14 Jun 2023 02:38:14 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4398 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1492384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk0yXFFpnaAT6mQPezYppGUpwFDs%2FVvkFDc7qkmPSCnqWGkgbU2Y7K5PN88fuMxLIxDYDp50C%2FOpveQ7U5nCsgMMi8XowcAoJUgN%2BigBo%2BfP4GPVvzeQguy90gAW7UnICcMHaEaI0nWmER8cvA1RN6wQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d8e32a2db4912b-FRA
expires
Fri, 09 Jun 2023 02:38:14 GMT
animejs.js
static.criteo.net/animejs/ Frame 4398 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
all
csm.eu.criteo.net/ Frame 4398 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=sGL5bX4rE0uIrq1PU5F32vMP32yAZExJd8uI-ZUVkjiEImslqsiTYCOMt3nbj_JtLBe8L5bM8ndh8vsBQZIZLQ1G3EFuvSybdPyVf7YAnZVqQlovbFIHGarJMXDLuTUROMw_c97GJKjNShDgTPjgy-sxnVpdaoWmZOgkTVwAwJh0VqICpl0mVd9noD4JLTgth2YSJhxHWBchcmzaqCM1yDK8e8FdV5jsnfc15i3TLie_EcjTUyrLiiwkRUs&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4398 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4398 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:38:14 GMT
ai.aspx
m.exactag.com/ Frame 4398 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=esprit-criteo&extLi=137655&rnd=62ae8c1495f72d42d7fe3f97c7cf9827&criteoid=&consent_string=&iab=1
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
So, 19 Jun 2022 02:38:14 GMT
Server
Microsoft-IIS/8.5
Date
Sun, 19 Jun 2022 02:38:13 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://risu.io
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1788
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4398 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KYF-F6Kq80RgBSwm5ng5RmpYK8mHgmNS1DkY86WPUoIXd9o-kSQvxD_8IoLnXB4rZr8XD8GBhktiR28YCq0ZNItqne5UdK9Dtiz3BdZ9HEEooLVE2vONGd12aW4IY1qk0_cLawt1EatjIa72Rp-y8x3aIYwZGZjNiUGzdLcPayIeHRrRnq9LbLh-pgbAaxpASeNYVffCWJGUF6EPgOP-KaxJmVh6KcsXGuLTkD3TxtzAw55fEPB6jY2LJpYEppG44pLuQ6Q0ptxKKmIn79fMaJuJJTbSBMGR-Bx-yH59xKYmtNX3DGA01op8vLnw79Gmj6pGLWenVnFxd8iTL7_wX5B_aHg8gBUR9GBcTkjbKhAh5K7ezJvitmLKWLfMzNAC398IJ7ElWI6C8NIG7TjpyFElmUAv_KcPBgt56erXzrLycbok3ilAwrsehENnlIBVcJ_BlR0sFGc_ATD_TXxap-HV_Vw
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:38:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3855690
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 4398 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=1998&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1998%2F220602%2F451d5c0b9aea4418880c114fb9fbbe41_esprit.png&v=3&w=596&s=oSj2Z397l16yDsX_5aUm3LJR
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
27f7c65654802f34feaeb89c87452854124dd57c2d6d779232d821ebe5ac74f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29682513
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7178
expires
Sun, 28 May 2023 15:46:47 GMT
img
pix.eu.criteo.net/img/ Frame 4398 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1998&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1998%2F220616%2Fb96abee1e22748b6853bd17e76d3bae2_img_vertical_1.jpg&v=3&w=1200&s=C76VkMHX910gyzL2Ssbjrsfg
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
14e3c2568db66b3cd16020c72eb06c3e0d2f674877e2eccc7d16d01556a90289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30870745
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22452
expires
Sun, 11 Jun 2023 09:50:39 GMT
img
pix.eu.criteo.net/img/ Frame 4398 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1998&q=80&r=0&u=https%3A%2F%2Fesprit.scene7.com%2Fis%2Fimage%2Fesprit%2F052EO1E331_405_93%3Fwid%3D1080%26hei%3D1080&v=3&w=400&s=qW1y9w-gO8iAr2wce9zX4DDF&b=400
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cc33863ea388b5164d237dce018ce89d098eaa6ba9371a738090710f646463ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3090
expires
Wed, 14 Jun 2023 02:38:14 GMT
tp
ad.holmesmind.com/adserver/ Frame B128 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/tp?tpid=div-criteo-1007257&tp=criteo&c=0.19202178716659546&p=6c7ec1f4327be00b487002787b4a6757-11260&t=1655606292
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
tp
ad.holmesmind.com/adserver/ Frame 62CC 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/tp?tpid=div-criteo-1007257&tp=criteo&c=0.2016541212797165&p=2a1cac0b0c412a690f60b7547de58fd7-11260&t=1655606292
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.107.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-107-229.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 02:38:14 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
css
fonts.googleapis.com/ Frame 412F 		5 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 01:23:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 02:38:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 02:38:14 GMT
css
fonts.googleapis.com/ Frame 4398 		5 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 02:02:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 02:38:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 02:38:14 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 412F 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
483696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:16:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 4398 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
483696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:16:38 GMT
all
csm.eu.criteo.net/ Frame 4398 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=sGL5bX4rE0uIrq1PU5F32vMP32yAZExJd8uI-ZUVkjiEImslqsiTYCOMt3nbj_JtLBe8L5bM8ndh8vsBQZIZLQ1G3EFuvSybdPyVf7YAnZVqQlovbFIHGarJMXDLuTUROMw_c97GJKjNShDgTPjgy-sxnVpdaoWmZOgkTVwAwJh0VqICpl0mVd9noD4JLTgth2YSJhxHWBchcmzaqCM1yDK8e8FdV5jsnfc15i3TLie_EcjTUyrLiiwkRUs&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 412F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BZtzzn4rE0uIrq1P0fPN1TOKGl4J4RHwquRDvDkzzrApajo0pWoEE6mOFM7BgmcQeRLzK-HJpFnTLgZQm1fwWAcj0etVU7WFNkOc7a5GKrso6RY7LTOoxd_wYBbZvoSkjvCQz9r38y7iYFvDK5vQTDATnk-NgxjFhSuTqJSoQF0YPvaNCVtVL_JDZIeqQzDyW-MBZEdVGUwFF_ALXp1w-W7rzKx6ALk52OyCnVbwLbAr2_NlHENo5rtHRQY&sds=2&rev=81817&sendBeacon=true
Requested by
Host: risu.io
URL: https://risu.io/TqZcM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 19 Jun 2022 02:38:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-4F7rlGlDeULTQGhG_h09iPfSQEMPQuC63NPHXw&expires=30
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-K5Yi2GlDeULTQGhG_h09iPfSQEP4nvhN6qhy7g
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6qxC4GlDeULTQGhG_h09iPfSQEP0W3FpgO0s_g
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FXdMDGlDeULTQGhG_h09iPfSQEN98eNbYoPQlg
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ff0EWmlDeULTQGhG_h09iPfSQENqYRYt17sZrg
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-HMVnFWlDeULTQGhG_h09iPfSQEPj5Ihn6CQCaA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Dg5mfmlDeULTQGhG_h09iPfSQEPkTT2sy7lAHA
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-UUMg3WlDeULTQGhG_h09iPfSQEOd49dWAUiE1w
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-phiJJGlDeULTQGhG_h09iPfSQENJN7ZbmyAKRA&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sqMFc2lDeULTQGhG_h09iPfSQEOVlb37eamb1w
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Z2ry0WlDeULTQGhG_h09iPfSQEPljHmeWqnL0Q
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-KbtAj2lDeULTQGhG_h09iPfSQEOuROH4D9DhmA
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-NsG0hGlDeULTQGhG_h09iPfSQENXCX4HS2VRbA
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-GWGgKWlDeULTQGhG_h09iPfSQEMmJHjwmkVhBQ
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-0Qpf_mlDeULTQGhG_h09iPfSQEO3mX8tQovV1Q&dongle=013b
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OZw4w2lDeULTQGhG_h09iPfSQEPJexDnIl8gjQ
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-8x_pemlDeULTQGhG_h09iPfSQEMwwnNnGPpUIw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-hvc1q2lDeULTQGhG_h09iPfSQEMaYrZjeZyKlg&pn_id=criteo&ext=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/seg?add=7643336&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/setuid?entity=52&code=k-SGuqX2lDeULTQGhG_h09iPfSQEOrPf34JSXREg&seg=95287
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-8x_pemlDeULTQGhG_h09iPfSQEMwwnNnGPpUIw
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| __CF$cv$params object| __cfQR object| __cfBeacon boolean| _rails_loaded object| I18n function| setImmediate function| clearImmediate object| dataLayer object| gon object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| hotkeys object| __heic2any__worker object| vttjs function| WebVTT boolean| __cfRLUnblockHandlers object| HSHeader object| google_tag_manager function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| GoogleAnalyticsObject function| ga function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof object| SD object| urlParams undefined| div object| device object| sitemajiNative300x250List string| apiKey object| native object| GoogleGcLKhOms object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| NativeJS object| nativeSectionCodes object| criteo_syncframe_state

53 Cookies

Domain/Path Name / Value
risu.io/ Name: ahoy_visitor
Value: 3aa0b973-15fe-4697-9869-6f4edde2d4ae
risu.io/ Name: ahoy_visit
Value: 1424ba18-714a-42a6-92d3-28873c6ae582
risu.io/ Name: _risu_session
Value: rq8Nb2H0EiDAbO0E3q5lxzs49ta8DMqtMz%2Faxp55l40d7HKgCuedIMGWxmH8N2k2rl9t7SqgMUjPQT9o5hAAuofXc4pcpsvpfTfK%2FMo5eCMhXYl3dpYwm5tQSTz5YOCYt9KmQuwVYAiu1cgVFP9D2h1EI0%2B0DPvyjf4xCXfhdDKDZVzYKJVo--J4FxRdV23FanSjqh--G65WATBb0k843YBJLVheBg%3D%3D
risu.io/ Name: prefers-color-scheme
Value: light
.risu.io/ Name: __cf_bm
Value: sAWqaNyTOrIU5mGll8HrABAQIsd_HX8GQhry6L6xXlI-1655606290-0-AT/i3Yourv+i8Gs/eAg8w6b+ig8ZQugbiDv6NcbZAu4jDlg0R2do+ryjkAEzythkbnTUd1IkrVhl1bViO9TYG+4nxxBJ0DoPgvJ+7Vy2ia0PMM3mmeDqqDVJ5RuhXmrvyr7bG7pWW3luVKI2OGsAQLwuisrz9/pZskb8tNsQKqXc
.risu.io/ Name: __gads
Value: ID=72046b43192398bb-22f557c8b6cd00ad:T=1655606290:RT=1655606290:S=ALNI_Ma43c14wtPLhF9xVoptcMzNv8EUCw
.risu.io/ Name: _gid
Value: GA1.2.331285830.1655606290
.risu.io/ Name: _gat_UA-146086888-1
Value: 1
.risu.io/ Name: _ga_H814P3QJ03
Value: GS1.1.1655606290.1.0.1655606290.0
.risu.io/ Name: _ga
Value: GA1.1.998406147.1655606290
.holmesmind.com/ Name: P
Value: 551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks
.holmesmind.com/ Name: Vision
Value: 20220619-23:59,20220619-13,20220619-13,20220619-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
risu.io/ Name: CFFPCKUUID
Value: 834-FLL62KyVmsrA01h5IDDvb2aNffE75bM7
.risu.io/ Name: CFFPCKUUIDMAIN
Value: 912-gwcB0jzz44miL19wEGKLAPvHziVf1qKb
.criteo.com/ Name: uid
Value: 26957e02-4e71-4b44-98f2-8aed2a7777a6
.c.appier.net/ Name: _auid
Value: Pdl695VOA2CR7SWgE4yuYg
.hinet.net/ Name: uuid
Value: c17157ee-7431-4d2d-9487-cc57ecdd8c11
.risu.io/ Name: __htid
Value: c17157ee-7431-4d2d-9487-cc57ecdd8c11
.risu.io/ Name: _ht_50ef57
Value: 1
.risu.io/ Name: _ht_em
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkoT8XLhEGDeDyKE3jLu-7SD_lijsxKRgZOigU7Bqu-rHc9x1wT_E6cqa7KUb4
.risu.io/ Name: cto_bundle
Value: 8LO0XV9SZkE4WE9jWUtxdmZBbVB1c2N0QzQ0SE1nUjNpRFcxNU01JTJGamFoc0RrVDZVcWZsQWlMZWREOTFFcSUyQjFTMDdOd05ybWFZZzFvOTJpOFNvVVE0QzdsTE9kalVJa3BGOTRNU1dlWm9mTElhWXAyUW9ZWG1HMVBXekxYelJzJTJCNEtPJTJGOXBLTkUlMkZQbWt5d2IlMkZLWWViMHNsZHclM0QlM0Q
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22dd49ad70-ef78-11ec-88d2-1d29b0e083ad%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22dd49ad70-ef78-11ec-88d2-1d29b0e083ad%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-HMVnFWlDeULTQGhG_h09iPfSQEPj5Ihn6CQCaA%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: Yq6MFJXY09p5irBHRcJZWQAA
.casalemedia.com/ Name: CMPS
Value: 5198
.casalemedia.com/ Name: CMPRO
Value: 5198
.adnxs.com/ Name: uuid2
Value: 3751837971990846004
.media.net/ Name: visitor-id
Value: 2986078928281041000V10
.media.net/ Name: data-c-ts
Value: 1655606292
.media.net/ Name: data-c
Value: k-Ff0EWmlDeULTQGhG_h09iPfSQENqYRYt17sZrg~~3
.360yield.com/ Name: tuuid
Value: ea712e8c-fb51-4edc-86e6-cb60608cc786
.360yield.com/ Name: tuuid_lu
Value: 1655606293
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.sharethrough.com/ Name: stx_user_id
Value: 3805897a-91ce-4e45-aeb9-d77dc6d7d75b
.risu.io/ Name: _ht_hi
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBBWMrmICECIvBfQlCAWOFLWvrdRLvoIFEgEBAQHdr2K4YgAAAAAA_eMAAA&S=AQAAAnfvizgKObVXfJnAsbYAnH8
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2GU#doADh!fss0=Rro*E7VW]Fp9R9b=f>(+!2=)PELU.asESsF/Jed$/HH0b+!6LYe$^L#a2c.ZD0*l_#pm^#DI2Z#DIgl#Xsf?qqBu)
.yieldlab.net/ Name: id
Value: 02d043e4-4d22-44d4-a55e-5cb461fe2c68
.bidswitch.net/ Name: tuuid
Value: b41cd3f2-43bf-4e6f-ab69-ffe5ddd7be80
.bidswitch.net/ Name: c
Value: 1655606293
.bidswitch.net/ Name: tuuid_lu
Value: 1655606293
.lndata.com/ Name: admckid
Value: 2206191038121394872
.outbrain.com/ Name: obuid
Value: 1d41cdcb-5124-477a-a3ac-5de0f1b42dd5
.outbrain.com/ Name: criteo
Value: k-Dg5mfmlDeULTQGhG_h09iPfSQEPkTT2sy7lAHA
m.exactag.com/ Name: exactag_new_gk
Value: 14af6c2d935f49ee82fd9404f1603153%7c18.08.2022+02%3a38%3a13
m.exactag.com/ Name: exactag_new_uk
Value: b5e4ebc6eb9947e494b6b5309a86b687%7c
m.exactag.com/ Name: session_session
Value: 0e07084209404d3b92f2eede

31 Console Messages

Source Level URL
Text
network error URL: https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEG4ojmSN5vNOF1zZFsj1h9E&google_cver=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-HMVnFWlDeULTQGhG_h09iPfSQEPj5Ihn6CQCaA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-6qxC4GlDeULTQGhG_h09iPfSQEP0W3FpgO0s_g
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-K5Yi2GlDeULTQGhG_h09iPfSQEP4nvhN6qhy7g
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ff0EWmlDeULTQGhG_h09iPfSQENqYRYt17sZrg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-UUMg3WlDeULTQGhG_h09iPfSQEOd49dWAUiE1w
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-FXdMDGlDeULTQGhG_h09iPfSQEN98eNbYoPQlg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sqMFc2lDeULTQGhG_h09iPfSQEOVlb37eamb1w
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-phiJJGlDeULTQGhG_h09iPfSQENJN7ZbmyAKRA&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Z2ry0WlDeULTQGhG_h09iPfSQEPljHmeWqnL0Q
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-0Qpf_mlDeULTQGhG_h09iPfSQEO3mX8tQovV1Q&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-NsG0hGlDeULTQGhG_h09iPfSQENXCX4HS2VRbA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ib.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-KbtAj2lDeULTQGhG_h09iPfSQEOuROH4D9DhmA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-GWGgKWlDeULTQGhG_h09iPfSQEMmJHjwmkVhBQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ib.adnxs.com/seg?add=7643336&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OZw4w2lDeULTQGhG_h09iPfSQEPJexDnIl8gjQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://secure.adnxs.com/setuid?entity=52&code=k-SGuqX2lDeULTQGhG_h09iPfSQEOrPf34JSXREg&seg=95287
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-8x_pemlDeULTQGhG_h09iPfSQEMwwnNnGPpUIw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-hvc1q2lDeULTQGhG_h09iPfSQEMaYrZjeZyKlg&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-8x_pemlDeULTQGhG_h09iPfSQEMwwnNnGPpUIw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://m.holmesmind.com/ml/google?cf_uid=551398-FCz4a06MNQiG0CHEbwJTI4cVWtaocIks&uu_m=undefined&google_gid=CAESEJP42ofS6Qm3PBJHSonwqpc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-4F7rlGlDeULTQGhG_h09iPfSQEMPQuC63NPHXw&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Dg5mfmlDeULTQGhG_h09iPfSQEPkTT2sy7lAHA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.holmesmind.com
ad.sitemaji.com
ad.yieldlab.net
ad2.apx.appier.net
adcdn.holmesmind.com
ads.eu.criteo.com
ads.yahoo.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
bidder.criteo.com
c.holmesmind.com
c17157ee-7431-4d2d-9487-cc57ecdd8c11.t.ssp.hinet.net
cat.fr.eu.criteo.com
ccm.holmesmind.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.lndata.com
contextual.media.net
criteo-sync.teads.tv
csm.eu.criteo.net
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
m.exactag.com
m.holmesmind.com
match.sharethrough.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
pmp-beacon.apx.appier.net
prebid-asia.creativecdn.com
prebid.scupio.com
r.casalemedia.com
region1.google-analytics.com
risu.io
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.ssp.hinet.net
tpc.googlesyndication.com
unpkg.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.fr.eu.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
ad.360yield.com
ad.yieldlab.net
ads.yahoo.com
contextual.media.net
criteo-sync.teads.tv
eb2.3lift.com
exchange.mediavine.com
fcm.holmesmind.com
gum.criteo.com
ib.adnxs.com
match.sharethrough.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
x.bidswitch.net
103.132.192.30
116.50.36.71
139.162.78.222
142.250.185.226
178.250.0.157
178.250.0.160
178.250.0.163
178.250.2.131
178.250.2.135
178.250.2.150
178.250.2.151
2001:4860:4802:32::36
203.75.214.136
210.59.219.181
212.82.100.146
213.202.235.10
216.58.212.162
2600:9000:2156:1800:0:e06c:e940:93a1
2600:9000:2156:400:3:1794:2540:93a1
2606:4700:3108::ac42:2afe
2606:4700:440e::ac40:9c1a
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:180e
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::b
34.117.219.39
34.96.119.68
35.186.215.140
35.201.76.93
35.227.249.156
54.238.107.229
54.95.78.196
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
06b2c40ea7b06ebe49f2a02a4b559525936127cae52f232c05c328a22bc18e5a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
13f274f056eb816abf6ab4dab9c1e653441a3de63ad6b1ebe4599e066df1e633
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
14e3c2568db66b3cd16020c72eb06c3e0d2f674877e2eccc7d16d01556a90289
169ec40b0b6d3eed90b7c57d46199274ff0f4d49286d959f93322249e448b9a8
1ea460320d2188f26cb98bf9443335e6b7e09a000e7c1df7c1ddf3c0e73041d0
21720b08009a60f674effa98d57fc68e3e5c60cd8626e18bd1250949ef11e5dd
220e03dbe721da90f90ba79f2a6414d9a5940f03058d7aca3aca2a775de8b302
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27f7c65654802f34feaeb89c87452854124dd57c2d6d779232d821ebe5ac74f7
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
380d4e780f251207e57c3af5cbc61e99f0dbc30905a659ee8b69cc668e3635d0
3a80c93d5546cd25cf13e6c003a4efd4015a94396e6e2f06167cbeefe1c29b97
3b4840c7d416b199827cf1d58f6696f5344bfafbc5b65ec746d45cff13305878
3c6cc38a6a6e3add0e7f07f944f69c8dc43a120ee1e5cd92862c2cab0a2afd2a
3cb87ffb1cefcabf95a6a98fb3da2e2a266032d2fbf5d8ebb793ab49ea76155a
45fc9afe6d521580609d419509d904e1e0e69f4737c3df6ef5580e2d26cd7726
4b17c01d2401fa5c25e8e751859e9de80c8e78c8f0bf260503017755c25f1f21
4d71cc8120ff81cfd5503ccb77ed9535ee0bbb3071453cf35ae629502889ad42
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f59f83d404f84a3dfcb245682702b9ae1f3f44f8e4b174b501609b8b988109a
5328a8bcb3e7ce6dec51718a6f0777afa05615d0681c2fdd39f15f7b8970ed7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566504896cbca8644df15f5d6e223da18edac97e5bac81914325858620e73867
59bd736b39d5ce74df26a5e0e3628f97fecbec14385fd239f99c5c63bbd8ff29
5b052571337038e1234367642940af85be0b86534e4a8a213a192f3c35af2257
5b83b2a73aa9c17596f2671073c0beab28d7916f015bb7e0e2e52bb04bf4d103
61ada9b83597e2e32fbd97bcae60e076ec160c1151e58bc18ff6473c2c1a5141
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627950526c12cc2e36c3c841663dcae04b0a99c6ae3de2ae0ca075c06c7f3989
6a1d7271b442a95ee4c349933a89df390282b97e7a238c4403f5383064e81a35
6aea83dea87a1e70bc6a64d4c79d83e2c8397af74490fb4c2de76553be1fc0cd
6edf11a91ccdb294c999410dfb1b75b927bbeeaafd94c99984ee2862394b0499
70228a2eb5c84e022306ce97ad114ad99bbbc8e3cefc9032258e787697e344fa
7083eeb31e206ae9e284d13ae8e4be5efbefe6073397f1cebd7cf8823d311283
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
770456bda4291dcae2dcf85bfa77bd2724a65aac0689f0372a8556315348140d
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a0b1aa7238f47c2b35dad8813f32842954145f418441b8871b6e26986964830
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9592246ffb80e1e3d9aac8f2d3e64209bb832487bd487967f65d58ce1a79e1fd
98cc232ef268a8e14a70ee66ff4cf411371aeb2978bec878939b37ebff003208
98fac7df26bcba67fe491a55a500909ce4e7858f13ac1267e464308defd13b20
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38f5a5800f1014657fc6d7d653d0ea04748e68429006d8d1e0a4d9d6ee26797
a3c6799721d9a2a04e17a1b830039b35c044f993907f00f50dd304527d2c20cc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6099c8c95334dca9696f289c5e224d5324b2c4f5dde247bbe85102f0be71ec9
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b011987bc406d3c3311b7478e9edbcf399bedbf6db642471f4a0b19513511e5f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
ba1958798de4165e6121471f719e5dcef624b80648cf6e782b51746d4571b748
bd03dd863bdd813f118e423535dbf1e419ed3d7952800f40222a68bcab7650b9
be442f57655d6c19afa3ddb88de9bdf84e4ee43498a7c6bb34adf02672b36124
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c48615ca4d8b6f6e886e10b2988f0d979efc01a138899b4edf1b61a54bbd5fcc
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d
cc33863ea388b5164d237dce018ce89d098eaa6ba9371a738090710f646463ef
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cec561efe6fedf1ebcd92d76953e7f4492e78ccbd648fe5ea8cfbd8a7aee6542
d2ca56b1a2ba9243bd706fe325699ee53878fc8d9ae36f73ca1a969be10c4aa8
d4d3fae3dab4c8c32e43ad76ed4d5999d985c181832c7c7b70d13aa947f069e9
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df74d49b0b4f98422813a81de7b02bf7789a39522ad559a72191f5dfaa07d03e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fa9b92cb6fe06664beddd9c94c87636d4ac9f515e1c37a76db97681ef26a7b
eb4dfc05daf248baa421a250511bb93a5981d726de4be43ce8f8ece434ea389e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5f72ee400d39129cdb7c6ffde2f59d4913b754fab5e1d9583ecc500494b5b80
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ffee74a30d36b15e81e213d30fb739860728aa56f4819037b87d5845bd1c34b7