risu.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://risu.ua/
Effective URL:
https://risu.ua/
Submission: On December 11 via api (December 11th 2022, 1:28:48 pm UTC) from GB — Scanned from GB

Summary HTTP 157 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 25 domains to perform 157 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2022. Valid for: a year.

This is the only time risu.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
19	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6810:c749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2bc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f04... 2a03:2880:f045:f:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	209.191.163.208 209.191.163.208	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	213.254.244.110 213.254.244.110	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
157	28

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

risu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

risu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:c749 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2bc0 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:f:face:b00c:0:8c (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.208 (United States) 2 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.110 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	risu.ua 1 redirects risu.ua	2 MB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	493 KB
18	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	217 KB
14	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 117006 c.idealmedia.io — Cisco Umbrella Rank: 101757 servicer.idealmedia.io — Cisco Umbrella Rank: 117021 s-img.idealmedia.io — Cisco Umbrella Rank: 99933 autocounter.idealmedia.io — Cisco Umbrella Rank: 117459 cm.idealmedia.io — Cisco Umbrella Rank: 19895	204 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 269	218 KB
7	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 24096	59 KB
5	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 429 tps.doubleverify.com — Cisco Umbrella Rank: 454 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 20684	111 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	141 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 430	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	800 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 604	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 639	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 591	981 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 11832	914 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 43134 api.gravitec.media — Cisco Umbrella Rank: 33914	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1545	351 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	265 B
1	atdmt.com ad.atdmt.com — Cisco Umbrella Rank: 3929
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 470	72 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 13230	600 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	692 B
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 225540	579 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	43 KB
157	25

	Domain	Requested by
42	risu.ua	1 redirects risu.ua
19	pagead2.googlesyndication.com	risu.ua pagead2.googlesyndication.com 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
13	s0.2mdn.net	risu.ua s0.2mdn.net googleads.g.doubleclick.net
13	tpc.googlesyndication.com	90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com risu.ua googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	risu.ua securepubads.g.doubleclick.net 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com www.googletagservices.com
7	s-img.idealmedia.io	risu.ua
7	cdn.gravitec.net	risu.ua cdn.gravitec.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	cdn.doubleverify.com	1 redirects s0.2mdn.net risu.ua
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	cm.idealmedia.io	jsc.idealmedia.io
2	jsc.idealmedia.io	securepubads.g.doubleclick.net jsc.idealmedia.io
2	90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	tpsc-frc.doubleverify.com	googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	ad.atdmt.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	risu.ua
1	ads.pubmatic.com	jsc.idealmedia.io
1	autocounter.idealmedia.io	risu.ua
1	cl.imghosts.com	risu.ua
1	servicer.idealmedia.io	jsc.idealmedia.io
1	c.idealmedia.io	jsc.idealmedia.io
1	api.gravitec.media	cdn.gravitec.media
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.gravitec.media	cdn.gravitec.net
1	c.bigmir.net	risu.ua
1	www.googletagmanager.com	risu.ua
157	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
www.bigmir.net
luxnet.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-02` - `2023-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
c.bigmir.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
cdn.gravitec.media R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
api.gravitec.media R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://risu.ua/
Frame ID: 7E2501BFCDB2CADDAB1392EEC0D2EA47
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 21778A9BF3B0C9F7E1AF4A66AB79ADC6
Requests: 1 HTTP requests in this frame

Frame: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E23C319257596A03B70E2082EDE79D85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1670765323&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765322885&bpp=2&bdt=442&idt=376&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3889481262454&frm=20&pv=2&ga_vid=2027066515.1670765323&ga_sid=1670765323&ga_hid=1222134784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219&oid=2&pvsid=3543218033723578&tmod=2092566213&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=389
Frame ID: EAEA11E53E264587B6D916EF817A4EBF
Requests: 1 HTTP requests in this frame

Frame: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 866A41B4B54EF58EC3C0B21903C1A18A
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2XTF_QWzUemMlntSSL1OwTUYAE5HaOhdbMHfva-vqVvQLfWZnWfsgWxNJ2SccKXDNr1Yt8D9qXuReGOMNWhtqAGASN_QOFJFj_c-p-bRpwadiOT9V9hGIqEjJhqxDbZQIG0bUjdE8sd_iPwhPGeHplB9NrAjP8BxaR5sNUFH6N3pLIXQU0lptjvPSB8CEwhyR2nEsNenP3jp6rxyocTrkKKoMkZCEeKR_8IHg6Pzg-Y2JlvCCu3-7CtPZT1-icpmNjz3C15fg4i6ijCp8eMbJEwauJCyLCa8bkkLh2G1D-8WWqHk4KbgMOqmPJSNswMIuXm-6W_kf5ROiMVfd&sai=AMfl-YS8f6eXB4ER1BfcOUNC-LTDBmrwz5QoSVDj5XjvawjC6KqGE7BF9C3aP4dUVIRd0f5QOkS2AAdO81LUXPiZUqRPXn7F2SG25KKzfcURfY-dOIjCNJFiEGKus9SwMqj69cK7MKpMif2Gb1NVfnv7xfU&sig=Cg0ArKJSzHbgUsnEeQ_AEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0079C24F1D01993B581A5D89D0FC182E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Frame ID: 71D18EC91A7CE67BA9A8ED7E05C3367E
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1670765324289432385078
Frame ID: 790773B037E93AC52CD700A2B36C7B6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue38xEkpqFmT0QfLn4AMHAsbF6_PZPdfDiblBwTW_U6NF8OZ_O0N7n006_uNs-r-mt3dYA5Dt4NgatmnjotHJIIhX0QpdD_wLXEsOTbcKQcLSPahvnJPe-XaOD7CeI3XpRq1gGhmyxeHdGTsCr42J286y5iAE8WLTcmjpVI59De3IBJ29TmGgjlC-6YWgymQwsMJI2f9WWDMzVCiPyK1ZF11ArJ4BJ5XN-L8Oo7W5ikDcoZBTm7OD7JGNYwrVqD3m0aUfvmkyUUlU3yJV3jFMoASuieVDwzYSHqCxwc7WaO2kX61OSVvF99aVF0K79xi_3EyBn68huC1kP6ZB9CZXdX5aUHi1sogj2yoG50u_O5xvHa453w4iZQYy8KuWOE22_mopHPlWkT7ZNjwXUlnzgMyh_oKCkbf9Itrl47wwZnO8-lCjVnpEEjQJ6EuJyQ_BG-Sfn8jFOZzWPmtNkz5n_UuzPDe2mDJ1rIx4-2oRBXonmeCdr2X-ylJIfbvImEigB6QzF0okPFP3uwGdact6kdU6F-3Foeh-dTiJsUxufwYfpQlIyd-u1xIcb3HaQSud_b9l1mlDWW-t7Y_gRvXDm5tj97VSnw4IkK3QkYx5z9KG7VoIB5zZHty1voKgklYURzwEoF42yhOg6W0Tynj7Ri0Ji6k3iRxthJ6xkM5GsVSSJiiCCm1104JJ1Tc3nSPsG5Kkjov4JMTmurxjXglSJN_icPAdLKlqffta5aDesxRn81AngwVIBpycW0N6OdaYIFZA_yJsDsY7hD2TZEgre8XLSho1mdWszSoWElOYNcNqUQv2ugCscIk3O0BAmO73Jz1My5yCrhCub1oPQBO2EHls2mLVxiOxIKEZ1a4QMy5fm6w5GBVLKfBbq3lEcQN-K6fLg7x49qA8I2TWZtXD2D9ZbsQOj8YijsTk8Nc5jdf5aWfayIivA4sBWveuLk8pYn7wSQcOQubrOahrp8_KvF1QI1XmX_XZSW8_3Ob-5tBlMwHWxpN7Xxzxw7acBM-zjvRqpTAKTS-TJeGDBnQ01U-JEFKFvffUInVo&sai=AMfl-YRG4oeItPIOpeb5YaXJJ8mTTB_M47Mx7BDqkcGKEmMN36l-dzFspXvoLupBJAHSgULJABkE_Nq6MT_YHPekgXkPmisFdzNJepRvxqJ9HI8YIm6BQonMUonk8_PsstkcTIx3OIX46MRklZgHJ9qnApEh6zQm0NSvtN18AfBSefx37nq12jKyUq-6CFeC5DIXVac5s6nyr5LniOM7K4T_qyp2hfiNgoab1rGHlgi2FoEfU_rYRRYywrSDLvEPZ3M58LGB-aDZh88oIskhVkCflT3fl-s1O5BkoMYG0PHCVyunpKMquXwXK_ITFEg&sig=Cg0ArKJSzEPaH-za3imuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 14641627CCA77F102A24DDE4AEC82F0F
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFB92F6E5EFF91BE0E3C9CBEA8207D7A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6D706DE4A07F7E03305CC8F114421FF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
Frame ID: B1264DB2A01651B05651EDD5BA68D7E4
Requests: 13 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: DFB41E5A22FB9A3E2C9AB0F9B4C4E97B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2862EEEDE0EB9363E31480486CC51DE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52E1D8E94D8B39346F330503E7089442
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4C8E1C810CED6B441D8145094E6E0F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BF9B88D3625153D35DA7001A36963C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Релігійно-інформаційна служба України - Інтернет-портал про релігію

Page URL History Show full URLs

http://risu.ua/ HTTP 301
https://risu.ua/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

157
Requests

94 %
HTTPS

55 %
IPv6

25
Domains

39
Subdomains

28
IPs

5
Countries

4150 kB
Transfer

7657 kB
Size

20
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/risu.ukr/

Search URL Search Domain Scan URL

URL: https://t.me/risu_ukr

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: https://luxnet.io/
Title: Made by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://risu.ua/ HTTP 301
https://risu.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEI8Y86b4Jw_J9mTZwl3YN_8&google_cver=1&google_push=ASkJ3Faa_gAftV-qHgVCEwxi5s-IZgMizwdlK2IO9JmmoQ0Y-_9xwtO508uKglcPBPNf98AgRXjFX3eP7hOcDDjqtt5f0HkP5wpLFJE HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEI8Y86b4Jw_J9mTZwl3YN_8&google_cver=1&google_push=ASkJ3Faa_gAftV-qHgVCEwxi5s-IZgMizwdlK2IO9JmmoQ0Y-_9xwtO508uKglcPBPNf98AgRXjFX3eP7hOcDDjqtt5f0HkP5wpLFJE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Q_UTTfWFSJW1GRAFjk2eBmOV2w0

Request Chain 114

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDOKhjUAZ4lSV7A7RoiGkMQ&google_cver=1&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZt8Ux3BjgqicJcngI8RDclg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDOKhjUAZ4lSV7A7RoiGkMQ&google_cver=1&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZt8Ux3BjgqicJcngI8RDclg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyMjcyMzE2MjEzMzU0NDUwNg&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZt8Ux3BjgqicJcngI8RDclg

Request Chain 116

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPImrUgaD7Jwb7D830xlWW4&google_cver=1&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPImrUgaD7Jwb7D830xlWW4&google_cver=1&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc&google_hm=FzGICGZH6HM0W3RUTHaLBOZA

Request Chain 117

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJsGuY-vkuTJX3UKLg1q2bM&google_cver=1&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1ATGn4H4VgokajkruqwZh2iDIiCjql56r HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJsGuY-vkuTJX3UKLg1q2bM&google_cver=1&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1ATGn4H4VgokajkruqwZh2iDIiCjql56r&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UUGdaeC41RTJ1SFZ1RS5UMnJ6OVYzQ29EMGJFSUwxZH5B&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1ATGn4H4VgokajkruqwZh2iDIiCjql56r

Request Chain 118

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKAaV-P1wLVolGWkcb5cabv1WASeniLY3LFJkpSPFH4Mytl7ROth-EIagj4SF0q-QMOaDrIy1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENpBvDdQ2NUN45EbPbfK04I%26google_cver%3D1%26google_push%3DASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKAaV-P1wLVolGWkcb5cabv1WASeniLY3LFJkpSPFH4Mytl7ROth-EIagj4SF0q-QMOaDrIy1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY4MjU2MTQyNzA2NDg2OTUxMg%3D%3D&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKAaV-P1wLVolGWkcb5cabv1WASeniLY3LFJkpSPFH4Mytl7ROth-EIagj4SF0q-QMOaDrIy1

Request Chain 136

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=84b0e005c42a4cfa925b6c74d6c54dd7&dup=&cbust=1670765325836794 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=84b0e005c42a4cfa925b6c74d6c54dd7&akipv6=2a01:4a0:2c::7&dup=

157 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.ua/
Redirect Chain

http://risu.ua/
https://risu.ua/

98 KB
16 KB

317ms
216ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 731e0e8108713b6b324f2b00b7750bcbca940ceb97beab1f1351c08f8942c9f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 777e90a00f5b06f1-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Dec 2022 13:28:42 GMT
expires: Sun, 11 Dec 2022 13:28:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X01qN4bq%2F4P44E%2BEqhMLoeeNJDYQ%2BqHG3qfk7Wimg89%2BFZHGGgdIqsDdcDDaU82f7wqSUooDzMtvsNE%2FomG7pZ6IwiKE5LgQhDG%2FwEISQbXxABeel1Fi1eGxoZXhOyWLiRD1hyb5"}],"group":"cf-nel","max_age":604800}
rt-proxy-cache: HIT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 777e909e7ec324d5-LHR
Connection: keep-alive
Content-Type: text/html
Date: Sun, 11 Dec 2022 13:28:42 GMT
Location: https://risu.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OQlOXgFoZ1yKQqKnQryMOdkW9fVYYbF1cqVf2IqaXj03Xhho3X4ZOk6FXKPruoXucihjl9NAG7fxQlZUit%2Bw%2Fm6FdAxlfUABwl4DQKQYKbUEL1mPP8pJF%2BhYVqfKDj8tJKQw5sB"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.min.css
risu.ua/assets/frontend/css/ 454 KB
32 KB 71ms
70ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1827747
etag: W/"608bf299-71989"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmfhXyHj8Sv2WdcLyIt%2F6NKfAdgBkMr2uFFV1QLHWhqdJiNukbLNVyuR1Rgioy1pl9gpqW%2FW2WoO5gr%2FhLNtx3rFtlO9Aud1PtU6WVzsMmIFYtcjDM8ABnNNJzAP%2FKV3MNmcWukf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 777e90a1692e06f1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 195ms
74ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c27ad84eed5cd9a63c28d5eecfeb30b4b690901c03e09d51532e994e8d277796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43589
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Dec 2022 13:28:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 233ms
80ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1418 / 317 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 11 Dec 2022 13:28:42 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/ 64 KB
18 KB 250ms
112ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 20:06:58 GMT
date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:58:33 GMT
server: nginx
etag: W/"636028e9-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 251ms
124ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e94044ade7aa19a5817eb392a56ee57ef428b8f9cd4eac23170f9bf9202b427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49556
x-xss-protection: 0
server: cafe
etag: 7975427825173806697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:28:42 GMT

GET
H3 200 logo_uk.svg
risu.ua/assets/frontend/img/ 79 KB
31 KB 212ms
209ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo_uk.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3861952
etag: W/"608bf281-13d0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uFO309%2FA67Z7zilozoCzhVUy1QucTM%2B77oO7FQwfw79L65fggJNJ33JbwagayN6OnTSSXH%2BD1TqEAnWl3lyfoaLlDwW3VCUL79iLS%2FCp6eTV%2F%2FJsyIevVMvMdPObbtg9i6NeHIh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a20a187771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menu-arrow.svg
risu.ua/assets/frontend/img/ 239 B
693 B 255ms
252ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/menu-arrow.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1603910
etag: W/"608bf281-ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJsS2CUDbHwfqJxTontAzVv9ngbalq%2BADbWZlCd7PjiDmjhHF%2FOLe0YDDX5rQn2Eh6ktEZbosVkhoF%2FoBJ9r%2Fx7ifokAUNVv5Od%2FGlA26d8dPV4E%2BAWdveRPXudQ28xC%2B7Eob3oc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a20a1b7771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 638f645bed674544710142.jpeg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 51 KB
52 KB 256ms
253ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/638f645bed674544710142.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3450919e1fe5ba9a019cc925b88396c853a4370bc07261933c792e1514135ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400044
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52691
last-modified: Tue, 06 Dec 2022 22:21:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TSXt2xwsNfbDgi2cOGlb4ucTHoBVKfrBeuqS%2BsUsUAc4JFdB6GPEKGG5XAQp0NvQxplGzZr26L8RoLGE2FGovYW3b0RPbHWyiw%2BbLiCa5mM6behNI9BHcRVMo1QfA7UOGnp4qfx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a1c7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6391bb5391087617020063.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 71 KB
71 KB 258ms
255ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/6391bb5391087617020063.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fbc2550fce755a6344ad55c43d188d006e0126b4018b9362309db0d17128373

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260933
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72457
last-modified: Thu, 08 Dec 2022 12:59:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwumIKWPwQ%2FH4w9uZ23sSwmeL1IrD7XZ9QwVnhaQpLRGMxE856dbDl39iwU0yraCW5FzmxthnFHfPBaxQlxTJOJHfbB28RpUI65cEmtzgXjqrn9aKSshNHjz4RinU29B0y2E1HYM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a1d7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6389218ad6bdd774715902.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 55 KB
56 KB 303ms
300ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/6389218ad6bdd774715902.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5037c31bd9323abc92c002d0d8473a10538e21c7f6c77588a55ca7f34931f7f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 316215
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56375
last-modified: Wed, 07 Dec 2022 21:38:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9loPqjNkbKbXKgFa0x8lKNBxU6MGkQYlwjqs2i3LMD1lTFOcJ4LKh8bjcnMs2CTYUgsibfw%2BsFNgSdPZiSjke3GBQzimqPMX1Wvsl4oUTlJ%2B%2Fni4fN3pdprQuDCHRFMv18tjRmh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a1e7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 638c632debb20692613969.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 56 KB
57 KB 304ms
301ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/638c632debb20692613969.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb1218472074b188371ea21f75661df7668cd8750993712f76436eca2acc88d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 607957
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57848
last-modified: Sun, 04 Dec 2022 12:36:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8gAjGo8TbEjOP4wH8%2B3IrZZhXeEk7LjgW3gltBzqxtumD7l9IjL%2B8iJq7yhnw1PXVUr2WCzh%2BQgk8KFiti%2F%2FtC4RgNyyOU1iEGd%2FuM5QduPnINkYU1sPRCHIGm4jdaOcMZAmk81"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a207771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 63879bb1bd760617274594.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 50 KB
51 KB 347ms
343ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/63879bb1bd760617274594.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802661230fc8987a3d447a034ede86040a06c9144963971695a7836001505012

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418520
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51617
last-modified: Tue, 06 Dec 2022 17:13:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62ZKH%2BbrCvCecrhKyLQC3d5k7m5UKuLviwg8oodtX2iO3vWD92EdrTwvwE6PfAIB8p5dZ65LFIsnGf9aSICFoG49M%2FzQ1KJbkFlvEbTtdXeHf2XICxunkU6MQRF5c6rFzfcw2s0Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a227771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 63865e6a5957c357174955.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 35 KB
35 KB 348ms
345ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/63865e6a5957c357174955.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d622c7d6e89e86b3ac4ff1c052516e29f81e3d2a48c6eb98611784b564ca185d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418520
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35438
last-modified: Tue, 06 Dec 2022 17:13:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1v0fsYwArjLM4BvXImX924itdI9xr1UJmiioAhit5zfW%2FUxBR6WWFwrH6bGVxS3iCC9HpSo2Fv5xFCRx2CupxnnrpKLtHap%2FnDXNdvNWFihjRCIQWG74zp7vVXoabgxj4LfKLyP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a247771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6386147a593dc198210249.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 156 KB
157 KB 349ms
345ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/6386147a593dc198210249.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cea94c5948ba197dbbcce6f8397980eefe2434a12e65b7163d3e7b27f4249d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020665
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 159691
last-modified: Tue, 29 Nov 2022 17:57:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li%2FzzaLE1LRa35uflMyKZiVj17IQX4scZrdL%2BGxs9V9%2BUwhYnXe%2BbG%2FjDlfgbvW2FmZjq96wOLvf4p7%2BTketrhVUVLnWvfl%2BJHk52S8dYHyyjzZZVsr7NPMWl7rckJDiRawpyDL%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a257771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 638269f9e9fb5052569925.JPG
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 75 KB
76 KB 392ms
389ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/638269f9e9fb5052569925.JPG
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fdab92259456091f98c69ad4a0cbc4a601e3485ea60d84cb87a81a234824d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170042
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77094
last-modified: Fri, 09 Dec 2022 14:14:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45C3fRRV0KgZtKWC4DHG8UoEPB9XPfuGL%2FohbH7LAcpXZZs9nVLDrisCy%2BQl8GQRuTYKyQDBJkOibyeO5MAm4GW7piUQi9Ec6%2FKfPtzard4UNe5wOirAZzDKC71Qe4UfyrobGG2c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a277771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637b751c25f78499740981.jpeg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 68 KB
68 KB 71ms
68ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637b751c25f78499740981.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc19e3507f31173b5df84b7bfd3880b06c5e91e2afed7dd347bec9a3d86ca02f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418519
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69356
last-modified: Tue, 06 Dec 2022 17:13:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVOA2nfyWPDtjEtWQ7se2bDU%2B9VTE5Fu50LRBKpYQ4lQdjV2JxY%2BvdT8RzmIvIHNV2J8t8LcKNGWzzzATgf55rU82iRzkAo6XSiNzcyHdVfQSjRy98IJgq4Ad6rtaJbG%2BrDpilaF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a287771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6374c0934a7ad046535547.jpg
risu.ua/uploads/110x110_DIR/tags_images/2022/11/ 3 KB
4 KB 412ms
409ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2022/11/6374c0934a7ad046535547.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca37aa2c5511db7747f57cdbdbfc96022d2054698ca3e11e02a2e69ff26d2ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2160124
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3031
last-modified: Wed, 16 Nov 2022 13:26:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oR3QQrbA5Ihdzs7ybhhSAA2Vr05zJvSHcpire4HT7%2F2eNTKnRQvIJd2dRGj7ah%2B%2BLYV3WArSnPm4NFhsjanHX0x9EiFyP4bpw8icRkPeO1daffSUu2DYK65B5Z9OnM%2FirWipxS%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a297771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5ed677cc4fb0c256601566.jpg
risu.ua/uploads/110x110_DIR/tags_images/2020/06/ 4 KB
4 KB 412ms
409ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2020/06/5ed677cc4fb0c256601566.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8eb92bf3059843afea5bde2ed213572f360e0522a73de706b6fff3ff849add8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88681
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3868
last-modified: Sat, 10 Dec 2022 12:50:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SusbIN4qi1Zt%2FTgKfS%2FuvHN602VSweY7WeQhJKRTUXuEe4L8W99bOE0mKPkyC1wSidGyHnu214DxRfNRX9OCxKi9tCEtF7eG5BrjDcx54fGfDUx6TOw%2FEjugiw9akMZVC9gF4cmC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a2a7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5ed0bccec18d9235004951.jpeg
risu.ua/uploads/110x110_DIR/tags_images/2020/05/ 3 KB
4 KB 83ms
80ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2020/05/5ed0bccec18d9235004951.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077a2c69460d193c9f06c31ba0ffe80c5e0287d74eb3adc1a4139f8b88d99980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418519
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3578
last-modified: Tue, 06 Dec 2022 17:13:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH7Ey8rcrZ0fscCeuz0%2F95DQUCKaOsPl%2BomwbHj2lzwoscMk9qgWE5NowpPqrFzBbId3wkI0ddjsDfRfPKldt%2FC7GUsAkr2tA36dROhbFCG8EhE5X%2BpBPCv8uZv%2BJu3%2FxjLjTLpf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a2b7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6392e909706f2557428316.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 77 KB
78 KB 413ms
410ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/6392e909706f2557428316.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de104c12cbb6a8afbb5048550de855e301f793c3bf1c66ddc1695dd308f019ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170042
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79146
last-modified: Fri, 09 Dec 2022 14:14:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdhDSTff%2BcGuVh2O5tXNmwhWw%2B66yiQunHkeChJZuVH6dN0rBHU%2ByFPK3HLtVPTPaq82KrPsk%2B3cF7gqmMsFTcMT0VvvHNEhn7tStCNs5Afi85JvUMKzF0ka0N69fBE0b8jGz20E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a2d7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6391eedf6be77862251738.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 119 KB
120 KB 433ms
431ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/6391eedf6be77862251738.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f167495e072d2350876fb0dd4f61bed1d43362543f51ddf4d23ef01fb8d946aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254691
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122039
last-modified: Thu, 08 Dec 2022 14:43:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytHLzTwXqRFvnES1yP1%2BFLMUdFYl4sYmDNF6M%2B9b1fMpDTJiLsai0UmkXgM7J1z6lsq2tnEEe1xtNIeDSSVXaund1ZYc18d8Lts5GA5t1ffcaNVfKWpIk%2BEql8u%2BvlmIvB9%2BrO3o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a2f7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6391a69fdd54e565270196.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/12/ 57 KB
57 KB 434ms
432ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/12/6391a69fdd54e565270196.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf2b6ea7d4db625060f674e672638a829034bea602f7b210c15fd1c99b9c959

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254691
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57905
last-modified: Thu, 08 Dec 2022 14:43:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSzeI%2FARTZ%2FBi2zKeKpIQbTT1Z730hDWuKp1TWSjbG1%2BTSUxIKIfd2qlhMqzWmcYinh9yEtgNN3cfrJYRe9q4Glu0jWgsDjgQpbDLIruSN2vEyg3TMLFE%2BmtYP%2Fqo28B1Q9XWVr%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a317771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6333f4b503cd4015638230.jpg
risu.ua/uploads/580x328_DIR/tags_images/2022/09/ 81 KB
82 KB 436ms
433ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2022/09/6333f4b503cd4015638230.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd50510bd8e9cc6751f2e2404f6aaf786b70fffe0dd2efc6e0357aab1fbb501

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95405
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83102
last-modified: Sat, 10 Dec 2022 10:58:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1CsKZjTpzLitiY2%2BeCKLl0bXe86uueKaSkDYdNn7Ej%2FQcNiuSQT5vu%2BScFstdbUhmOx4k9Rh1ur79r4LaFOAmIVdDhQ7tuSACEx9Uboip5Kt57TTcWr%2FxOMyKo0zthPHeBrKy5x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a327771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61ce308dd9c9b697521209.JPG
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 21 KB
21 KB 437ms
434ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61ce308dd9c9b697521209.JPG
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e232ec73b57ae121611a53388b54b85b5f44b1570359abdd812a618bb14eeeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170042
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21293
last-modified: Fri, 09 Dec 2022 14:14:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuVK3LRcnHX6Lep53brVPOb4UrpUMxNH0K5RtAwQk%2Br2Eo5lD1Y9XKZCOq8wJL5JdbzgwsLEb1iQiK3AEgN9%2Fq05ZFqZjviZYLKNvL%2BRuTHAGmn%2FnDesO4E8FWWwaSqJna%2F0HK2N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a347771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61a741495c4c5997061457.png
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 53 KB
54 KB 443ms
440ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61a741495c4c5997061457.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806114
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54467
last-modified: Fri, 02 Dec 2022 05:33:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apWpFH3UrC0uKsqZRKtUZIIK0Chn5G%2F9aEF2NvPV15TsjL0QRJ%2FyRvgT5i%2Fz24B7XL222cDy9zxaUlBX8SQfMZ5b3ItX8MlsdFrS1xotRtpGZpD72zXPTc8CCC6rjPGj7E5Y%2BLca"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a357771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 no-photo.png
risu.ua/assets/frontend/img/ 7 KB
7 KB 445ms
443ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/no-photo.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170042
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7059
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-1b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP%2B4Du0Xvdu9hvzuwhcTIcMfbLL49G1hTO16%2BkK1F5McXHH%2F9X1LMu5x39k3OQppYndYHXGdQ1bNcymknEJetBZqyDSBIn2eZbrPuS%2FPCwRyZY4pl5qbN2a14Y33GuLOPYpXsRCO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 777e90a20a367771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5f55fd7b87854447750778.png
risu.ua/uploads/380x215_DIR/tags_images/2020/09/ 21 KB
22 KB 446ms
443ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/380x215_DIR/tags_images/2020/09/5f55fd7b87854447750778.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128997
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21536
last-modified: Sat, 10 Dec 2022 01:38:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD9hJJ4rsMcIJohCHyKIOkcGveaZ1Hzn%2FO9QyqIWCz0o6DPOeT2WYNaF9P9%2Fa3kzOddlf1obLyXJESqaZ2hWbWj6dwsI%2Fx1Tl9K43tZbEEcgL5JVeXtePBQ8u%2FsIfMUYXl1msEQP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 777e90a20a377771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 47ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 18:45:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6390df59-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bw0q1RZEfNgijc%2F8kBPM3QtAPEBk76qHISgQoDkwR77VycDCu4%2BmJeu3nC1SRlr0xCdvsgystl5YpzP8w1xxDfU8Pq9%2FYnFEXlWVXjsR028Ic5mRrNZPJ%2BcLvBmDC41P14aEDik"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 777e90a1e9f07771-LHR
expires: Tue, 13 Dec 2022 13:28:42 GMT

GET
H3 200 app.js Show response
risu.ua/assets/frontend/js/ 281 KB
80 KB 118ms
117ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/js/app.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26967945
etag: W/"608bf2a6-4625b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmH6szcVcCcYWp5%2B2z81cdijwfampJwdb1HjXb5J%2FT6YvxuAOmB0HUBGdffmqjdQVfUFV%2BBLdClfExNcK62F0hO1pqu3tdQx5N0MzpTvRxzuzh1wuviZj2W9ci3J%2FHBvzwQdDYPW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 777e90a20a0c7771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookies.js Show response
risu.ua/assets/frontend/cookiesAcceptModule/ 4 KB
2 KB 72ms
68ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/cookies.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26967945
etag: W/"608bf2a5-f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OR%2Be4hVIXThL5fdotjA9IzQeICG1XFYdHOsNjD3RIX%2F8Rvqezxq74DymWLqXcRvVIQLwIcN1YfqV%2FobKOQ2c%2B%2BI5KBverk%2B9Vcd%2BaPprQ5LFn9OkK%2BUSjjSplk4eYdfR0dOu7%2F3a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 777e90a20a157771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-header.svg
risu.ua/assets/frontend/img/ 331 B
714 B 452ms
451ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-header.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5726741
etag: W/"608bf281-14b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zU5lwwYfYyUyFVy8C5zFVLJMfrck0mWAUlek8NhcNUZYccAoZ1O5hUOQkH73ogzDJ4ON%2BX2mcTldR%2B2djDmQFWEOV68X9UvY3luFq6X8TSh6YweYnC4Ui6%2F6Adl191BscuYMdODW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a20a387771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-language.svg
risu.ua/assets/frontend/img/ 141 B
631 B 451ms
451ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-language.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26967945
etag: W/"608bf281-8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYyszHVfAmfVDc%2BtpjynrXKkm0w0bkLDHxO4iDZGjJgdxWVnmKaZzeVQqgIFjux5LNssI1Wo9%2B068Kg7425fIfIlAF3Tk7lcGYZqrMXs6KqAeltrui%2B6nMpO9xkHk4w4dCE3RMsx"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a20a3a7771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search-icon.svg
risu.ua/assets/frontend/img/ 274 B
708 B 452ms
451ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/search-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26967945
etag: W/"608bf281-112"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVKR5O7YKhzH%2F%2Fv%2BHBo9zGqLyIOBr1B6sOSZxIcPxvPlNaEyVOm6JFte%2FrzsB9GEqj7qV1kPj7Ev3QlRXQ%2FA9pER0BA9Grs4jjH%2FenbmgsZxwPr9wqHlPAKfYYNnxgcxU%2BtijXgO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a20a3c7771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-SemiBold.ttf
risu.ua/assets/frontend/fonts/medium/ 238 KB
239 KB 451ms
451ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/medium/Montserrat-SemiBold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26965081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243816
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3b868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDVwRHj9I4J2bLhtOHL4fnEOJYRyR%2FR1uX1tXWbdp3QtJ9T3k2PAZg0b49BE23QSoRa1w46Hg2s4CBOeDLPqs7MgNHUgYzKbYEg938tFtVwDCVvru1HqmXymIJfnN%2Bx9%2FLmTghnj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 777e90a20a3e7771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Bold.ttf
risu.ua/assets/frontend/fonts/bold/ 239 KB
239 KB 473ms
473ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/bold/Montserrat-Bold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26965081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 244468
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3baf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptJKsQfevR5LxsXixYt%2BVHO0su2kxZaE6WdeMcErcZ5UXYcTsluS8CDeOURYyv6qMAXDXrUMCeJ3Ydlh7bhzNImGxHsYgievjn8ZUCohpVK5Jc%2BqegPodvhKY9Bf6AMnp1JkzGdj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 777e90a20a417771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Regular.ttf
risu.ua/assets/frontend/fonts/regular/ 240 KB
241 KB 516ms
515ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/regular/Montserrat-Regular.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8644294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245708
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3bfcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wLKNkmESfcgGc65BJPsLqiA4mG7YdoBwGJ7R%2Ffci%2BoN6GgmbMWqC8b5omhUq6dn0WS0N2s7dCRRY8CLmCoeGxuaGs%2BJ2RO0vvfPuZoBXtSNLFTf6%2BIUYfcQs9XXkOEsPANLC5v1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 777e90a20a427771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-pink.svg
risu.ua/assets/frontend/img/ 380 B
772 B 507ms
506ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/facebook-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3646822
etag: W/"608bf281-17c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6dsOdqjaOz8iYiz47HZxxEeHGByeIfrMm9m1P2exYjsFX1lX4G5bbXA9NlQRdId6yhHW47CPcc8eBA6tk8wFMAJLORjuB9vTIzE4GSW%2BWA76XlriLNS1xOVNRSwJvzj7hVO%2Fnuv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a24a877771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-pink.svg
risu.ua/assets/frontend/img/ 652 B
909 B 507ms
506ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/twitter-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26967944
etag: W/"608bf281-28c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT27Rjj2hhaDwLQEcI1Z5AskDBUyvAj6EkQtuExNi5WVajZXcs%2FOEkKU0f7IVFv7sa1yZVIqUbU1cwB2Wf%2F5nbdcF87qGrHuJbMnsP7hVfnt05dsziDyw00ena6JyN%2BYirNwjcx0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a24a897771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video-icon-white.svg
risu.ua/assets/frontend/img/ 1 KB
1012 B 504ms
504ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/video-icon-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87643
etag: W/"608bf281-40e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKd%2BMdFwz0Q71Mo6Nb50cwMbwv3iKFRwcusg%2FivUkW3g70js5mIkoMoRQYlEGVu2FBA086ADwiuhQrVzHDqDd%2FuoYecOB5w%2BqbmqeSF%2FYHzDnnGaUtmilRysl%2BsQ%2BOxkaamgFJ5N"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a24a917771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 photo-icon-white.svg
risu.ua/assets/frontend/img/ 2 KB
1 KB 504ms
504ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/photo-icon-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2aa9134c41b283e3065021eb2b1d2f5be6adb701d1dde7151bc081f6c403694

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 220257
etag: W/"608bf281-756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXQDeBXkqZmW2s6QYPe0f8chc%2FuiuSEzOZaz8ajdg1QmA%2FVzBGaDjiH345Z9eUpQ25o%2BniMSjRRDPC9KekfPpaEyRc70Xc9Zhxz7e%2FwBh1%2BWCwAjharC7foLIVNh7IuKFCfWIYnw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a24a937771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rss-icon.svg
risu.ua/assets/frontend/img/ 585 B
814 B 502ms
502ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/rss-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 323800
etag: W/"608bf281-249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRkVrGUUus7WdVsqMXRXe3BvBWWNFB%2Fg07ZHodlJb5t2LANyuhIgcU7j87twN9n1P98WqwSFvJKn0nw6GcLo9wSBI8IGWYmHoGnz6felEJRn7pPQE93SQwtx9YbpPmTLOojV3kaC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a24aa07771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
c.bigmir.net/ 324 B
579 B 346ms
83ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?v16956114&s16956570&t30&c1&n193854&w0&y0&d24&r1600
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 1ff1d840aceaddd10edec4e79086dd35844068b120f4fa68200c65c41336e614

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:28:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 logo-luxnet-gray.png
risu.ua/assets/frontend/img/ 702 B
1 KB 480ms
479ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo-luxnet-gray.png
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 806114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCL%2BWmUiwOjDRFCA%2FpFYgcaY2YISdLJfHCjQ4awuWSymLe9QpOlD9nyDUzF8iHjWkyYWPW125M3J32Zz%2FGjqu7Uj9gaFA8mzE1s7Lzc8Ye02M9YkR2Ugkwf4gs8l%2B0bTqv2o1uD4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 777e90a26ad47771-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Dec 2022 13:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 776
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 11 Dec 2022 15:15:46 GMT

GET
H3 200 cookies.min.css
risu.ua/assets/frontend/css/ 1 KB
1 KB 291ms
289ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/cookies.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/js/app.js?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2131013
etag: W/"608bf297-5ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do8TYvm%2Ft4SsYpnvyHnqLeEjR%2FOsImCPhVWcr%2BM0HrUX5Gmx4Bf6gjy%2FMqNqOHTRD24vnXQpC6oPBkfgVugzLtWUw8S8KfnWhuJsRBDdKel5Rb%2FG4vCX7hsaKh5NB%2FtRNfcG2zxW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 777e90a39c837771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 close-popup-white.svg
risu.ua/assets/frontend/cookiesAcceptModule/images/ 971 B
985 B 291ms
290ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/images/close-popup-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5726741
etag: W/"608bf2a5-3cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yH60nYZCh2IV3SyhD%2Bi9GezP1fBS9GgwQLUWfbq4ufPcnz%2BZsejO03m8ef1PPcboHIS0kGnUR3OrBq%2FdKpA%2BoKh9tAITwpP4U%2BJow68x5oQx%2FOV0MGQzEoeWNyktJemBhlx6Ectv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 777e90a39c867771-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 246ms
131ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=acf6494db584a05259a7b96ad5661584
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:42 GMT
x-correlation-id: a8182c21426f0e469f782a0cec277d58
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H3 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 171ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 09:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 10 Dec 2023 09:42:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
77 B 205ms
89ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 236ms
121ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-9928410365207988&plah=risu.ua&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1627698bbe122feb044ccb8a8c288c6b88e7f2cf12f6dca15848a94a00f8c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 5301395659324850577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 2177 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 54693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 22:17:10 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 22:17:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 180ms
64ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1222134784&t=pageview&_s=1&dl=https%3A%2F%2Frisu.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D0%B9%D0%BD%D0%BE-%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D1%80%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1306399606&gjid=1791779807&cid=2027066515.1670765323&tid=UA-11950234-1&_gid=811482405.1670765323&_r=1&gtm=2oubu0&z=1174389653

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 193ms
56ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 11 Mar 2023 13:28:43 GMT
date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 179ms
63ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
13 KB 130ms
129ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3543218033723578&correlator=253891692243294&eid=31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=22089206648%2CTop_banner_970x90_all_pages%2CBottom_banner_970x90_all_pages%2CMainPage_1_970x90(970x250)%2CRight_Side_1_300x250(300x100)_News_page%2CAfter_NewsLine_300x250(300x100)_NewsPage%2CAfter_NewsText_580x400_NewsPage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x90%2C970x90%7C728x90%2C970x250%7C970x90%2C300x100%7C300x250%2C300x100%7C300x250%2C580x400&ifi=2&adks=2389199358%2C168509343%2C3692737370%2C3703452599%2C974587042%2C2722939886&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1670765323216&lmt=1670765323&dlt=1670765322442&idt=746&adxs=240%2C315%2C210%2C-9%2C-9%2C-9&adys=88%2C5554%2C1399%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frisu.ua%2F&frm=20&vis=1&psz=1600x6632%7C1600x6632%7C1200x0%7C0x-1%7C0x-1%7C0x-1&msz=970x-1%7C1600x0%7C1180x0%7C0x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=2027066515.1670765323&ga_sid=1670765323&ga_hid=1222134784&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67aa8a64cab4a30b27db992c7a10e38c579b0f7ede98298a3334daa31de4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13548
x-xss-protection: 0
google-lineitem-id: 5558920724,6086101189,-2,5549285903,-2,5565522436
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333809203,138400798637,-2,138332241179,-2,138359238729
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://risu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E23C 6 KB
3 KB 217ms
62ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:43 GMT
expires: Mon, 11 Dec 2023 13:28:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
692 B 195ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.ua&callback=_gfp_s_&client=ca-pub-9928410365207988&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-9928410365207988&plah=risu.ua&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29dd2203fda3ba059c894f687d61fc472d6f02a3f5dead82569e38fa92094f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 202ms
202ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Frisu.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAEA 603 B
68 B 292ms
176ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1670765323&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765322885&bpp=2&bdt=442&idt=376&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3889481262454&frm=20&pv=2&ga_vid=2027066515.1670765323&ga_sid=1670765323&ga_hid=1222134784&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219&oid=2&pvsid=3543218033723578&tmod=2092566213&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:43 GMT
expires: Sun, 11 Dec 2022 13:28:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 183ms
58ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=acf6494db584a05259a7b96ad5661584&user_id=dcbe4311-6403-4825-adbc-72666bd82bd1&utmb=a70e046f-7037-4172-ba7c-908e1c711b39&path=https%3A%2F%2Frisu.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:43 GMT
x-correlation-id: 11d100bfc29760849653c0e199a2bb5c
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

GET
H2 200 container.html Show response
90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 866A 6 KB
3 KB 72ms
65ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:43 GMT
expires: Mon, 11 Dec 2023 13:28:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0079 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2XTF_QWzUemMlntSSL1OwTUYAE5HaOhdbMHfva-vqVvQLfWZnWfsgWxNJ2SccKXDNr1Yt8D9qXuReGOMNWhtqAGASN_QOFJFj_c-p-bRpwadiOT9V9hGIqEjJhqxDbZQIG0bUjdE8sd_iPwhPGeHplB9NrAjP8BxaR5sNUFH6N3pLIXQU0lptjvPSB8CEwhyR2nEsNenP3jp6rxyocTrkKKoMkZCEeKR_8IHg6Pzg-Y2JlvCCu3-7CtPZT1-icpmNjz3C15fg4i6ijCp8eMbJEwauJCyLCa8bkkLh2G1D-8WWqHk4KbgMOqmPJSNswMIuXm-6W_kf5ROiMVfd&sai=AMfl-YS8f6eXB4ER1BfcOUNC-LTDBmrwz5QoSVDj5XjvawjC6KqGE7BF9C3aP4dUVIRd0f5QOkS2AAdO81LUXPiZUqRPXn7F2SG25KKzfcURfY-dOIjCNJFiEGKus9SwMqj69cK7MKpMif2Gb1NVfnv7xfU&sig=Cg0ArKJSzHbgUsnEeQ_AEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
H2 200 risu.ua.1319990.js Show response
jsc.idealmedia.io/r/i/ Frame 0079 2 KB
1 KB 287ms
179ms Script
text/javascript 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161ba823ff6b6192f510ac88fb558941d2f635cb1c2ab4edc38f78014f487b05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-amz-version-id: EY4EERWnSERbeJ64OyElgNG8f8QFc2tr
cf-cache-status: REVALIDATED
x-amz-request-id: Z2C7ZBP23XH3HD14
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 915
x-amz-id-2: HFI6adGpQQJrlWVKgbAQIYdz722nJkWWg49kpMzU/QHHT8jEVwcAp4sqS4BapWUrlfj9kdwryEU=
last-modified: Wed, 23 Nov 2022 11:57:01 GMT
server: cloudflare
etag: "cee5e20522e9c0ce8a43bd0684d82b5f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 777e90a7ff9ae65c-LHR
expires: Sun, 11 Dec 2022 16:28:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0079 153 KB
47 KB 198ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 62ms
62ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 77ms
77ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 866A 24 KB
7 KB 172ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com
URL: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 866A 143 KB
48 KB 146ms
144ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com
URL: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e311b89c9695c9d3df8b4fa308cd2134d320a494f08a168f6f17b4799f5fa28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49394
x-xss-protection: 0
server: cafe
etag: 14300556913226430271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 866A 153 KB
47 KB 159ms
157ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com
URL: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
DATA 200
OK truncated
/ Frame 0079 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42957d72dcacd73fbfb997f687313f2e4e1837635c6174d50f187e68bc5b297f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 risu.ua.1319990.es6.js Show response
jsc.idealmedia.io/r/i/ Frame 0079 272 KB
82 KB 108ms
59ms Script
text/javascript 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e26064852e5376eb1f9baf2574963734e5612a15059d1e71efe2de4c769527e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: gzip
x-amz-version-id: RvBbS6DsbOuLC4zN22moSUsFufwJUA7v
cf-cache-status: HIT
x-amz-request-id: GRP5SYW9BKBNFPX1
age: 5076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82980
x-amz-id-2: aEreJ7x9aco+j6Bin69UhmKTpPs6qzGDfx5r8y5F9OlFV8b7Zec+faoFYSL9K3IOgokQ5BvIlwJHhG183BFI1g==
last-modified: Mon, 05 Dec 2022 14:06:33 GMT
server: cloudflare
etag: "65d6fcf503ab27d7bbae1932665b75f4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 777e90a99bd176bd-LHR
expires: Sun, 11 Dec 2022 16:28:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 866A 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscutcEpDFkdGinoEre8RY2XGcTEClI1zT8aG64uVkAS7ROyJsfsnLIPJeTG7hCETUKePopm58O2_tvAuwuHCjFx-VwetElyRhomJIfRaEVaLPMmXpSEPGZBREENGM41otPoZzWYJzk39QtgFbsfUhT2nwnrIEStt0zE_fYXToLRMENU46KKDfubw6TnSSJ3M3oj8HIjBTHs4c530yS1-1MfAWPzu3WZMzRLUoebBo469-pSLbhldGrao2An0-6KBySZnKZJmCyBCROi7QTX8uf5YNpZPzSr_RlDmtPgOwgJobGp-ih31IbFJDtialQWb2X1xgTFGv2hdt8&sai=AMfl-YSr_-U8SCIxmmIV-1toWEBCdbbDQcsKVxwWSAEIYUNAHi93IUWRwMW7PlqACKki83i_KOgf-BiUpMdqm9-kdiBJbzEVnrxH2w5Qz4pCsD20UN7JkDFmvl6PwXlMjFx4ub83m10VICADEyMRNYSJhJw&sig=Cg0ArKJSzGROg9xqEFBgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com
URL: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 866A 356 KB
117 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9928410365207988&plah=90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

698ccb0f6c16da62bef9143d6b047b7a9eb173e9fd7c141ccaa8f7867f4cab87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 475792740142207092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:28:43 GMT

GET
DATA 200
OK truncated
/ Frame 866A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f203ed6188a574fed7b6863cdbf06d20d8f53af9975dbd38e28168f156220057

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 651928dd-07d1-40bf-a6c9-783458083aec
https://risu.ua/ Frame 0079 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/651928dd-07d1-40bf-a6c9-783458083aec
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK b6b4c9bf-9e4b-4ffa-b63c-b652b0ce3c01
https://risu.ua/ Frame 0079 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/b6b4c9bf-9e4b-4ffa-b63c-b652b0ce3c01
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0079 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUTM-rD-vCXbkeNa-4wNT7bMF8sDIp2P0L_34ykjAVEXFWXnfkQIlhmkV8d9qiPliKBnGZbPmP72FC9qIMUzWvUqBDZ2aJg_aXLnrWa-KL3CkulnKfLueD1_5fuASUnAz00btMUSPs-9kuc97VBZs7XBNknLeCe1duYFDcO8iXE_MWgam47kU7Wg8Vs4BGcvOTSpO60XU2Du6iiMsIzU-fX3PFJeGH6cNLa_T4AChT_BwSYT8wbDpgNARJ0m1EBYEwlwGtn0zUtHZHR4n4hTeEC7pV68tYNeLfCHRDwAWzdqNk5mg-YlCosXaSUra2vrkavJaUJrFoFxkk_FY4AYU&sai=AMfl-YTSOO63eYsi7uUHWWrtJ4MJQUCCfqnLOfd5TUALYLlxWoWZO8QTgDEzPIv0W3C4qTc-1VsP94iY9F1YMo6YOULBmsEtnjFH2ARubgIoYIXeAvX0C8MkR0pr6OWdVcjGFtS-b3yHyOp99xwWl2mQk3g&sig=Cg0ArKJSzLVbtg3OOwrtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 13:28:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 866A 107 B
122 B 183ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 866A 107 B
122 B 176ms
64ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71D1 117 KB
41 KB 701ms
701ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70aa59ce2ab008d137cd8b2b02422a853603d8d42f6a36508b6305cdeb1b9f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 42402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
c.idealmedia.io/pv/ Frame 0079 0
66 B 74ms
61ms Script
text/plain 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.idealmedia.io/pv/?pv=5&cbuster=1670765324052229035623&uniqId=097b7&childs=1348352&lct=1670198400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Frisu.ua%2F&lu=https%3A%2F%2Frisu.ua%2F&sessionId=6395db0c-0e7f6&pageView=1&pvid=185015fa7149badf55a&site=809874&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777e90ab8a57e65c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content d51181dc-d9f6-4f48-82fb-66f6bef8bbac
https://risu.ua/ Frame 0079 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/d51181dc-d9f6-4f48-82fb-66f6bef8bbac
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.idealmedia.io/1319990/ Frame 0079 8 KB
3 KB 111ms
99ms Script
application/x-javascript 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.idealmedia.io/1319990/1?pv=5&cbuster=1670765324117376335948&uniqId=097b7&childs=1348352&lct=1670198400&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1600&h=545&cols=4&ref=&cxurl=https%3A%2F%2Frisu.ua%2F&lu=https%3A%2F%2Frisu.ua%2F&sessionId=6395db0c-0e7f6&pageView=1&pvid=185015fa7149badf55a&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf4b5cf3fe62ddfeadc468c664d7e143e3edd5c3542a5e284a2373d9fc10e35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 777e90abea85e65c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjk0MDMvYTgzN...
s-img.idealmedia.io/g/13636231/492x277/-/ Frame 0079 21 KB
21 KB 261ms
144ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/13636231/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjk0MDMvYTgzNWRkM2E3YjlhMmQ4MjdmMGRmZDQ4YWUzMmQ3ZGUuanBlZw.webp?v=1670765324-sukIg5SVHQFBHpYW9VTjPwr8ftxUDX0fbLvhaCRW4O8
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 707b669ef9e8237d810644dde0abadc0c04f1164a5319191d334c18bb3497ef3

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2022 04:59:14 GMT
x-mg-request-uuid: a67f79ef-4fc6-4cc9-b7dd-d557ce66c057
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad797fdc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21320
expires: Mon, 12 Dec 2022 13:28:44 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2M...
s-img.idealmedia.io/g/14594108/492x277/-/ Frame 0079 15 KB
15 KB 206ms
90ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14594108/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2MGJlN2NiYTNmOTRiOGQ1ZmU2ZTU1N2ZlZDU4Y2YucG5n.webp?v=1670765324-Ll646YCLqvoA2wQuzFUt9j-m8BxZ3ZrPD3koa3GemKw
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9047ab649135eb522cbf5988742b96d79257149074b5c423059ca9ed874170c5

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 00:54:28 GMT
x-mg-request-uuid: 3717efb6-4b33-4d38-9b51-f77bf78cc29d
server: cloudflare
age: 84975
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad7982dc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15658
expires: Sun, 11 Dec 2022 13:52:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8zNjk0MDMvOGE2O...
s-img.idealmedia.io/g/13712015/492x277/-/ Frame 0079 17 KB
17 KB 218ms
103ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/13712015/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8zNjk0MDMvOGE2OGJmZTA0MjcxM2FlZDZjNTc3YWYxNWM1YTE5ZmEucG5n.webp?v=1670765324-Zn8w00l4OsYjNj1TBDyrrsGfCrgUnZ1pdzuuSSjngXo
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fba78610db0e30fd86dfb8bf9bc0f5f2b23a2eacb775584342a1cead1107c9

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 12:27:18 GMT
x-mg-request-uuid: bce36bb1-dd64-499c-87ba-b7979afee3b7
server: cloudflare
age: 84975
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad7983dc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17474
expires: Sun, 11 Dec 2022 13:52:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZDVlM...
s-img.idealmedia.io/g/14594105/492x277/-/ Frame 0079 12 KB
13 KB 189ms
75ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14594105/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZDVlMDA2Nzc5OGFlMWRiNzUwZWEwMGY4MTY0M2NmNWYucG5n.webp?v=1670765324-tReybFwpxmM8ou1AX5d-4KJezX0N3SjY4gZLuV8lrvY
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbbd72879e92234f35a666c45b3642f1ca5ab277ca88c4ec3ff40720413f4fc8

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 00:56:57 GMT
x-mg-request-uuid: d1c11c65-3352-4a1f-96b9-81f524f4a12c
server: cloudflare
age: 84975
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad7985dc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12548
expires: Sun, 11 Dec 2022 13:52:29 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvNDcwY...
s-img.idealmedia.io/g/14594103/492x277/-/ Frame 0079 17 KB
17 KB 281ms
167ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14594103/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvNDcwYTU4YWQ5ZTE2ZWI3NmQ5ZTY2MDlkYTdhYjE2ODQucG5n.webp?v=1670765324-uXhX0jWrXdhhbT9VjdnROW4QEZTjhQaRTfQ9uAxmb7E
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0cf3c87ccfaeeabb8c8c10fecae42df819b4ce7eea908edf52814971315f80

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 00:57:50 GMT
x-mg-request-uuid: e85540af-2e8f-48d4-bf7f-f7f9502c0142
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad7986dc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17570
expires: Mon, 12 Dec 2022 13:28:44 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU0LHlfMjAyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1L...
s-img.idealmedia.io/g/12967326/492x277/-/ Frame 0079 15 KB
16 KB 267ms
153ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/12967326/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU0LHlfMjAyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzM2OTQwMy9hMDE5YzA2ZTE4NDNiMzM4M2MyYTIxMGE2YjE3ZWQyYy5qcGVn.webp?v=1670765324-Ph1yUSVe6RG75WHJpQkWfZYzka9-tUsRo3oNtmiSm2s
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2585ad9ffc5d3fd7b78859fa2b463298551b97a9e11aca772435aceab42da7f3

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 14:19:19 GMT
x-mg-request-uuid: 24055447-590a-433f-9ff1-bed233c5b151
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad7987dc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15806
expires: Mon, 12 Dec 2022 13:28:44 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3Z...
s-img.idealmedia.io/g/11613777/492x277/-/ Frame 0079 19 KB
20 KB 264ms
159ms Image
image/webp 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/11613777/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80NDY5MjcvNDE2ZWQ0MmEyNDhhYjc3ZjNhNGIxMzhhODYyMTM3ZTMuanBlZw.webp?v=1670765324-IOKPxW3cS5zPCWjgbcbdQBPiSW8w54owZXoZyR85XkA
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 10:40:40 GMT
x-mg-request-uuid: 108f7e29-a92b-44a6-b271-fb7d28fced56
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 777e90ad797ddc6b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19872
expires: Mon, 12 Dec 2022 13:28:44 GMT

GET
H2 206 579c9a0da32694ab366b9e690c1b38bd.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-07/369403/ Frame 0079 598 KB
600 KB 173ms
63ms Media
video/mp4 2606:4700:4400::6812:2bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-07/369403/579c9a0da32694ab366b9e690c1b38bd.mp4?v=1670765324--UL4Fl2o92WmzSTDHC1_4yxQi2EIFFsLGLMF20YY-sQ

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d2d03a1dc79014bee40eaa3ae9e3e2de7f9f528bc6210a4f3b54ce64609a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 291429
Content-Range: bytes 0-612749/612750
server-timing: fastly;dur=2;cpu=1;start=2022-12-07T19:33:19.201Z;desc=hit,rtt;dur=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 612750
last-modified: Tue, 25 Oct 2022 21:54:29 GMT
server: cloudflare
etag: "31233dd0874bce9646e41051990ffc6a"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 777e90ad8cb47495-LHR
expires: Mon, 11 Dec 2023 13:28:44 GMT

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ Frame 0079 0
50 B 202ms
181ms Image
image/gif 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autocounter.idealmedia.io/autocreative/counter.php?id=809874&pid=64858&referer=https://risu.ua/&cxurl=https://risu.ua/&iframe=1&undefinedh2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1670765324273754532141
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777e90acfb55e65c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 i.js Show response
cm.idealmedia.io/ Frame 0079 0
40 B 83ms
66ms Script
application/javascript 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i.js?&cbuster=1670765324276326056507
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Dec 2022 13:28:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 777e90acfb4fe65c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.idealmedia.io/ Frame 7907 0
133 B 68ms
64ms Script
application/javascript 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i-noref.js?cbuster=1670765324289432385078
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:44 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Dec 2022 13:28:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 777e90acfb53e65c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 0079 227 KB
72 KB 179ms
55ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=68290
accept-ranges: bytes
content-length: 73257
expires: Mon, 12 Dec 2022 08:26:54 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1464 0
0 244ms
99ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue38xEkpqFmT0QfLn4AMHAsbF6_PZPdfDiblBwTW_U6NF8OZ_O0N7n006_uNs-r-mt3dYA5Dt4NgatmnjotHJIIhX0QpdD_wLXEsOTbcKQcLSPahvnJPe-XaOD7CeI3XpRq1gGhmyxeHdGTsCr42J286y5iAE8WLTcmjpVI59De3IBJ29TmGgjlC-6YWgymQwsMJI2f9WWDMzVCiPyK1ZF11ArJ4BJ5XN-L8Oo7W5ikDcoZBTm7OD7JGNYwrVqD3m0aUfvmkyUUlU3yJV3jFMoASuieVDwzYSHqCxwc7WaO2kX61OSVvF99aVF0K79xi_3EyBn68huC1kP6ZB9CZXdX5aUHi1sogj2yoG50u_O5xvHa453w4iZQYy8KuWOE22_mopHPlWkT7ZNjwXUlnzgMyh_oKCkbf9Itrl47wwZnO8-lCjVnpEEjQJ6EuJyQ_BG-Sfn8jFOZzWPmtNkz5n_UuzPDe2mDJ1rIx4-2oRBXonmeCdr2X-ylJIfbvImEigB6QzF0okPFP3uwGdact6kdU6F-3Foeh-dTiJsUxufwYfpQlIyd-u1xIcb3HaQSud_b9l1mlDWW-t7Y_gRvXDm5tj97VSnw4IkK3QkYx5z9KG7VoIB5zZHty1voKgklYURzwEoF42yhOg6W0Tynj7Ri0Ji6k3iRxthJ6xkM5GsVSSJiiCCm1104JJ1Tc3nSPsG5Kkjov4JMTmurxjXglSJN_icPAdLKlqffta5aDesxRn81AngwVIBpycW0N6OdaYIFZA_yJsDsY7hD2TZEgre8XLSho1mdWszSoWElOYNcNqUQv2ugCscIk3O0BAmO73Jz1My5yCrhCub1oPQBO2EHls2mLVxiOxIKEZ1a4QMy5fm6w5GBVLKfBbq3lEcQN-K6fLg7x49qA8I2TWZtXD2D9ZbsQOj8YijsTk8Nc5jdf5aWfayIivA4sBWveuLk8pYn7wSQcOQubrOahrp8_KvF1QI1XmX_XZSW8_3Ob-5tBlMwHWxpN7Xxzxw7acBM-zjvRqpTAKTS-TJeGDBnQ01U-JEFKFvffUInVo&sai=AMfl-YRG4oeItPIOpeb5YaXJJ8mTTB_M47Mx7BDqkcGKEmMN36l-dzFspXvoLupBJAHSgULJABkE_Nq6MT_YHPekgXkPmisFdzNJepRvxqJ9HI8YIm6BQonMUonk8_PsstkcTIx3OIX46MRklZgHJ9qnApEh6zQm0NSvtN18AfBSefx37nq12jKyUq-6CFeC5DIXVac5s6nyr5LniOM7K4T_qyp2hfiNgoab1rGHlgi2FoEfU_rYRRYywrSDLvEPZ3M58LGB-aDZh88oIskhVkCflT3fl-s1O5BkoMYG0PHCVyunpKMquXwXK_ITFEg&sig=Cg0ArKJSzEPaH-za3imuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 13:28:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1464 106 KB
38 KB 206ms
58ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 15:32:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 1464 6 KB
2 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:59:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1464 41 KB
15 KB 186ms
57ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1464 35 KB
14 KB 194ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14217
x-xss-protection: 0
server: cafe
etag: 13612117104345174519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:19:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1464 3 KB
1 KB 181ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 08:41:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 08:41:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1464 18 KB
7 KB 186ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1464 0
0 197ms
63ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlBbuNL1Xq4iAS4O9CHwvAGfFxOnMT6Jg0i4ChcuQ56ySxPsujlCDnmQHEUH_BvI_rmxpRqZfsmgZka3Q998drEFqdPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1464 153 KB
47 KB 189ms
70ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 13:28:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 1464 23 KB
9 KB 210ms
83ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AFB9 1 KB
643 B 59ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 14306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Mon, 12 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1464 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13fcd8cea60e94facf630c9df9f99bc199c9ae8a51a93fabd3e1c750c55b4d41

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C6D7 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 62611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1464 8 KB
4 KB 193ms
58ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=352921205&num=&adid=&advid=8650961&adsrv=1&btreg=544218866&btadsrv=doubleclick&crt=181152775&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:28:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 11:39:13 GMT
Server: Microsoft-IIS/10.0
ETag: "8065f8730ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/ Frame B126 5 KB
2 KB 176ms
57ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b66c27aa026932a6defa09a9b20fbcba580b524076e89c8d94c57c4a80e331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 185329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1700
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:59:56 GMT
expires: Sat, 09 Dec 2023 09:59:56 GMT
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 400 img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921205;a.a=544218866;cache=2002595867;
ad.atdmt.com/i/ Frame 1464 0
0 187ms
66ms Image
text/html 2a03:2880:f045:f:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921205;a.a=544218866;cache=2002595867;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:f:face:b00c:0:8c Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AFB9 70 B
265 B 175ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHVe-z4x9umr5UCLV7QV12I&google_cver=1&google_push=ASkJ3FawymYfriXrNxnzdpzS5JfA8r1QZa-BJZlg49b-WrE_Ax78m9xE7wZ56f5iVzIwvKNsP96MXU8bXMvEe6cSEG7tpio5KTyFZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFB9
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEI8Y86b4Jw_J9mTZwl3YN_8&google_cver=1&google_push=ASkJ3Faa_gAftV-qHgVCEwxi5s-IZgMizwdlK2IO9JmmoQ0Y-_9xwtO508uKglcPBPNf98AgRXjFX3e...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEI8Y86b4Jw_J9mTZwl3YN_8&google_cver=1&google_push=ASkJ3Faa_gAftV-qHgVCEwxi5s-IZgMizwdlK2IO9JmmoQ0Y-_9xwtO508uKglcPBPNf9...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Q_UTTfWFSJW1GRAFjk2eBmOV2w0

170 B
188 B

175ms
65ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Q_UTTfWFSJW1GRAFjk2eBmOV2w0

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:44 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Q_UTTfWFSJW1GRAFjk2eBmOV2w0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFB9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDOKhjUAZ4lSV7A7RoiGkMQ&google_cver=1&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDOKhjUAZ4lSV7A7RoiGkMQ&google_cver=1&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyMjcyMzE2MjEzMzU0NDUwNg&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrq...

170 B
188 B

120ms
65ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyMjcyMzE2MjEzMzU0NDUwNg&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZt8Ux3BjgqicJcngI8RDclg

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYyMjcyMzE2MjEzMzU0NDUwNg&google_push=ASkJ3Fb5ODoAueD3Zuj5A_PHhBAiNVP8fs3fPuezI-V3YJLukPkBFXtttHnrGg9aBe1MBUnCrIwYrqYZt8Ux3BjgqicJcngI8RDclg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame AFB9 43 B
351 B 184ms
67ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDAslsVuoBNGJv4NccpE848&google_cver=1&google_push=ASkJ3FZ-J5Q0EAVP2VWm5HRNY3kysT-RFBcZ9pI7jmy5McbKLR3AwQbmwd9mwdxGWc64O80DsmIU-n4bAX9MwL5WhfM0vKYnUr9zbTc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: r7ch5hcirrjad4dvuh9h2tvfti84c3vd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFB9
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPImrUgaD7Jwb7D830xlWW4&google_cver=1&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZn...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPImrUgaD7Jwb7D830xlWW4&google_cver=1&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZn...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc&google_hm=FzGICGZH6HM0W3RUTHa...

170 B
188 B

65ms
65ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc&google_hm=FzGICGZH6HM0W3RUTHaLBOZA

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Dec 2022 13:28:45 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FZ5rSo-1uJq7eg4mEb9hv68aqzS3PW6wMIVPC5G1fjSCFHnAgft7dSFglYKUKnFvc9IK-BuS5LrDM20X8xZnqS9XoDYUkMSfsc&google_hm=FzGICGZH6HM0W3RUTHaLBOZA
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFB9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJsGuY-vkuTJX3UKLg1q2bM&google_cver=1&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1AT...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJsGuY-vkuTJX3UKLg1q2bM&google_cver=1&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1AT...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UUGdaeC41RTJ1SFZ1RS5UMnJ6OVYzQ29EMGJFSUwxZH5B&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74p...

170 B
188 B

153ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UUGdaeC41RTJ1SFZ1RS5UMnJ6OVYzQ29EMGJFSUwxZH5B&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1ATGn4H4VgokajkruqwZh2iDIiCjql56r

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1UUGdaeC41RTJ1SFZ1RS5UMnJ6OVYzQ29EMGJFSUwxZH5B&google_push=ASkJ3FZbB0F8opfniExSnIFwDSJ1EInGI_EppBR6mbBA_ko-gbfQAB74pRLsyiLy1XQq8Ep1ATGn4H4VgokajkruqwZh2iDIiCjql56r
date: Sun, 11 Dec 2022 13:28:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFB9
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENpBvDdQ2NUN45EbPbfK04I%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY4MjU2MTQyNzA2NDg2OTUxMg%3D%3D&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKA...

170 B
188 B

179ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY4MjU2MTQyNzA2NDg2OTUxMg%3D%3D&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKAaV-P1wLVolGWkcb5cabv1WASeniLY3LFJkpSPFH4Mytl7ROth-EIagj4SF0q-QMOaDrIy1

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:28:45 GMT
AN-X-Request-Uuid: 9175b974-6750-4919-a6b3-9ed4df0b3464
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY4MjU2MTQyNzA2NDg2OTUxMg%3D%3D&google_gid=CAESENpBvDdQ2NUN45EbPbfK04I&google_cver=1&google_push=ASkJ3FYhUNyUYZ9D6uEfPk-va06tK1kKKAaV-P1wLVolGWkcb5cabv1WASeniLY3LFJkpSPFH4Mytl7ROth-EIagj4SF0q-QMOaDrIy1
Connection: keep-alive
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AFB9 0
232 B 203ms
65ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqYqJA20lPn3Z7aAUb94mEJ-_gYo0J2pLyLkjt78fvPJPDMeh3gvsJGgOYJy9O6S6J5Hkf6q0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame C6D7 36 KB
16 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 style.min.css
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/ Frame B126 5 KB
1 KB 60ms
59ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c27a9447e3f0f94513662e6d4fbdab829bf4a229aa358de43141fd4e55fcda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1456
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET brand.css
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/ Frame B126 0
0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B126 60 KB
24 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 13:28:45 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B126 2 KB
1 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 13:28:45 GMT

GET
H3 200 index.min.js Show response
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/scripts/ Frame B126 30 KB
10 KB 61ms
60ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/scripts/index.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a006fd33e5ab16037ec4989c766ee05f8a96ab48baa41a295c9247c1f2e965a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 16:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10369
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 16:22:20 GMT

GET
H/1.1 200
OK dv-measurements3317.js Show response
cdn.doubleverify.com/ Frame DFB4 552 KB
106 KB 62ms
62ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3317.js
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:28:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 09:45:11 GMT
Server: Microsoft-IIS/10.0
ETag: "80ad389920ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108147

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6D7 0
20 B 209ms
208ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Biv2ZDNuVY6a2BZfPYJ7Lm9AEAAAAADgB4AQC&bg=!PD-lP3vNAAYgquz3AKo7ACkAdvg8Wi6ofTQzLLOMVWk7HtiIijMvucoD8HL-KYycJJcyx2s1zbyB9wIAAABjUgAAAAJoAQeZAyXPGaWqDaZQw2uKC8Y1FkF-dr2A1FjKjCFwRkC6LSO2-Moj-9tj9OWV6wvEJ-SY7ZJGpiVk-WF2KK2cX6gAiaimuwfFR5krn_LJp-vZNURM2WqpnkGTvk8hzF_yImoUUkSutqo9Ol7FuSLQ-lkMCizjhQrbzrJjNn_HesXjpB4tMT1H2O2kfIMRygSmt_YiF_m_DCoIcF5tXkBSpvByHOR2t4qHeqN6TdBeMtYtWqmwzInANYUsXyOfBtCvYVRjeQ3I2CGp1JhZmJpB6OA_tF1cBDgzrzXRpQ90fQEA5xX5cSIhCyslQAwdwLhoSt2qEllLzKXEKJB4XujTihBishbn5z4u7sLJnN_gEH9HMcObupk17pOPdbzrllmBxnSg2ItswWvdWc3GcvyST7sd3c9UAOW9F3vDaJJ8QGWJXggGni5-3P5W0zWbU-x7KDmt8sW_tq8qFVdvn8TursXjq6Wa_urejTWCTKfp4dYEgfGDLpWeGFqSkc7SuT4eD4asLBmp6eqZkQqwzQfy-jEHEfwf5yu-vMu-fB200t6ZrNXKVm4G4Lw7vVttpV_NgwY6BTN9NwMZuTG-6R-jUxrgcvpOm6--Yse_gCyfV17NX8v7BuDZDUPaFzi_B_pkvcb9DXCNQhCoqwQPHELMSHc9bYJmAbDKHiiuqVbuH51B1TqOQ8Pl1MXBbFWUBOyMyn9LUPd9-VpBFksTs6Wh1R4HHQapczbRKdA0d2PJre2SeTML92vcx-xesKReGsgvxDbpJJBWFrFvT-NTkqT_xZVEXTRGJsvoAulWdfKP2c24G_SkhfmMXTzwtAn4eP-UIp7zYeikQlH-nJFQwxwffXHWMuLRluSYbSDIHrl2KV9WbGKaaJwIek0QhxVvWKxOpBdTTJaW5-kdl8tUKDQsY7X3Mue6xDFlQzqD5KeSJM3_fv5Bq3PZLcWwYTUZ9MdFied-Hf8Y4AuTaCjJT6PsjPYl9YHID5ZZQxC2CoYdU0C7lO9rH5zHaEVCR8or2LP3wd9RAjClAK6ZwhWtHT-y-gTmlY5-v_Zs2-eINIUvkbD1IC4N0wmdzUpS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DFB4 1 KB
1 KB 324ms
64ms Script
text/javascript 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=164&ttfrms=36&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauh_5h7363b57fegd7266a54b3bgfh%6062a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauC%3ADF%5DF2Tar9EEADTbpTauTauh_5h7363b57fegd7266a54b3bgfh%6062a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&dfs=354&ddur=194&uid=1670765325500562&jsCallback=dvCallback_1670765325500469&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9928410365207988%26output%3Dhtml%26h%3D90%26slotname%3D8325297138%26adk%3D2872405833%26adf%3D3173046729%26pi%3Dt.ma~as.8325297138%26w%3D970%26format%3D970x90%26url%3Dhttps%253A%252F%252Frisu.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670765323733%26bpp%3D3%26bdt%3D256%26idt%3D286%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26correlator%3D1989283265792%26frm%3D24%26ife%3D3%26pv%3D2%26ga_vid%3D2016473863.1670765324%26ga_sid%3D1670765324%26ga_hid%3D317610721%26ga_fc%3D0%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D970%26ish%3D90%26ifk%3D2794389338%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C44759837%252C31071168%252C44774606%252C44779794%26oid%3D2%26pvsid%3D2776634760549298%26tmod%3D2139808790%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C970%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.1p9emf6005wz%26fsb%3D1%26dtd%3D299&fcifrms=5&brh=2&sdf=2&dvp_epl=408&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=352921205&crt=181152775&btreg=544218866&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=732525587498.1411&dvp_tukv=481358348274.38043&dvp_uuid=2339554782.585025&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1575791954685&jurtd=358274182
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: a8f03c0d0d9236b68454c1d2a751672bbd004d8aeb602bb262bdc98ef0aebe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:28:45 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 12/10/2022 13:28:45

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/config/ Frame B126 924 B
600 B 75ms
75ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/config/config.js?r=0.2075945460545927

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/scripts/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6639d1c970534435c53dfa5574ce9210c23b0e393c91e9d5c2988b11b83ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 572
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 13:28:45 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/ Frame B126 190 B
217 B 57ms
57ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/fonts/ Frame B126 24 KB
24 KB 57ms
57ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H3 200 bedroomViewSea-tier1-874x108.jpg
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/ Frame B126 15 KB
15 KB 60ms
60ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/bedroomViewSea-tier1-874x108.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

602913e9f4a9e9a2debcff78a3d90cdd6d16925585478eb5bc13e1b6e534095b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15353
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/ Frame B126 74 KB
74 KB 66ms
65ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/fonts/ Frame B126 26 KB
26 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/styles/style.min.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/ Frame B126 2 KB
2 KB 58ms
57ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:56 GMT
x-content-type-options: nosniff
age: 185329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 09:59:56 GMT

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame DFB4
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=84b0e005c42a4cfa925b6c74d6c54dd7&dup=&cbust=1670765325836794
https://tpsc-frc.doubleverify.com/event.png?impid=84b0e005c42a4cfa925b6c74d6c54dd7&akipv6=2a01:4a0:2c::7&dup=

0
138 B

180ms
58ms

Image
text/plain

213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=84b0e005c42a4cfa925b6c74d6c54dd7&akipv6=2a01:4a0:2c::7&dup=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670765323733&bpp=3&bdt=256&idt=286&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&correlator=1989283265792&frm=24&ife=3&pv=2&ga_vid=2016473863.1670765324&ga_sid=1670765324&ga_hid=317610721&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=2794389338&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071168%2C44774606%2C44779794&oid=2&pvsid=2776634760549298&tmod=2139808790&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1p9emf6005wz&fsb=1&dtd=299
Protocol: HTTP/1.1
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:27:52 GMT
Cache-Control: max-age=0
Expires: 12/10/2022 13:28:46

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=84b0e005c42a4cfa925b6c74d6c54dd7&akipv6=2a01:4a0:2c::7&dup=
Date: Sun, 11 Dec 2022 13:28:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 866A 0
0 92ms
91ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdmXI37TliC6xLV3xg_79KQ8YKnHCKZNEWn9KD7BL91MgoRb_mKPnjtEtqaHYAe8gdXfthFqOXMGqw3tXBQyrksVC5a9V_jweaZkEuWKAFtYyLPMth7hrrBZ04SNqjRGSjyp0vk_y761MAgfONU18YaQqnBDQR67cbpISaYQEDf_cLcOdJCbTYokGH-0X7UKcLOVOnmlHfiHRJWGR-f3Uai8wITcEv4DkDy_-qVO88sO0iw07kVVQ8lWqK56e9LmXKc5W5x8ONW5zkzGFZG5sErNB-Do_ck-KTW5xeOJAv4Fe7GMVx6MDSq75j5tXJ46EiHs6bnCbKdi8ctEY&sai=AMfl-YSVTSjceon5uneboGWbMBL73KEY3cZZAsf4cMf5ppMP7zOtaKpj18ZxojLyeRLONQHLuD-jpHbZRm494FPwW7KtXqGx5BRjTDwAD0UTWjQvHWoBGcD0CkR0TxTzMU16I1QfqggYSak7F1IQnIrK1_s&sig=Cg0ArKJSzPOZUhskCTYvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 13:28:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 866A 14 KB
11 KB 215ms
105ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33231f54692d09b4ae9052d71c30e4c450b222626cb78728ec2e12af57b57ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11125
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 270ms
163ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f55615354ed167826d079fa804fa5e5d45da4350d3128894afefc6246b34840e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11143
x-xss-protection: 0

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 78ms
78ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:28 GMT
date: Sun, 11 Dec 2022 13:28:46 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 69ms
69ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Sun, 11 Dec 2022 13:28:46 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 2046077270.png
cdn.gravitec.net/images/users/1642479991123869696/ 6 KB
7 KB 263ms
262ms Image
image/png 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1642479991123869696/2046077270.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Sun, 11 Dec 2022 13:28:46 GMT
last-modified: Wed, 03 Jun 2020 11:32:56 GMT
server: nginx
etag: "5ed78a68-198d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6541
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 866A 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 13:28:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 13:28:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2862 13 KB
5 KB 56ms
55ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 12:52:36 GMT
expires: Mon, 11 Dec 2023 12:52:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52E1 783 B
532 B 179ms
64ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

12fbe3faec3b2ab2a6b4d27f01e68ddf2d1fbc16243eb51035eae62b89156434

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rc-0TeNOvrrzgg-L0XNdpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-rc-0TeNOvrrzgg-L0XNdpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:46 GMT
expires: Sun, 11 Dec 2022 13:28:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4C8 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 12:52:36 GMT
expires: Mon, 11 Dec 2023 12:52:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BF9 783 B
535 B 144ms
66ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d337686926ccb7eb83806964e846465868c94619640f2a24d361684cb57ea6b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3wshhYg9mZ540fi5xJYT_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-3wshhYg9mZ540fi5xJYT_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:28:46 GMT
expires: Sun, 11 Dec 2022 13:28:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2862 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame A4C8 36 KB
16 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 52E1 0
0 201ms
200ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=2776634760549298&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BF9 0
0 285ms
285ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=3543218033723578&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A4C8 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tvNSYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2862 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EtWxyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:28:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1464 42 B
64 B 210ms
209ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM8LgbopEFX5vlbn9rQwFbc3x5dE3ebu_nERKYnK3WYfS2RRsRzXcp69QfFve-3Di3LlRBZBRPmRkDroOreFkPWAVmBSu9-OveV5Jgcnv1SZbpWgDZeWDBEyyuNsH3OqJq6g3w08I1y9DY6kUYvEzdyD6lyUI4JU05DfTF-w0eUV90K2N2uRu_u6PFVrF7ihxgr0DLmx7O&sai=AMfl-YRR8nTHDIO3hG9MxxsDoqMfW9V9c6UNsW-EaN6SmijOA6fb-B9rBZS-5tDBg0Jb1CFJBihspQfg8iKEaDk0KnE0jhBwjmW_OldN1g&sig=Cg0ArKJSzJQc0hFbsFwLEAE&cid=CAQSKQDq26N9kiKiQrCfUgtdosy61im3eiJ6wLvkv_gwlaSss9FtI8AKBwqSGAEgEw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2872405833&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670765324744&rpt=1342&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 866A 42 B
64 B 198ms
197ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubWYRrClnx3odLjKELFkGwkao2Ok7hCLBdwYRQUkwpjot3uvqgxp9kzGmwDl9dVSRlAUaE6LsMp2sdIA8SHd3eVUXJHwPVN8Ym7k2Q2utRe861pMLy&sig=Cg0ArKJSzADyjudb6JY8EAE&id=lidar2&mcvt=1011&p=88,240,178,1210&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2389199358&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670765323372&rpt=2719&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 13:28:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 207ms
206ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=3543218033723578&bg=!ra6lrurNAAYgquz3AKo7ACkAdvg8WrtwpdQWHvWHNyBGBx3EJZyLHE_86-zQNoCvFkjogTBxd18TFwIAAABsUgAAAApoAQeZAqNqxiYy_9VT5qnsV8qbsXE99SQZQmZVWXZZSpaEP_0cX0gOw7QXYbgNERlYAo9_2R5NYtVz1vm8-e5kHR9TYMwChaSUYPEXYhAQ8EKif-jn-G-2mCUPgnuGpFIx1aDhr2yYUpAvhGpry42nV22mP5ozdwK8lq36JBnUAdFSYmbZ5UjqDDsG9KxI13ALg-88rc5-7NpMNFBdS2WjAQwCGpN3yFK7COoCmcQJsi0ZTM0KYbaoSqDTEsrsEC5IfXxedU8_YwTtDp3_Ddlb6JYaCmfyaeqUhERB9tanplNZDtCf9Hd-SLogO-ndcCLfrzuDONrR66FUPKUdDIgZ9cSw3eViKjIr9EcpIoKl14RVHTzDc2-yy3g-vGCHoT1j2-_f0BonV0a1HQ3__RsnxxoAL9hO0h-smq1ef-K-eTUCi0QS55IWUQs9Zt8L4u6oBlerx7qfDSAdc1uTM9kvkEOZpK9kDLJkpQQzN2833U_ijTgEq3zeMP3R1oaeUDwFUctGwbN5pbzULed-Y2TzlO27xn5leJpr3uDCGbyS2q0F_o-i-T4tzKdP1YQ1-Mx5X4AHcuXsKQK-jfmosX1GlKqkJMKKAuKHvRZjvJMyRO4kIVCZtnLkxnQbvD3xikKGs52Eky1j8VapgjsMK0nkRMZIcZ-zNJzAtn1KZP7lCBcb4MnWy3XT6TJiQ7zKHInQlq_0pBUFYq_aV4lgfTEpewVaDP99EGbcI-qBxsjbZVcFjfc3fpH_kpq0UCn0nm_qAr5ZOa0mKp22ZKJtoYOYrrvBFucrWoSwOB7ZgbIGgQDb0326Q6KbetoNe0FsUEPfsnefLz_b3rTML983qwKIfYeGylfjHLVUBDcVeaVhYHr_NmYTJb1aVRITnzDo6yNoHlmN7iavTzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 866A 0
0 208ms
207ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=2776634760549298&bg=!CAulC0_NAAYgquz3AKo7ACkAdvg8Wg41qcbv6OpQ3jnt_KgiL1bGpl5jmuI8wCHXhUK3e9d3r43oggIAAACVUgAAAAtoAQeZAvP2ohaDs4V08lGczUXrjPzA6hR4I9mT_SpnmukbEBxXP7EFSMZFxmJRrtmdYlCUNesFWQTnBGiovbV7E2IC6L50M-AeMm64TNfrg5XegCULXWbr42KItdxoX08fdgROBU6oZCS7AS6c0BZNAZbTTOktMdeDxlSxmsid8MUO2q11MlI76Be-dIUeYwbYGBLVAwJQlhCkqLZfsymzQPq--ZvD13bLkymgh6EiycEYSwLgMTc2yqCyfglPZrURmdP8qbDqb3xKHW_JOpn8nTvOvNedaGL8kEDFnvmAMPyEDr8WKP8rZeHHmbF4tSYF5kFr3f9oDu6QvRscawQvfGGVDBnqjx6WC-tq4Xm1j8Ky2-pc61mOWyE7IDG-cmGdnWImRkpHAFBM5ZvzrGpTMusdn43oBLQFF-tdvWXTUcPXm_wTxgA56xoeTIfOtTbRm8Ssv-MYXJZFIzus2ivY-X2MhR6m0CnsntIZmkjamt448VmmMmWt2XNWkMSGIoJo6kvYNT044DKcywcXvXVIHw1M7lOkDSI9fU1evF1o6LNh6Uzxn36I6pr-3spyNguBZfBfD-U1FC4UfHY9gyfuyZPZedY_G1CT9hv77WrsoIZqyxDo56FGuanafkwf8lqEqMeIBUmpvmbyx1iUgGDLApRs5x7x1A9LJMvtcYX_fFeFfdmmeEKaFNKv2lcr5jgacXxXSOyTT-k_gGwcXUyhwd2vYNV3zMSkjVTadctIm_Ja3TLDgr-rRM0AN3hkAOTAsM4vtgAR7ZNARDNRjKS-w0Ac51PS4QIljMRumFjwO4vEyr0Z9zORFtNf_hR3ML8n_224Wj1UofgWW7ZNEXXonqNbfrIImwxmlDdPjFskQldBF1cqiKV7-YTauKe-b8oCcRibS0wCgCeW9fPC51l-qiBENZ-AfWwRt35bgtVHv0Ab1kdYlh64xcl0NXE_Nlo4WkYDqczdfL8p0njQcqvOGhlnlKNsnAfgSg4qsTMIFIeZUmUTbOcoDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/brand.css

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
risu.ua/	1969-12-31 23:59:59	Name: b Value: b
.risu.ua/	1970-01-20 17:42:05	Name: _ga Value: GA1.2.2027066515.1670765323
.risu.ua/	1970-01-20 08:07:31	Name: _gid Value: GA1.2.811482405.1670765323
.risu.ua/	1970-01-20 08:06:05	Name: _gat_gtag_UA_11950234_1 Value: 1
risu.ua/	1970-01-20 17:42:05	Name: GN_USER_ID_KEY Value: dcbe4311-6403-4825-adbc-72666bd82bd1
risu.ua/	1970-01-20 08:06:07	Name: GN_SESSION_ID_KEY Value: a70e046f-7037-4172-ba7c-908e1c711b39
.doubleclick.net/	1970-01-20 17:27:41	Name: IDE Value: AHWqTUkYKzv1TExmx0wb7VU6Vqw4A1OZKjkB71YT0HEtzypdeDYKB6rENEvnoQ3v-wM
.risu.ua/	1970-01-20 17:27:41	Name: __gads Value: ID=a7f1e659555b1fa6-2212e670ded9001b:T=1670765323:RT=1670765323:S=ALNI_MYcfAgo2d6bV2KjxqTz9l9U5L4MWw
.risu.ua/	1970-01-20 17:27:41	Name: __gpi Value: UID=00000b90c976f25a:T=1670765323:RT=1670765323:S=ALNI_MYE3qUG8u4Rs_iLBMLBTmjQYvAjYQ
.doubleclick.net/	1970-01-20 08:06:06	Name: test_cookie Value: CheckForPermission
risu.ua/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Frisu.ua%2F%22%2C%22svsds%22%3A1%7D%2C%22C1319990%22%3A%7B%22page%22%3A1%2C%22time%22%3A1670765324252%7D%7D
risu.ua/	1970-01-20 08:49:17	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sitescout.com/	1970-01-20 16:51:41	Name: ssi Value: 43f5134d-f585-4895-b519-10058e4d9e06#1670765325266
.adnxs.com/	1970-01-20 10:15:41	Name: uuid2 Value: 7682561427064869512
.yahoo.com/	1970-01-20 16:52:02	Name: A3 Value: d=AQABBA3blWMCEOxuHbIpLaz3bbS2EQZEw2QFEgEBAQEsl2OfYwAAAAAA_eMAAA&S=AQAAAopwz5Vflrrw3w_Kh3v5hSY
.adform.net/	1970-01-20 08:50:43	Name: C Value: 1
.sitescout.com/	1970-01-20 08:49:17	Name: _ssuma Value: e30
.analytics.yahoo.com/	1970-01-20 16:51:41	Name: IDSYNC Value: 18yx~28sd
.adform.net/	1970-01-20 09:31:50	Name: uid Value: 4622723162133544506
.lijit.com/	1970-01-20 16:51:41	Name: ljt_reader Value: FzGICGZH6HM0W3RUTHaLBOZA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921205;a.a=544218866;cache=2002595867; Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/index.html Message: Refused to apply style from 'https://s0.2mdn.net/sadbundle/6548811424681063278/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_c3y8z_/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

90d9fbeb3df7685faee2dc3b38791ea2.safeframe.googlesyndication.com
ad.atdmt.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.gravitec.media
autocounter.idealmedia.io
c.bigmir.net
c.idealmedia.io
c1.adform.net
cdn.doubleverify.com
cdn.gravitec.media
cdn.gravitec.net
cl.imghosts.com
cm.g.doubleclick.net
cm.idealmedia.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
jsc.idealmedia.io
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
risu.ua
rtb.openx.net
s-img.idealmedia.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.idealmedia.io
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
s0.2mdn.net
142.250.181.226
142.250.186.34
185.89.210.101
193.239.68.97
2.18.233.180
209.191.163.208
213.254.244.110
2606:4700:4400::6812:2bc0
2606:4700::6810:c749
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a02:26f0:6c00::210:ba11
2a03:2880:f045:f:face:b00c:0:8c
2a06:98c1:3120::3
2a06:98c1:3121::3
3.126.56.137
35.186.253.211
35.214.184.209
37.157.6.246
45.133.44.3
45.133.44.4
52.223.40.198
98.98.134.242
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19
077a2c69460d193c9f06c31ba0ffe80c5e0287d74eb3adc1a4139f8b88d99980
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fbe3faec3b2ab2a6b4d27f01e68ddf2d1fbc16243eb51035eae62b89156434
13fcd8cea60e94facf630c9df9f99bc199c9ae8a51a93fabd3e1c750c55b4d41
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3
161ba823ff6b6192f510ac88fb558941d2f635cb1c2ab4edc38f78014f487b05
16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1ff1d840aceaddd10edec4e79086dd35844068b120f4fa68200c65c41336e614
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2585ad9ffc5d3fd7b78859fa2b463298551b97a9e11aca772435aceab42da7f3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26fba78610db0e30fd86dfb8bf9bc0f5f2b23a2eacb775584342a1cead1107c9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2e94044ade7aa19a5817eb392a56ee57ef428b8f9cd4eac23170f9bf9202b427
30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32fdab92259456091f98c69ad4a0cbc4a601e3485ea60d84cb87a81a234824d4
33231f54692d09b4ae9052d71c30e4c450b222626cb78728ec2e12af57b57ebb
33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3450919e1fe5ba9a019cc925b88396c853a4370bc07261933c792e1514135ffd
37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594
37d56c3df75ebee23cca9b8070e9432451fd370aa1e409247f88c47b8a4cda09
3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
42957d72dcacd73fbfb997f687313f2e4e1837635c6174d50f187e68bc5b297f
43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4
45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455
4ca37aa2c5511db7747f57cdbdbfc96022d2054698ca3e11e02a2e69ff26d2ac
4cea94c5948ba197dbbcce6f8397980eefe2434a12e65b7163d3e7b27f4249d8
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d
5037c31bd9323abc92c002d0d8473a10538e21c7f6c77588a55ca7f34931f7f5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
5d2d03a1dc79014bee40eaa3ae9e3e2de7f9f528bc6210a4f3b54ce64609a3c4
602913e9f4a9e9a2debcff78a3d90cdd6d16925585478eb5bc13e1b6e534095b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b66c27aa026932a6defa09a9b20fbcba580b524076e89c8d94c57c4a80e331
698ccb0f6c16da62bef9143d6b047b7a9eb173e9fd7c141ccaa8f7867f4cab87
6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e232ec73b57ae121611a53388b54b85b5f44b1570359abdd812a618bb14eeeb
6e26064852e5376eb1f9baf2574963734e5612a15059d1e71efe2de4c769527e
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
707b669ef9e8237d810644dde0abadc0c04f1164a5319191d334c18bb3497ef3
70aa59ce2ab008d137cd8b2b02422a853603d8d42f6a36508b6305cdeb1b9f53
731e0e8108713b6b324f2b00b7750bcbca940ceb97beab1f1351c08f8942c9f5
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
802661230fc8987a3d447a034ede86040a06c9144963971695a7836001505012
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8bf4b5cf3fe62ddfeadc468c664d7e143e3edd5c3542a5e284a2373d9fc10e35
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd50510bd8e9cc6751f2e2404f6aaf786b70fffe0dd2efc6e0357aab1fbb501
8fbc2550fce755a6344ad55c43d188d006e0126b4018b9362309db0d17128373
9047ab649135eb522cbf5988742b96d79257149074b5c423059ca9ed874170c5
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf2b6ea7d4db625060f674e672638a829034bea602f7b210c15fd1c99b9c959
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a006fd33e5ab16037ec4989c766ee05f8a96ab48baa41a295c9247c1f2e965a9
a1627698bbe122feb044ccb8a8c288c6b88e7f2cf12f6dca15848a94a00f8c98
a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1
a6639d1c970534435c53dfa5574ce9210c23b0e393c91e9d5c2988b11b83ff02
a8f03c0d0d9236b68454c1d2a751672bbd004d8aeb602bb262bdc98ef0aebe7f
ac67aa8a64cab4a30b27db992c7a10e38c579b0f7ede98298a3334daa31de4d0
aeb1218472074b188371ea21f75661df7668cd8750993712f76436eca2acc88d
af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8eb92bf3059843afea5bde2ed213572f360e0522a73de706b6fff3ff849add8
bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c27ad84eed5cd9a63c28d5eecfeb30b4b690901c03e09d51532e994e8d277796
c29dd2203fda3ba059c894f687d61fc472d6f02a3f5dead82569e38fa92094f3
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16
ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f
d337686926ccb7eb83806964e846465868c94619640f2a24d361684cb57ea6b8
d622c7d6e89e86b3ac4ff1c052516e29f81e3d2a48c6eb98611784b564ca185d
dc19e3507f31173b5df84b7bfd3880b06c5e91e2afed7dd347bec9a3d86ca02f
ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506
de104c12cbb6a8afbb5048550de855e301f793c3bf1c66ddc1695dd308f019ff
e311b89c9695c9d3df8b4fa308cd2134d320a494f08a168f6f17b4799f5fa28d
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
ea0cf3c87ccfaeeabb8c8c10fecae42df819b4ce7eea908edf52814971315f80
ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f167495e072d2350876fb0dd4f61bed1d43362543f51ddf4d23ef01fb8d946aa
f203ed6188a574fed7b6863cdbf06d20d8f53af9975dbd38e28168f156220057
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944
f2aa9134c41b283e3065021eb2b1d2f5be6adb701d1dde7151bc081f6c403694
f55615354ed167826d079fa804fa5e5d45da4350d3128894afefc6246b34840e
f8c27a9447e3f0f94513662e6d4fbdab829bf4a229aa358de43141fd4e55fcda
fbbd72879e92234f35a666c45b3642f1ca5ab277ca88c4ec3ff40720413f4fc8

risu.ua Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

94 %HTTPS

55 %IPv6

25 Domains

39 Subdomains

28 IPs

5 Countries

4150 kBTransfer

7657 kBSize

20 Cookies

4 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

risu.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

94 %
HTTPS

55 %
IPv6

25
Domains

39
Subdomains

28
IPs

5
Countries

4150 kB
Transfer

7657 kB
Size

20
Cookies

157 HTTP transactions
3 data transactions