Submitted URL: http://cutt.us/3xzDU
Effective URL: https://www.rwifd.com/4265.html
Submission: On February 02 via manual from SA

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 100 HTTP transactions. The main IP is 70.39.103.42, located in Las Vegas, United States and belongs to ST-BGP, US. The main domain is www.rwifd.com.
TLS certificate: Issued by R3 on January 7th 2021. Valid for: 3 months.
This is the only time www.rwifd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
59 www.rwifd.com cutt.us
www.rwifd.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.rwifd.com
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
3 secure.gravatar.com www.rwifd.com
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagservices.com cutt.us
pagead2.googlesyndication.com
2 cutt.us 1 redirects
1 cdn.ampproject.org pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com www.rwifd.com
1 9c1c2ceddee84ef1c93f7c7d349867f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
100 17
Subject Issuer Validity Valid
www.cutt.us
R3
2021-02-01 -
2021-05-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
rwifd.com
R3
2021-01-07 -
2021-04-07
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
misc-sni.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.rwifd.com/4265.html
Frame ID: 7F187C1800E982A50B03C798B14074F3
Requests: 91 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 91499E767669BC773E97B52E2A5CBCDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: B2A1A8EB13B4527EF157AB6DCA817C71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=280&slotname=2901211535&adk=3130185684&adf=2036783278&pi=t.ma~as.2901211535&w=728&fwrn=4&fwrnh=100&lmt=1612241526&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1612241526798&bpp=11&bdt=1155&idt=78&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4937695683000&frm=20&pv=2&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hVDwBa92W5&p=https%3A//www.rwifd.com&dtd=93
Frame ID: 13D9219707211D181C32067C279CF62D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&slotname=8815226653&adk=70954630&adf=2570868839&pi=t.ma~as.8815226653&w=300&lmt=1612241526&psa=0&format=300x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526810&bpp=2&bdt=1166&idt=87&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=307&ady=1034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i9BUSEGTn3&p=https%3A//www.rwifd.com&dtd=93
Frame ID: 9DC63077B4FDA901DF65C67E4C6CCFBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=90&slotname=2901211535&adk=3289893036&adf=1766646955&pi=t.ma~as.2901211535&w=728&lmt=1612241526&psa=0&format=728x90&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526816&bpp=1&bdt=1172&idt=89&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x250&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QnVnsCE6ds&p=https%3A//www.rwifd.com&dtd=92
Frame ID: 65754117A68F44E165B1EE63C4422878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&adk=3046330955&adf=2044148826&lmt=1612241526&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1612241526985&bpp=1&bdt=1341&idt=1&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 0052CDE6F23CF5D7E7D158FE3BFF4782
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&adk=1919597479&adf=3556383689&pi=t.aa~a.1463474601~rp.1&w=310&fwrn=4&fwrnh=100&lmt=1612241527&rafmt=1&to=qs&pwprc=4672998251&psa=1&format=310x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612241527436&bpp=3&bdt=1793&idt=3&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90%2C0x0&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=1818&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&psts=AGkb-H82r2fwIfzeSgHilrm2TjIodTDERbjI55JUgpmn-hxRJNt66UAf0OICzFqqIvLIP_e6SCN_34EaXQ4&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7R324NdE6D&p=https%3A//www.rwifd.com&dtd=19
Frame ID: BAD3443454C34F84CBBF3E7422981E10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
Frame ID: 9B48281F900FBC774E4452E74D1EBD42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C0DB4DEF59E8323EF58FC0110910D64D
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://cutt.us/3xzDU HTTP 301
    https://cutt.us/3xzDU Page URL
  2. https://www.rwifd.com/4265.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

100
Requests

100 %
HTTPS

75 %
IPv6

14
Domains

17
Subdomains

12
IPs

3
Countries

1645 kB
Transfer

2325 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cutt.us/3xzDU HTTP 301
    https://cutt.us/3xzDU Page URL
  2. https://www.rwifd.com/4265.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cutt.us/3xzDU HTTP 301
  • https://cutt.us/3xzDU

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
3xzDU
cutt.us/
Redirect Chain
  • http://cutt.us/3xzDU
  • https://cutt.us/3xzDU
3 KB
2 KB
Document
General
Full URL
https://cutt.us/3xzDU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.121 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
429949e12c5c9e68ada7d205820392bbbf684476a34ec7ed4232fa7e16c5f890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
cutt.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Hotcores.com
Date
Tue, 02 Feb 2021 04:52:04 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Alpha
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip

Redirect headers

Server
Hotcores.com
Date
Tue, 02 Feb 2021 04:52:03 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://cutt.us/3xzDU
gpt.js
www.googletagservices.com/tag/js/
56 KB
19 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/3xzDU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f611e344fd9391c5b08ae4bbe8a86add4f436a78a53a052283526dba683d8c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"771 / 472 of 1000 / last-modified: 1612220970"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
19146
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:04 GMT
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/3xzDU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b59f4b6ac09a7f96ff94a22e2abda0f3b59522c1c7f533a6372e56b814593f7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38873
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Feb 2021 04:52:04 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5881
date
Tue, 02 Feb 2021 03:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 02 Feb 2021 05:14:03 GMT
collect
www.google-analytics.com/j/
1 B
381 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=573604291&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2F3xzDU&ul=en-us&de=UTF-8&dt=3xzDU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1107483625&gjid=406441456&cid=1498827905.1612241525&tid=UA-31510493-1&_gid=451477469.1612241525&_r=1&gtm=2ou1k0&z=1153687389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 04:52:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021012801.js
securepubads.g.doubleclick.net/gpt/
275 KB
97 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 09:41:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99311
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:04 GMT
integrator.js
adservice.google.de/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
803 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
437 B
927 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2778633711750619&correlator=3919453514821967&output=ldjh&impl=fif&eid=21068773%2C21068891%2C21069917&vrg=2021012801&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210202&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1612241524&dt=1612241524682&dlt=1612241524481&idt=185&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1933368604&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2F3xzDU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=1498827905.1612241525&ga_sid=1612241525&ga_hid=573604291&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9c1c2ceddee84ef1c93f7c7d349867f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://9c1c2ceddee84ef1c93f7c7d349867f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Primary Request 4265.html
www.rwifd.com/
112 KB
112 KB
Document
General
Full URL
https://www.rwifd.com/4265.html
Requested by
Host: cutt.us
URL: https://cutt.us/3xzDU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
c6675df69c81ef7faf4b1579d6e9a45c109cf17da12501f505abcbb05e3e6eef

Request headers

Host
www.rwifd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://cutt.us/3xzDU
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cutt.us/3xzDU

Response headers

Date
Tue, 02 Feb 2021 04:56:05 GMT
Server
Apache
X-Pingback
https://www.rwifd.com/xmlrpc.php
Link
<https://www.rwifd.com/wp-json/>; rel="https://api.w.org/", <https://www.rwifd.com/wp-json/wp/v2/posts/4265>; rel="alternate"; type="application/json", <https://www.rwifd.com/?p=4265>; rel=shortlink
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021012801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6751
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9149
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cutt.us/3xzDU
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cutt.us/3xzDU

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Feb 2021 02:20:20 GMT
expires
Wed, 02 Feb 2022 02:20:20 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9104
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021012801&jk=2778633711750619&bg=!8fKl8rHNAAVwd1e1cDsAKQB2-Dxan_86aj1NcqNejLI0CRGbQ_wjuVIN350aWZLFZgMWdUybnO57AgAAAD5SAAAADGgBBwoA9G6tEVCKaWvH6UU5_ntVotRpWzty7GJydqc_qLcs9trhzaWPD2nnYmLGiUCbE_sTx5mD6bHv7C-d5AMD6uxa8LxlqXVgAFa3HnQBGG51ZznGXPgFn2rTXQdHd22z7vf-sg-K4EH2IKzM3KHQmJqVnYNre4fahh82RBxRPkq7uJZ5uwMcfZxKrsgbdKBMv3L3INaVYnfRshnvPQ2jaG65N_BM548n-sMlWEpVGskOjPQNzrGmbyONwYPslIPYPUswJVwihMDl8LZGWrmvxZmLbis8KqACEL4eon0Jp8IQOYDy1V7r6uAQ52sccVJlwGfRnmeWiPGZAdE-ttLKfgddWt8tFGNcCzsYHlrUCfVlN_gjfSWZCNOyB6FY2ELLJsHUXJqEEcdgySBA8e9P0Tb-9I_ccu3Kde-JVnvxc1aVCcRml-cXVLLPXXRH4hFZX_lGiFKp42Eq0P-WK4ZN2QC5PsNm8KLAMFMeAmeYSHl6RuAZ-97rI_myuIrRihUG3OwZ4nklFKPJihWFqsQnambfuXUkwHd1ZO2QQOurHur9fCcnoucyeOcpX0M67Q-PEW3y60fCa33SsQg9-l8qvbzCV18AU565KVUK-dzDmzUTo_-PL47ZmE1tRLTeeT3nqACoVxbhNmrsF0jjnfv_dU7PBOcerEc1Ug8KbhLSdtE-UTTfcOtn2Ujo2pGqh-JWVgeMgLT9QCXerfi9BGG45C1RnTaYe0ZoEDxM378AK_M8_nbVMvtkmgxa7UT6kwYFGiQZSLtT-fKDw-SI3VZ0KZK_9owPzUOG4BVJuuJSsC1xFmbiz8ngVVEOess2MDnd3q7kFGXaJ_w6En_c303oafx8QFYSxmyklS8pH2A5UxRcQkE6PFsiHQ3yQVXc3DwbUyzGYENNq4ODhaMVKivaKan-_3dpUM802SFULN4fDYHBVYe35xZbVf7R2qk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/3xzDU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 04:52:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style-rtl.min.css
www.rwifd.com/wp-includes/css/dist/block-library/
50 KB
50 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-includes/css/dist/block-library/style-rtl.min.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
3eebbbecde6d4500a3d1ce6eb76c79a99989d7a1d8784f8dd803fc6023ce6008

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Mon, 28 Dec 2020 08:03:27 GMT
Server
Apache
ETag
"c838-5b781b57c7825"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
51256
style.css
www.rwifd.com/wp-content/plugins/taqyeem-buttons/assets/
4 KB
4 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sun, 01 Nov 2020 16:49:12 GMT
Server
Apache
ETag
"102e-5b30e68c1d200"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4142
style.css
www.rwifd.com/wp-content/plugins/taqyeem/
7 KB
7 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-content/plugins/taqyeem/style.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sun, 01 Nov 2020 16:49:12 GMT
Server
Apache
ETag
"1afb-5b30e68c1d200"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6907
style.css
www.rwifd.com/wp-content/themes/news/
196 KB
197 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-content/themes/news/style.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
892d654ba2c2b765bf6d6c1ff63cd6718d11fa61f638902fb80e8f30cb9dee82

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Wed, 06 Jan 2021 21:45:34 GMT
Server
Apache
ETag
"31137-5b8423e2fafea"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
201015
skin.css
www.rwifd.com/wp-content/themes/news/css/ilightbox/dark-skin/
7 KB
7 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-content/themes/news/css/ilightbox/dark-skin/skin.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Tue, 15 Oct 2013 12:21:08 GMT
Server
Apache
ETag
"1c79-4e8c69e8c3500"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7289
droidarabicnaskh
fonts.googleapis.com/earlyaccess/
1 KB
404 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:05 GMT
jquery.min.js
www.rwifd.com/wp-includes/js/jquery/
87 KB
88 KB
Script
General
Full URL
https://www.rwifd.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Mon, 28 Dec 2020 08:03:26 GMT
Server
Apache
ETag
"15d98-5b781b57ace5d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89496
jquery-migrate.min.js
www.rwifd.com/wp-includes/js/jquery/
11 KB
11 KB
Script
General
Full URL
https://www.rwifd.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Mon, 28 Dec 2020 08:03:26 GMT
Server
Apache
ETag
"2bd8-5b781b57ad245"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11224
tie.js
www.rwifd.com/wp-content/plugins/taqyeem/js/
3 KB
3 KB
Script
General
Full URL
https://www.rwifd.com/wp-content/plugins/taqyeem/js/tie.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sun, 01 Nov 2020 16:49:12 GMT
Server
Apache
ETag
"a3e-5b30e68c1d200"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2622
rtl.css
www.rwifd.com/wp-content/themes/news/
16 KB
17 KB
Stylesheet
General
Full URL
https://www.rwifd.com/wp-content/themes/news/rtl.css
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
cfb8f0c7592be3e07e5ae607e3452d61bcc52cb59bb1639929d28fae4d4fd22c

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Wed, 22 Jan 2020 10:32:21 GMT
Server
Apache
ETag
"411d-59cb80a1ad740"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16669
wp-emoji-release.min.js
www.rwifd.com/wp-includes/js/
14 KB
14 KB
Script
General
Full URL
https://www.rwifd.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Mon, 28 Dec 2020 08:03:26 GMT
Server
Apache
ETag
"37a6-5b781b57abebd"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14246
logo.png
www.rwifd.com/wp-content/themes/news/images/
8 KB
8 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/themes/news/images/logo.png
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
5ba3fb96600881d582afe4c06fcffed6a02353c374e4bffcb0fea92e748767d4

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Wed, 04 Nov 2020 21:04:09 GMT
Server
Apache
ETag
"1e19-5b34e520da440"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7705
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47560
x-xss-protection
0
server
cafe
etag
13820021645336652624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Feb 2021 04:52:06 GMT
99D82693-1184-4C74-B4F9-F299E013C319-220x165.jpeg
www.rwifd.com/wp-content/uploads/2021/02/
10 KB
10 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/02/99D82693-1184-4C74-B4F9-F299E013C319-220x165.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
dc666e1603b27c99a0882a0f0c981e767fd766d3c79d8af4ed39e8adc73ddbf0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Mon, 01 Feb 2021 12:53:44 GMT
Server
Apache
ETag
"2610-5ba45d810c45c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
9744
1257554_0-247x165.jpg
www.rwifd.com/wp-content/uploads/2021/01/
6 KB
7 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/1257554_0-247x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
80de1873ef984f5e29ac02635ef595a687a46cd04636bf1b585259890f71d925

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 31 Jan 2021 05:12:26 GMT
Server
Apache
ETag
"18fa-5ba2b487cf1d8"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
6394
144306227_2809943465942333_2911880439014156515_n-124x165.jpg
www.rwifd.com/wp-content/uploads/2021/01/
6 KB
6 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/144306227_2809943465942333_2911880439014156515_n-124x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
a6714ec405abb11db8700abbdd8a08a7ae7a54489edd6b6a53ac41b5624397f5

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Fri, 29 Jan 2021 22:31:40 GMT
Server
Apache
ETag
"17fc-5ba11916d80ab"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
6140
143489766_2564600733840467_4247161915029737280_o-115x165.jpg
www.rwifd.com/wp-content/uploads/2021/01/
4 KB
5 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/143489766_2564600733840467_4247161915029737280_o-115x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
aded540e89c00c8511f256e5773a4005c562965c1588b6fd4d8a176cba809637

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Fri, 29 Jan 2021 14:49:34 GMT
Server
Apache
ETag
"116f-5ba0b1cd35153"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4463
%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4-310x165.jpg
www.rwifd.com/wp-content/uploads/2020/11/
15 KB
16 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4%D8%B4-310x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
1305ccecb5629d6a521443cb99e8c9d22f40459a33da5cc3a93ee6440a830622

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sat, 28 Nov 2020 21:21:55 GMT
Server
Apache
ETag
"3d8b-5b5315dcff53f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
15755
5f9dc9b34c59b7774f1058e2-310x165.jpg
www.rwifd.com/wp-content/uploads/2020/11/
6 KB
6 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/5f9dc9b34c59b7774f1058e2-310x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
0707759bf511c4d63d64bbdf3b630b0e270ba46c6a57ddbb4618958a55022292

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Mon, 02 Nov 2020 23:00:22 GMT
Server
Apache
ETag
"17ba-5b327b5fe6d80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
6074
NmnKzKIyQsyGIkFjiNsb_20140717_212636-3-2-310x165.jpg
www.rwifd.com/wp-content/uploads/2015/01/
14 KB
14 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2015/01/NmnKzKIyQsyGIkFjiNsb_20140717_212636-3-2-310x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
997fdd01d6ba472ecb53c5301ff0a03464a01784dff0f3a561cf4fcbebb9f52f

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 01 Nov 2020 19:30:26 GMT
Server
Apache
ETag
"37f8-5b310a95f5880"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
14328
mike-tyson-310x165.jpg
www.rwifd.com/wp-content/uploads/2015/01/
9 KB
9 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2015/01/mike-tyson-310x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
66609ee81449198de00ee8c6342bae992d9b18bdbb0ab034acdb996e329524db

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Tue, 03 Nov 2020 01:28:29 GMT
Server
Apache
ETag
"2342-5b329c7b34940"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
9026
81309190_2295446220755921_7038396124679372800_n-495x330.jpg
www.rwifd.com/wp-content/uploads/2021/02/
42 KB
42 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/02/81309190_2295446220755921_7038396124679372800_n-495x330.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
a2e795ba1b11236bdfc60463baf58fcfca16eb1a2b2bf332078e751b39234e21

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Mon, 01 Feb 2021 22:10:28 GMT
Server
Apache
ETag
"a699-5ba4d9f27c6ca"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
42649
145104587_248341750121760_6593772324763853540_o-110x67.jpg
www.rwifd.com/wp-content/uploads/2021/01/
27 KB
27 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/145104587_248341750121760_6593772324763853540_o-110x67.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
84efdc8c71deb7cfba25c448c213757306ab645562b5e1d6d88a23ab62d0b5cf

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 31 Jan 2021 13:52:11 GMT
Server
Apache
ETag
"6bd2-5ba328b46df1f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
27602
144960800_248380976784504_1195046114503723668_o-75x75.jpg
www.rwifd.com/wp-content/uploads/2021/01/
1 KB
2 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/144960800_248380976784504_1195046114503723668_o-75x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
5819eb587431d677091509059cc33a1f0bd35e6bf44a339583f29797afc87b24

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 31 Jan 2021 13:46:44 GMT
Server
Apache
ETag
"55e-5ba3277c3d871"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1374
%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3-105x75.jpg
www.rwifd.com/wp-content/uploads/2021/01/
10 KB
10 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3%D8%B3-105x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
e42287dbc6fac52af77e62d4b79dda9edf3886f0e2a96fa7812348a744d55750

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sat, 30 Jan 2021 15:11:36 GMT
Server
Apache
ETag
"2791-5ba1f8974fe93"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
10129
tie-scripts.js
www.rwifd.com/wp-content/themes/news/js/
72 KB
73 KB
Script
General
Full URL
https://www.rwifd.com/wp-content/themes/news/js/tie-scripts.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Wed, 22 Jan 2020 10:34:05 GMT
Server
Apache
ETag
"12161-59cb8104dc140"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
74081
ilightbox.packed.js
www.rwifd.com/wp-content/themes/news/js/
78 KB
78 KB
Script
General
Full URL
https://www.rwifd.com/wp-content/themes/news/js/ilightbox.packed.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Wed, 22 Jan 2020 11:03:01 GMT
Server
Apache
ETag
"137ad-59cb877c70340"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
79789
comment-reply.min.js
www.rwifd.com/wp-includes/js/
3 KB
3 KB
Script
General
Full URL
https://www.rwifd.com/wp-includes/js/comment-reply.min.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sun, 18 Oct 2020 17:11:06 GMT
Server
Apache
ETag
"bdb-5b1f5154c9e80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3035
wp-embed.min.js
www.rwifd.com/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
https://www.rwifd.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sat, 26 Oct 2019 00:17:07 GMT
Server
Apache
ETag
"59a-595c52fd2e6c0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1434
search.js
www.rwifd.com/wp-content/themes/news/js/
15 KB
15 KB
Script
General
Full URL
https://www.rwifd.com/wp-content/themes/news/js/search.js
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sat, 10 Jan 2015 17:13:04 GMT
Server
Apache
ETag
"3aa2-50c4f62daa800"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
15010
body-bg7.png
www.rwifd.com/wp-content/themes/news/images/patterns/
21 KB
21 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/themes/news/images/patterns/body-bg7.png
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 25 Jan 2015 19:28:34 GMT
Server
Apache
ETag
"529a-50d7f070f3c80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
21146
fontawesome-webfont.woff2
www.rwifd.com/wp-content/themes/news/fonts/fontawesome/
70 KB
70 KB
Font
General
Full URL
https://www.rwifd.com/wp-content/themes/news/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/wp-content/themes/news/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://www.rwifd.com
Referer
https://www.rwifd.com/wp-content/themes/news/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Fri, 13 May 2016 08:44:26 GMT
Server
Apache
ETag
"118d8-532b5483d4e80"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
71896
DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/
40 KB
40 KB
Font
General
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.rwifd.com
Referer
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 09:19:57 GMT
x-content-type-options
nosniff
age
415929
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41252
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jan 2022 09:19:57 GMT
DroidNaskh-Regular.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.rwifd.com
Referer
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 13:13:17 GMT
x-content-type-options
nosniff
age
142729
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39220
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 Jan 2022 13:13:17 GMT
home.png
www.rwifd.com/wp-content/themes/news/images/
1022 B
1 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/themes/news/images/home.png
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/wp-content/themes/news/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

Referer
https://www.rwifd.com/wp-content/themes/news/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sat, 31 Jan 2015 13:15:38 GMT
Server
Apache
ETag
"3fe-50df28464d280"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1022
BebasNeue-webfont.woff
www.rwifd.com/wp-content/themes/news/fonts/BebasNeue/
20 KB
20 KB
Font
General
Full URL
https://www.rwifd.com/wp-content/themes/news/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/wp-content/themes/news/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Origin
https://www.rwifd.com
Referer
https://www.rwifd.com/wp-content/themes/news/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Sat, 14 Feb 2015 20:13:40 GMT
Server
Apache
ETag
"4e1c-50f11fd2d0500"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
19996
stripe.png
www.rwifd.com/wp-content/themes/news/images/
93 B
359 B
Image
General
Full URL
https://www.rwifd.com/wp-content/themes/news/images/stripe.png
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/wp-content/themes/news/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Referer
https://www.rwifd.com/wp-content/themes/news/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sat, 08 Sep 2012 12:24:44 GMT
Server
Apache
ETag
"5d-4c92fcf375b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
93
e953a725-3dfb-4aba-94f7-3f56a9a7ac2c.jpg
www.rwifd.com/wp-content/uploads/2020/12/
31 KB
31 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/e953a725-3dfb-4aba-94f7-3f56a9a7ac2c.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
0478b60f6c85691a6c5883a2f503266404f5692c05b5df70ab5104f1c84bd94a

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Tue, 01 Dec 2020 13:52:49 GMT
Server
Apache
ETag
"7ba1-5b567713ff90d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
31649
IMG-20210131-WA0053-118x165.jpg
www.rwifd.com/wp-content/uploads/2021/01/
6 KB
7 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/IMG-20210131-WA0053-118x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
dee6cf9f24a1e3aad2990a0b4fdd7c2f2d4e204d02b9b3442dcd7358eab785ae

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 31 Jan 2021 09:28:03 GMT
Server
Apache
ETag
"190c-5ba2edab2039c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6412
F72BDCC8-7A6B-45AB-AFE8-0CD4606FCC85-93x165.jpeg
www.rwifd.com/wp-content/uploads/2021/01/
14 KB
14 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/F72BDCC8-7A6B-45AB-AFE8-0CD4606FCC85-93x165.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
9144715ff72640ad45c06cdd6ecd0ae4c2844dbdeff7a909895e6ea39b634ac9

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Thu, 28 Jan 2021 15:33:40 GMT
Server
Apache
ETag
"3813-5b9f79cb15ce1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
14355
WhatsApp-Image-2021-01-27-at-11.22.54-AM-93x165.jpeg
www.rwifd.com/wp-content/uploads/2021/01/
4 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-27-at-11.22.54-AM-93x165.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
448889e6c27b954d771a009ea87d6f76e01530f4bdcba580b4f065c42b61afb6

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Wed, 27 Jan 2021 11:56:18 GMT
Server
Apache
ETag
"fcf-5b9e07577c3e2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
4047
0adad4848401ae69b5a5fb79b4060f96
secure.gravatar.com/avatar/
1 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/0adad4848401ae69b5a5fb79b4060f96?s=90&d=mm&r=g
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b981d44ff98b035e69858fe577e35eaf8d87c31bceec21e557c05b64b324f79

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 02 Feb 2021 04:52:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="0adad4848401ae69b5a5fb79b4060f96.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/0adad4848401ae69b5a5fb79b4060f96?s=90&d=mm&r=g>; rel="canonical"
content-length
1486
expires
Tue, 02 Feb 2021 04:57:06 GMT
IMG-20210127-WA0001-93x165.jpg
www.rwifd.com/wp-content/uploads/2021/01/
4 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/IMG-20210127-WA0001-93x165.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
e0fa56bd1e11c756583875191a49a39b8925b63d2b5e24b013f92787c7d2abf4

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Wed, 27 Jan 2021 04:25:16 GMT
Server
Apache
ETag
"f61-5b9da287c1d0e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3937
9db312a9-1341-4d5a-8349-7f0f51465750-110x75.jpg
www.rwifd.com/wp-content/uploads/2015/01/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2015/01/9db312a9-1341-4d5a-8349-7f0f51465750-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
e8118f737dcaa4956558aaac41ef076ee29a0878410875b1100ddb3c4b8df788

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Mon, 02 Nov 2020 23:14:06 GMT
Server
Apache
ETag
"b71-5b327e71bab80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2929
NmnKzKIyQsyGIkFjiNsb_20140717_212636-3-2-110x75.jpg
www.rwifd.com/wp-content/uploads/2015/01/
3 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2015/01/NmnKzKIyQsyGIkFjiNsb_20140717_212636-3-2-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
66e1dcb47ed8dd6438806b6222bc74aa5d9c81f291e24ce2f0710c67b30cb3f5

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 01 Nov 2020 19:30:26 GMT
Server
Apache
ETag
"d7f-5b310a95f5880"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3455
mike-tyson-110x75.jpg
www.rwifd.com/wp-content/uploads/2015/01/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2015/01/mike-tyson-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
5d76d52176d39937d5ac59af14180254facde9ecc62da933c4abb0da9231b37b

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Tue, 03 Nov 2020 01:28:29 GMT
Server
Apache
ETag
"b82-5b329c7b34940"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2946
WhatsApp-Image-2020-11-11-at-5.03.38-PM-110x75.jpeg
www.rwifd.com/wp-content/uploads/2020/11/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/WhatsApp-Image-2020-11-11-at-5.03.38-PM-110x75.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
3352da8c50ed9ae58fccc4623e9fa9ea6479f731580da3063a6ddc30703912c0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Thu, 12 Nov 2020 06:25:46 GMT
Server
Apache
ETag
"a91-5b3e2fb7513a6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2705
128664885_10164703383125158_7748796445331029082_o-110x75.jpg
www.rwifd.com/wp-content/uploads/2020/11/
4 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/128664885_10164703383125158_7748796445331029082_o-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
7e6f9169b8a6626e46b5df0bea265383157ef32aa2fafd136c6cbb5b383133fb

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Mon, 30 Nov 2020 20:39:57 GMT
Server
Apache
ETag
"e34-5b5590363b8ee"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3636
fontello.woff
www.rwifd.com/wp-content/themes/news/fonts/tiefont/
6 KB
6 KB
Font
General
Full URL
https://www.rwifd.com/wp-content/themes/news/fonts/tiefont/fontello.woff
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/wp-content/themes/news/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505

Request headers

Origin
https://www.rwifd.com
Referer
https://www.rwifd.com/wp-content/themes/news/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:06 GMT
Last-Modified
Thu, 13 Nov 2014 23:27:24 GMT
Server
Apache
ETag
"18bc-507c5dac74f00"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6332
8aa03d20-ba74-46f2-96ee-4b5b7f7d9385-110x75.jpg
www.rwifd.com/wp-content/uploads/2020/12/
3 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/8aa03d20-ba74-46f2-96ee-4b5b7f7d9385-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
526a3cef21d737d7cfce110abc9162beef90b121743bd380fb77b5bfa962b854

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sat, 12 Dec 2020 20:34:19 GMT
Server
Apache
ETag
"d43-5b64a555bc2dc"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3395
9a5027f8-1538-46df-bd18-fdd52647e355-110x75.jpg
www.rwifd.com/wp-content/uploads/2021/01/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/9a5027f8-1538-46df-bd18-fdd52647e355-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
d4a615315ed9ceab43be0c3322eb82d52a9adc15085291c8a9b2b339860442c9

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Wed, 06 Jan 2021 15:51:39 GMT
Server
Apache
ETag
"b14-5b83d4c7cef7b"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2836
WhatsApp-Image-2021-01-24-at-1.28.32-PM-110x73.jpeg
www.rwifd.com/wp-content/uploads/2021/01/
1 KB
2 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-24-at-1.28.32-PM-110x73.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
670eb9e94d9fc2c5eeef3b3fa9fd6e0ab1fe9607c5bc24150e0eebcccd12e209

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Sun, 24 Jan 2021 11:41:56 GMT
Server
Apache
ETag
"5f1-5b9a3e89d8b03"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1521
WhatsApp-Image-2021-01-20-at-12.16.38-PM-76x75.jpeg
www.rwifd.com/wp-content/uploads/2021/01/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-20-at-12.16.38-PM-76x75.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
ec086e6b77d92b6911375c2184bb0ad8ce82dfd848b7ac2439c4ca34e383bfbe

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Wed, 20 Jan 2021 10:50:38 GMT
Server
Apache
ETag
"a32-5b952b9c8f733"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2610
b0b7e4f0-77c0-4c5e-885b-16dea4144685-110x75.jpg
www.rwifd.com/wp-content/uploads/2020/12/
4 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/b0b7e4f0-77c0-4c5e-885b-16dea4144685-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
cc1fcaa77aef68adac2f8677a465076d0290ccf420d4200372ccf31f6750c8d3

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Tue, 29 Dec 2020 14:07:24 GMT
Server
Apache
ETag
"f75-5b79ae8f17e73"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3957
WhatsApp-Image-2020-12-31-at-2.36.09-PM-110x75.jpeg
www.rwifd.com/wp-content/uploads/2020/12/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/WhatsApp-Image-2020-12-31-at-2.36.09-PM-110x75.jpeg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
58419d9ba398e38c01c3f7e4e7d95cf1363f1888ffd580c62972d39d30cbb447

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:07 GMT
Last-Modified
Thu, 31 Dec 2020 13:29:47 GMT
Server
Apache
ETag
"cbf-5b7c29e1b0df1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3263
134122747_129408688988263_5379790046159553894_o-110x75.jpg
www.rwifd.com/wp-content/uploads/2021/01/
3 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/134122747_129408688988263_5379790046159553894_o-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
fcee829a2bc9f82a6d613bf8fcfadbf0296546f62bdaf49db33430648f16af80

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Fri, 01 Jan 2021 20:06:18 GMT
Server
Apache
ETag
"bbf-5b7dc45f63927"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3007
%D8%A7%D8%AA%D8%A9-8-110x75.jpg
www.rwifd.com/wp-content/uploads/2020/12/
2 KB
3 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/%D8%A7%D8%AA%D8%A9-8-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
03271d9752e8893484d6cb0ae1e442e647685daf8c0286808cd7bf8ccd86cedf

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Tue, 29 Dec 2020 14:25:25 GMT
Server
Apache
ETag
"9e0-5b79b2958c8ec"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2528
b07a6056-44d8-4517-8f2f-ef06670d3c76-1-110x75.jpg
www.rwifd.com/wp-content/uploads/2020/12/
4 KB
4 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/b07a6056-44d8-4517-8f2f-ef06670d3c76-1-110x75.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
858f868216c270b2ca525801041b128bd558703bc7c365ba09058786d7f8f390

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Mon, 21 Dec 2020 20:16:29 GMT
Server
Apache
ETag
"fe9-5b6ff2226a287"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
4073
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/
225 KB
84 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86255
x-xss-protection
0
server
cafe
etag
8534310779558063066
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Feb 2021 04:52:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame B2A1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210127/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Feb 2021 05:00:08 GMT
expires
Mon, 15 Feb 2021 05:00:08 GMT
content-type
text/html; charset=UTF-8
etag
6748560809430760793
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4784
x-xss-protection
0
age
85918
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
78b4f484ee3b36cb1331088ea55681f9
secure.gravatar.com/avatar/
1 KB
1 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/78b4f484ee3b36cb1331088ea55681f9?s=50&d=mm&r=g
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 02 Feb 2021 04:52:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="78b4f484ee3b36cb1331088ea55681f9.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/78b4f484ee3b36cb1331088ea55681f9?s=50&d=mm&r=g>; rel="canonical"
content-length
1128
expires
Tue, 02 Feb 2021 04:57:06 GMT
c4a2c219c8ae5dcf35f8e839ac5f1c07
secure.gravatar.com/avatar/
1 KB
1 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/c4a2c219c8ae5dcf35f8e839ac5f1c07?s=50&d=mm&r=g
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 02 Feb 2021 04:52:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="c4a2c219c8ae5dcf35f8e839ac5f1c07.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c4a2c219c8ae5dcf35f8e839ac5f1c07?s=50&d=mm&r=g>; rel="canonical"
content-length
1128
expires
Tue, 02 Feb 2021 04:57:06 GMT
cookie.js
partner.googleadservices.com/gampad/
199 B
406 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.rwifd.com&callback=_gfp_s_&client=ca-pub-1131423187823492
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9cc43956878061529742f7b37a27e50ca6b326a6727d98424342a060493b49e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
781 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.rwifd.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
781 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.rwifd.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13D9
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=280&slotname=2901211535&adk=3130185684&adf=2036783278&pi=t.ma~as.2901211535&w=728&fwrn=4&fwrnh=100&lmt=1612241526&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1612241526798&bpp=11&bdt=1155&idt=78&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4937695683000&frm=20&pv=2&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hVDwBa92W5&p=https%3A//www.rwifd.com&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=280&slotname=2901211535&adk=3130185684&adf=2036783278&pi=t.ma~as.2901211535&w=728&fwrn=4&fwrnh=100&lmt=1612241526&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1612241526798&bpp=11&bdt=1155&idt=78&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4937695683000&frm=20&pv=2&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hVDwBa92W5&p=https%3A//www.rwifd.com&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Feb 2021 04:52:07 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
IDE=AHWqTUmwbroIPciLsqMG0ik9Ou5n2iqMxA4SXk4z3D0PKFxrL4i9tfC583ksPtRg; expires=Sun, 27-Feb-2022 04:52:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Feb 2021 04:52:07 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612182870646033"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28348
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9DC6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&slotname=8815226653&adk=70954630&adf=2570868839&pi=t.ma~as.8815226653&w=300&lmt=1612241526&psa=0&format=300x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526810&bpp=2&bdt=1166&idt=87&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=307&ady=1034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i9BUSEGTn3&p=https%3A//www.rwifd.com&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&slotname=8815226653&adk=70954630&adf=2570868839&pi=t.ma~as.8815226653&w=300&lmt=1612241526&psa=0&format=300x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526810&bpp=2&bdt=1166&idt=87&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=307&ady=1034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=i9BUSEGTn3&p=https%3A//www.rwifd.com&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Feb 2021 04:52:07 GMT
server
cafe
content-length
20783
x-xss-protection
0
set-cookie
IDE=AHWqTUnhOj7zEw9cNYe5EISFoPfimLuDSRdkWvXjil8XrJGhMBYgv8-awS87XXyy; expires=Sun, 27-Feb-2022 04:52:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Feb 2021 04:52:07 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6575
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=90&slotname=2901211535&adk=3289893036&adf=1766646955&pi=t.ma~as.2901211535&w=728&lmt=1612241526&psa=0&format=728x90&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526816&bpp=1&bdt=1172&idt=89&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x250&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QnVnsCE6ds&p=https%3A//www.rwifd.com&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=90&slotname=2901211535&adk=3289893036&adf=1766646955&pi=t.ma~as.2901211535&w=728&lmt=1612241526&psa=0&format=728x90&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&wgl=1&dt=1612241526816&bpp=1&bdt=1172&idt=89&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C300x250&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QnVnsCE6ds&p=https%3A//www.rwifd.com&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Feb 2021 04:52:07 GMT
server
cafe
content-length
13859
x-xss-protection
0
set-cookie
IDE=AHWqTUkRgAtZTYCQaRVLvetazwkL0c4O9GlK1pTU1txdxOC0MH5wihLQYVc9KL5Q; expires=Sun, 27-Feb-2022 04:52:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Feb 2021 04:52:07 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&tn=DIV&cls=background-cover&ign=false
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 04:52:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0052
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&adk=3046330955&adf=2044148826&lmt=1612241526&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1612241526985&bpp=1&bdt=1341&idt=1&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&adk=3046330955&adf=2044148826&lmt=1612241526&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1612241526985&bpp=1&bdt=1341&idt=1&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Feb 2021 04:52:07 GMT
server
cafe
content-length
41275
x-xss-protection
0
set-cookie
IDE=AHWqTUk_Z7OQB57q2As4CGyo6e1A-3KGjuAvEnihghhev54IkAlEfsyPFroGJGWw; expires=Sun, 27-Feb-2022 04:52:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Feb 2021 04:52:07 GMT
cache-control
private
996b3213-94d5-435f-adb6-279571da8afd-304x205.jpg
www.rwifd.com/wp-content/uploads/2021/01/
10 KB
10 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2021/01/996b3213-94d5-435f-adb6-279571da8afd-304x205.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
92f3eda207c6745532aceb0ae1068035650bd6900e167cbf13851ab3de527936

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Sat, 23 Jan 2021 20:06:59 GMT
Server
Apache
ETag
"28c4-5b996d8ee6b21"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
10436
IMG-20201216-WA0050-310x205.jpg
www.rwifd.com/wp-content/uploads/2020/12/
17 KB
18 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/IMG-20201216-WA0050-310x205.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
45732f15b3c6d1c1529aa2fa1a10d4368e1186b08614dfd7e0b8762b30acc780

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Thu, 17 Dec 2020 01:01:52 GMT
Server
Apache
ETag
"459d-5b69e899395a1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
17821
609d10a6-365a-4a50-993a-297ce65835c5-288x205.jpg
www.rwifd.com/wp-content/uploads/2020/12/
18 KB
18 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/12/609d10a6-365a-4a50-993a-297ce65835c5-288x205.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
032542e951bf3443f3f0547936cf48a6369f0a8fc2f1be45e9c11035771f7d5d

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Wed, 09 Dec 2020 05:30:09 GMT
Server
Apache
ETag
"46f4-5b6015a45d4c6"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
18164
IMG-20201129-WA0019-310x205.jpg
www.rwifd.com/wp-content/uploads/2020/11/
11 KB
11 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/IMG-20201129-WA0019-310x205.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
4b98a2a92a7742973d63fa6c1c12c2f1815ec857bfddf552a02f00793d8e295d

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Sun, 29 Nov 2020 09:32:33 GMT
Server
Apache
ETag
"2c14-5b53b92be02a1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
11284
Screenshot_%D9%A2%D9%A0%D9%A2%D9%A0%D9%A1%D9%A1%D9%A2%D9%A2_%D9%A1%D9%A3%D9%A2%D9%A4%D9%A4%D9%A8-310x205.jpg
www.rwifd.com/wp-content/uploads/2020/11/
11 KB
12 KB
Image
General
Full URL
https://www.rwifd.com/wp-content/uploads/2020/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A0%D9%A1%D9%A1%D9%A2%D9%A2_%D9%A1%D9%A3%D9%A2%D9%A4%D9%A4%D9%A8-310x205.jpg
Requested by
Host: www.rwifd.com
URL: https://www.rwifd.com/4265.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.103.42 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
box42.reputationmarket.net
Software
Apache /
Resource Hash
8609941a3f7cde9dc595513e32e7ad4a78fb8404ee802f335eb04d1665aa879f

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 04:56:08 GMT
Last-Modified
Sun, 22 Nov 2020 10:42:26 GMT
Server
Apache
ETag
"2d55-5b4afbbd00c54"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
11605
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012010270040000/
20 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
477387
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7254
x-xss-protection
0
server
sffe
date
Wed, 27 Jan 2021 16:15:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bb338742afe376d1"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jan 2022 16:15:40 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/
142 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
52097
x-xss-protection
0
server
cafe
etag
15838340550375950805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Feb 2021 04:52:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BAD3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&adk=1919597479&adf=3556383689&pi=t.aa~a.1463474601~rp.1&w=310&fwrn=4&fwrnh=100&lmt=1612241527&rafmt=1&to=qs&pwprc=4672998251&psa=1&format=310x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612241527436&bpp=3&bdt=1793&idt=3&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90%2C0x0&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=1818&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&psts=AGkb-H82r2fwIfzeSgHilrm2TjIodTDERbjI55JUgpmn-hxRJNt66UAf0OICzFqqIvLIP_e6SCN_34EaXQ4&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7R324NdE6D&p=https%3A//www.rwifd.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1131423187823492&output=html&h=250&adk=1919597479&adf=3556383689&pi=t.aa~a.1463474601~rp.1&w=310&fwrn=4&fwrnh=100&lmt=1612241527&rafmt=1&to=qs&pwprc=4672998251&psa=1&format=310x250&url=https%3A%2F%2Fwww.rwifd.com%2F4265.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612241527436&bpp=3&bdt=1793&idt=3&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1b874430ccb77f64-2226a5b653ba0091%3AT%3D1612241526%3ART%3D1612241526%3AS%3DALNI_MY-cq1DYf8EhAO8RdMAmWX6RWl3GA&prev_fmts=728x280%2C300x250%2C728x90%2C0x0&nras=1&correlator=4937695683000&frm=20&pv=1&ga_vid=477822773.1612241527&ga_sid=1612241527&ga_hid=1381184161&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=1818&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21068893&oid=3&psts=AGkb-H82r2fwIfzeSgHilrm2TjIodTDERbjI55JUgpmn-hxRJNt66UAf0OICzFqqIvLIP_e6SCN_34EaXQ4&pvsid=29505655732161&pem=65&ref=https%3A%2F%2Fcutt.us%2F3xzDU&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7R324NdE6D&p=https%3A//www.rwifd.com&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_Z7OQB57q2As4CGyo6e1A-3KGjuAvEnihghhev54IkAlEfsyPFroGJGWw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Feb 2021 04:52:07 GMT
server
cafe
content-length
204
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame 9B48
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_Z7OQB57q2As4CGyo6e1A-3KGjuAvEnihghhev54IkAlEfsyPFroGJGWw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Feb 2021 16:41:32 GMT
expires
Mon, 15 Feb 2021 16:41:32 GMT
content-type
text/html; charset=UTF-8
etag
6748560809430760793
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4784
x-xss-protection
0
age
43835
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210127&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be1eb99b5e9c7950f7bb0ba0da255a7f175c664fb2b4cc6675251b7ed58d3439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Feb 2021 04:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6848
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 04:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Feb 2021 04:52:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C0DB
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rwifd.com/4265.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.rwifd.com/4265.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Feb 2021 02:20:20 GMT
expires
Wed, 02 Feb 2022 02:20:20 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9107
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
210 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210127&jk=29505655732161&bg=!HB-lH1zNAAVwd1e1cDsAKQB2-DxajajQXajR2-bOJmjSwLde-AsUsEyHyMGrFQpCdGZL6xBbRbR1AgAAAFZSAAAAEGgBBwoBLkIFt1InjrGryA-du44KVkLITc70lEcEMdHu_PYWVuYfSfKmJ_Byqonvr8Y5xauRV08GOeN4EdPRTz5RZVokP-zP6MVG-y0e7RbLxAq88E8k8OlukrpneMPUahnv2FNOTMjdULBavo2-LmRcovIa8daQyMOELTH0Us9G6gkrhsHS46B490vkvZezPQOCY_QtT79lL3e9n7bopToIC2MSoCs4hfRErkIfbNpNomlGUEcRvbpFoTTyfQynrmiRKqD9LREOIyxRc-WCAw_uRWApTS49Pfv9Q1wjs8UNJMedLOxKF_3Ca16V42CP5_iqjv1CdgItkEVZTOy1jWQqIeN8XfN8LJr340elkUhELLxK-9ZAJTwPP3rFUzfdGdP8F8K3m8zmlGhoYTgbfbxFV3RZmQHRZOdRe-qmLgAEs7cI3snyMjdF9Km1JMYewN0u44_Nb8zUof_RuVcejZqhHhTWT2UBXXo4aBXuU4mpKz6k1ikl1DSUD-PnQ67pfbpx4qHwO0-j-VgsiR2Jx8xUj0orJei1WrGqh_DiUVlXWFrrKfYSrE7AVY8EMvMVtRrbgARyxNBFEJwYKlmFJ5NjkQcetzyIBCDoRrvA77WMLiopwVw0Hq_ZEctarGr10sO7tqNHK6xRW-LmZ4Vth6s4_rFAWtDRDCcuJCbeq5NmSYTL7Ia_yoRl57PjfMQFbe4KwzUvyYdH3-7jbWXZHtsNlfRvS0AFtVzPo0g5wdfPGM3aleNwiFfeXYBEBaO7hOO3LaWBHt_vsX8Oc2NxO2YXAYQELL3qt9wYssTUoaaeye4sGuehKPWWsX3IYeJfUydo5MhNtqnJAB5q1FTre-yJOHloho9UtxiQYlnocHDaSLeJvHtv3CQegy_sh9qpFH5KgX66MoJOZUf48dqpWse4LxUSDumlBIlwDvIT3bgaZgqSCTfsiF0j5uElWZO0MDmsCwMPTjSuOduoCjGT6CNYCzlr8qeQFroRLIkOjgWEv_azMKHPDf-vX-Nj3Of3oHAqmBe421-F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rwifd.com/4265.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 04:52:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| $document object| taqyeem string| sf_position string| sf_templates string| sf_input object| adsbygoogle function| rotateTicker object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| tie function| createTicker boolean| isInTag function| typetext object| tie_isMobile object| html5 object| Modernizr function| yepnope object| twemoji object| wp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| browserPrefixes object| addComment function| sf_addItem object| google_image_requests object| tickerItems undefined| tickerText number| c object| $window object| $the_post object| $wrapper object| php_js boolean| isActive object| google_llp object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.rwifd.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9c1c2ceddee84ef1c93f7c7d349867f4.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cutt.us
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
secure.gravatar.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.rwifd.com
216.58.207.34
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:819::2001
2a00:1450:4001:821::2008
2a00:1450:4001:825::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a04:fa87:fffe::c000:4902
69.61.26.121
70.39.103.42
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032542e951bf3443f3f0547936cf48a6369f0a8fc2f1be45e9c11035771f7d5d
03271d9752e8893484d6cb0ae1e442e647685daf8c0286808cd7bf8ccd86cedf
0478b60f6c85691a6c5883a2f503266404f5692c05b5df70ab5104f1c84bd94a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0707759bf511c4d63d64bbdf3b630b0e270ba46c6a57ddbb4618958a55022292
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1305ccecb5629d6a521443cb99e8c9d22f40459a33da5cc3a93ee6440a830622
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
3352da8c50ed9ae58fccc4623e9fa9ea6479f731580da3063a6ddc30703912c0
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3eebbbecde6d4500a3d1ce6eb76c79a99989d7a1d8784f8dd803fc6023ce6008
429949e12c5c9e68ada7d205820392bbbf684476a34ec7ed4232fa7e16c5f890
437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db
448889e6c27b954d771a009ea87d6f76e01530f4bdcba580b4f065c42b61afb6
45732f15b3c6d1c1529aa2fa1a10d4368e1186b08614dfd7e0b8762b30acc780
4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc
4b98a2a92a7742973d63fa6c1c12c2f1815ec857bfddf552a02f00793d8e295d
526a3cef21d737d7cfce110abc9162beef90b121743bd380fb77b5bfa962b854
5819eb587431d677091509059cc33a1f0bd35e6bf44a339583f29797afc87b24
58419d9ba398e38c01c3f7e4e7d95cf1363f1888ffd580c62972d39d30cbb447
5ba3fb96600881d582afe4c06fcffed6a02353c374e4bffcb0fea92e748767d4
5d76d52176d39937d5ac59af14180254facde9ecc62da933c4abb0da9231b37b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
66609ee81449198de00ee8c6342bae992d9b18bdbb0ab034acdb996e329524db
66e1dcb47ed8dd6438806b6222bc74aa5d9c81f291e24ce2f0710c67b30cb3f5
670eb9e94d9fc2c5eeef3b3fa9fd6e0ab1fe9607c5bc24150e0eebcccd12e209
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e6f9169b8a6626e46b5df0bea265383157ef32aa2fafd136c6cbb5b383133fb
80de1873ef984f5e29ac02635ef595a687a46cd04636bf1b585259890f71d925
84efdc8c71deb7cfba25c448c213757306ab645562b5e1d6d88a23ab62d0b5cf
858f868216c270b2ca525801041b128bd558703bc7c365ba09058786d7f8f390
8609941a3f7cde9dc595513e32e7ad4a78fb8404ee802f335eb04d1665aa879f
892d654ba2c2b765bf6d6c1ff63cd6718d11fa61f638902fb80e8f30cb9dee82
8b981d44ff98b035e69858fe577e35eaf8d87c31bceec21e557c05b64b324f79
9144715ff72640ad45c06cdd6ecd0ae4c2844dbdeff7a909895e6ea39b634ac9
92f3eda207c6745532aceb0ae1068035650bd6900e167cbf13851ab3de527936
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
997fdd01d6ba472ecb53c5301ff0a03464a01784dff0f3a561cf4fcbebb9f52f
9cc43956878061529742f7b37a27e50ca6b326a6727d98424342a060493b49e3
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a2e795ba1b11236bdfc60463baf58fcfca16eb1a2b2bf332078e751b39234e21
a6714ec405abb11db8700abbdd8a08a7ae7a54489edd6b6a53ac41b5624397f5
aded540e89c00c8511f256e5773a4005c562965c1588b6fd4d8a176cba809637
b59f4b6ac09a7f96ff94a22e2abda0f3b59522c1c7f533a6372e56b814593f7b
b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192
be1eb99b5e9c7950f7bb0ba0da255a7f175c664fb2b4cc6675251b7ed58d3439
c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808
c6675df69c81ef7faf4b1579d6e9a45c109cf17da12501f505abcbb05e3e6eef
cc1fcaa77aef68adac2f8677a465076d0290ccf420d4200372ccf31f6750c8d3
cfb8f0c7592be3e07e5ae607e3452d61bcc52cb59bb1639929d28fae4d4fd22c
d4a615315ed9ceab43be0c3322eb82d52a9adc15085291c8a9b2b339860442c9
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc666e1603b27c99a0882a0f0c981e767fd766d3c79d8af4ed39e8adc73ddbf0
dee6cf9f24a1e3aad2990a0b4fdd7c2f2d4e204d02b9b3442dcd7358eab785ae
e0fa56bd1e11c756583875191a49a39b8925b63d2b5e24b013f92787c7d2abf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42287dbc6fac52af77e62d4b79dda9edf3886f0e2a96fa7812348a744d55750
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8118f737dcaa4956558aaac41ef076ee29a0878410875b1100ddb3c4b8df788
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
ec086e6b77d92b6911375c2184bb0ad8ce82dfd848b7ac2439c4ca34e383bfbe
f611e344fd9391c5b08ae4bbe8a86add4f436a78a53a052283526dba683d8c84
f9179f4383ccee61bd4cd924e8b5720c3c5dc0c7f62da319bb28e49fd09ef505
fcee829a2bc9f82a6d613bf8fcfadbf0296546f62bdaf49db33430648f16af80