urlscan.io logo urlscan.io
SecurityTrails logo

rdsau.xyz Open in urlscan Pro
144.91.71.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://rdsau.xyz/
Submission Tags: krdprod
Submission: On October 16 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 144.91.71.186, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is rdsau.xyz.
TLS certificate: Issued by R3 on July 30th 2021. Valid for: 3 months.
This is the only time rdsau.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 144.91.71.186 51167 (CONTABO)
1 142.250.185.170 15169 (GOOGLE)
3 104.16.19.94 13335 (CLOUDFLAR...)
7 104.16.87.20 13335 (CLOUDFLAR...)
1 1 192.0.73.2 2635 (AUTOMATTIC)
1 192.0.77.2 2635 (AUTOMATTIC)
1 104.17.32.53 13335 (CLOUDFLAR...)
1 142.250.185.163 15169 (GOOGLE)
23 8
9    144.91.71.186 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: srvr.m3h.pw
rdsau.xyz
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
3    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
1    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i2.wp.com
1    104.17.32.53 (None, )

ASN13335 (CLOUDFLARENET, US)
www.chartjs.org
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
9 rdsau.xyz rdsau.xyz
7 cdn.jsdelivr.net rdsau.xyz
3 cdnjs.cloudflare.com rdsau.xyz
1 fonts.gstatic.com fonts.googleapis.com
1 www.chartjs.org rdsau.xyz
1 i2.wp.com rdsau.xyz
1 www.gravatar.com 1 redirects
1 fonts.googleapis.com rdsau.xyz
23 8

This site contains no links.

Subject Issuer Validity Valid
www.rdsau.xyz
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://rdsau.xyz/
Frame ID: 1C85AE808626591938E3D24F4E802805
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

rdsau

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

531 kB
Transfer

1710 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.gravatar.com/avatar/302cf393a8334b1b5f89443074d5b123?s=80&d=https://rdsau.xyz/mmg-includes/img/avatar.png&r=g HTTP 302
  • https://i2.wp.com/rdsau.xyz/mmg-includes/img/avatar.png?ssl=1

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
rdsau.xyz/ 		55 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.14
Resource Hash
206cd12d1ade22c92a7ada35857dfe32120d2a4c046f0af29f56c5f8e21eb727

Request headers

Host
rdsau.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 16 Oct 2021 06:18:14 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.14
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv; path=/
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
8872
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
3f30c97068c22ab6171d2db06107343f5e25bb4ba5692797c05aad676411dac3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 16 Oct 2021 06:18:15 GMT
server
ESF
date
Sat, 16 Oct 2021 06:18:15 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 16 Oct 2021 06:18:15 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2623973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yAoB6CGJsghMpk6xRfWm7GAdVlI7qsD%2Bk8Dt2gUAXLog1S86Pxxz%2Bl9FLjgz%2F8YdTgfhR2uQ60cqCWvsEjPNoMO885pMsDafQysATK3N3Oo2ZRPNQFisKx0X8PTaFtnld1EePu6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69ef2b3489322199-DUS
expires
Thu, 06 Oct 2022 06:18:15 GMT
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@7.33.1/dist/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@7.33.1/dist/sweetalert2.min.css
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf5643b6fa65252aa13ac202955d4e568789b1def9dc1c0c4b11da57af3886a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3159501
x-jsd-version
7.33.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19146-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69d5-2k5/bMk8TjoUQBEyBPuoVlerP9U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ef2b348a502175-DUS
summernote-lite.min.css
cdn.jsdelivr.net/npm/summernote@0.8.16/dist/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/summernote@0.8.16/dist/summernote-lite.min.css
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828e52df1223eefe9e465ae713377cef5793d7a85f9ef9cf9c9ddf9ccf815ba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1547285
x-jsd-version
0.8.16
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19183-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7058-8Jnls3oE6IRxcZcBINKeACnucN8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ef2b348a512175-DUS
daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
32243
x-jsd-version
3.1.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
69ef2b348a532175-DUS
main.css
rdsau.xyz/mmg-includes/css/ 		247 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/css/main.css?v=2.0
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
96aa3d46e05590420f6f0240cc7ef5eb2b797cd1ef0fefac854dd764e992bbb5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jan 2020 08:29:50 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"3dc67-59ca2361c1b80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
35625
style.css
rdsau.xyz/mmg-includes/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/css/style.css
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
ad92a2904a6217f9f594dc3926f00a242bdff9e2ad8000b1795232140d38fc33

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 15:29:28 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"5a74-5addd9a150600-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5142
main.min.js
rdsau.xyz/mmg-includes/js/ 		882 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/js/main.min.js?v=2.0
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
9b32a8710960f0d33276dc49d156ddfa857a1f582f1b4ada67df136cdfaff322

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2019 06:18:50 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"dc62e-58a28fce8e680-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
avatar.png
i2.wp.com/rdsau.xyz/mmg-includes/img/
Redirect Chain
  • https://www.gravatar.com/avatar/302cf393a8334b1b5f89443074d5b123?s=80&d=https://rdsau.xyz/mmg-includes/img/avatar.png&r=g
  • https://i2.wp.com/rdsau.xyz/mmg-includes/img/avatar.png?ssl=1
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/rdsau.xyz/mmg-includes/img/avatar.png?ssl=1
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
cdfa428d1e6e04aa1434f24a1871c25431646eb3df49c5f051329c3521a1e2e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
MISS hhn 4
date
Sat, 16 Oct 2021 06:18:15 GMT
x-content-type-options
nosniff
last-modified
Sat, 16 Oct 2021 06:18:15 GMT
server
nginx
etag
"e5d662fa9ddd8b29"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://rdsau.xyz/mmg-includes/img/avatar.png>; rel="canonical"
content-length
16276
expires
Mon, 16 Oct 2023 18:18:15 GMT

Redirect headers

x-nc
HIT hhn 2
date
Sat, 16 Oct 2021 06:18:15 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
text/html; charset=utf-8
location
https://i2.wp.com/rdsau.xyz/mmg-includes/img/avatar.png?ssl=1
cache-control
max-age=300
link
<https://www.gravatar.com/avatar/302cf393a8334b1b5f89443074d5b123?s=80&d=https://rdsau.xyz/mmg-includes/img/avatar.png&r=g>; rel="canonical"
content-length
0
expires
Sat, 16 Oct 2021 06:23:15 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1599294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2905
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cew60YJ961CFg15lWBWhQNaD5g86HaDvsJkIYxnDWg4g3JXVD6HGhWyWREJtzhGg1AIjMaCYxe3M3xEhhbwTCgmrZ50OrobsFo2WD9rnZ9hpKnoV8uMPac4NP3nmmIEA2LifFS6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69ef2b34e9ba2199-DUS
expires
Thu, 06 Oct 2022 06:18:15 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1516203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8EaXs%2FzggXRMkc6taRE3qD0vI5UwhJdaSyZpN41EP34mw%2Fk9fgBMySmEn4%2BVcmMh%2FkeoybYbBSIaM0iN44oSmXn8yOYFKgNyISoVnq1auiMRWMpQPTI1rSlfrfSR75GoQX7jLYr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69ef2b350a328745-DUS
expires
Thu, 06 Oct 2022 06:18:15 GMT
moment.min.js
cdn.jsdelivr.net/momentjs/latest/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/momentjs/latest/moment.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3162575
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19166-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"c909-Mv32cwvjRTjgk3jsbMVSKdmnAVE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ef2b3529af219f-DUS
daterangepicker.min.js
cdn.jsdelivr.net/npm/daterangepicker/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31536
x-jsd-version
3.1.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19129-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
69ef2b3559d5219f-DUS
summernote-lite.min.js
cdn.jsdelivr.net/npm/summernote@0.8.16/dist/ 		157 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/summernote@0.8.16/dist/summernote-lite.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2553b3d7c2149d1a925d61957de150213ca5136ce1d9251626eeda2cc551a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
238142
x-jsd-version
0.8.16
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19181-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"272b4-FkDmsVQpBQHz7w/ucXwOXYEE344"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ef2b3559d6219f-DUS
sweetalert2.min.js
cdn.jsdelivr.net/npm/sweetalert2@7.33.1/dist/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@7.33.1/dist/sweetalert2.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd42f25cdff32ec01585c154eaaf4a89f759d6035a51ecf0cb937d61806a8ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 06:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1382284
x-jsd-version
7.33.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19130-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"92e0-n/+Y/zd2vvJtcB+Md/R2X3v5wSY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ef2b3559d8219f-DUS
utils.js
www.chartjs.org/samples/latest/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chartjs.org/samples/latest/utils.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.32.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
smscount.js
rdsau.xyz/mmg-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/js/smscount.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
8d2e05cbf89fbcc1cab021c24649fa6a4c880caeb3d0ba52cb189d3637e460f3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Nov 2018 21:48:16 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"8da-579c99bfd2800-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
966
jquery.blockUI.min.js
rdsau.xyz/mmg-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/js/jquery.blockUI.min.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
f0edead035b02f83c0185decdbd7126950ed267b8e69270d0c0a678fd5a76ed6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Jul 2020 19:04:02 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"37bc-5a9a24e006c80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4390
postback.js
rdsau.xyz/mmg-includes/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/js/postback.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
bc5e3ffc754fbc1bf728a93b37156edaa80cbd87c9b68101d3953b9b60634c92

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 02:03:48 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"19ce-5757ac4934900-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1871
script.js
rdsau.xyz/mmg-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/js/script.js
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
2085812ea2d3e7a0a8bb58a2f03295b822c4bc7ef9856b736d484ae03ae4d9d5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://rdsau.xyz/
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://rdsau.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 05:47:56 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"147f-5a02931f81b00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1907
truncated
/ 		372 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85bea54fc2708bd68bbf400426542b28ac04cfb25e994a39b84b94d96141f932

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
391838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 17:27:37 GMT
fontawesome-webfont.woff2
rdsau.xyz/mmg-includes/css/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rdsau.xyz/mmg-includes/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: rdsau.xyz
URL: https://rdsau.xyz/mmg-includes/css/main.css?v=2.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.91.71.186 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srvr.m3h.pw
Software
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://rdsau.xyz
Accept-Encoding
gzip, deflate, br
Host
rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://rdsau.xyz/mmg-includes/css/main.css?v=2.0
Cookie
mmg_sms=h1bdq8kgn40vnqpsmhdprgggkv
Connection
keep-alive
Referer
https://rdsau.xyz/mmg-includes/css/main.css?v=2.0
Origin
https://rdsau.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 06:18:15 GMT
Last-Modified
Fri, 10 Aug 2018 02:51:54 GMT
Server
Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips
ETag
"12d68-5730bd3838680"
Vary
User-Agent
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
77160

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| __guard__ function| __guardMethod__ function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| VectorCanvas function| ColorScale function| JQVMap function| Sidebar function| Switch function| Toggle function| Todo function| ChatDialogue function| $ function| jQuery object| bootstrap function| moment function| Color function| Chart function| dragula object| FullCalendar function| startMoment function| endMoment function| ClipboardJS object| toastr function| daterangepicker function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| SmsCounter number| postbackCounter number| pixelCounter undefined| t undefined| e undefined| n function| updateRadio function| updateInBox function| LetterAvatar

2 Cookies

Domain/Path Name / Value
rdsau.xyz/ Name: mmg_sms
Value: h1bdq8kgn40vnqpsmhdprgggkv
.chartjs.org/ Name: __cf_bm
Value: 3OI4z8o0GLn8kcC3DuSxFSMOprqOga9IwYvRjENexVM-1634365095-0-AZFtB+TdQzLGWL/im5/gl48YdSIuvJKfI0ASWH8pbPSgoBhuxh/xgtfFSVUGE2R691i3X3JmFlZnFMyIwm50G0A=

1 Console Messages

Source Level URL
Text
network error URL: https://www.chartjs.org/samples/latest/utils.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i2.wp.com
rdsau.xyz
www.chartjs.org
www.gravatar.com
104.16.19.94
104.16.87.20
104.17.32.53
142.250.185.163
142.250.185.170
144.91.71.186
192.0.73.2
192.0.77.2
206cd12d1ade22c92a7ada35857dfe32120d2a4c046f0af29f56c5f8e21eb727
2085812ea2d3e7a0a8bb58a2f03295b822c4bc7ef9856b736d484ae03ae4d9d5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3f30c97068c22ab6171d2db06107343f5e25bb4ba5692797c05aad676411dac3
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
828e52df1223eefe9e465ae713377cef5793d7a85f9ef9cf9c9ddf9ccf815ba4
85bea54fc2708bd68bbf400426542b28ac04cfb25e994a39b84b94d96141f932
8d2e05cbf89fbcc1cab021c24649fa6a4c880caeb3d0ba52cb189d3637e460f3
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
96aa3d46e05590420f6f0240cc7ef5eb2b797cd1ef0fefac854dd764e992bbb5
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9b32a8710960f0d33276dc49d156ddfa857a1f582f1b4ada67df136cdfaff322
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
acd42f25cdff32ec01585c154eaaf4a89f759d6035a51ecf0cb937d61806a8ff
ad92a2904a6217f9f594dc3926f00a242bdff9e2ad8000b1795232140d38fc33
bc5e3ffc754fbc1bf728a93b37156edaa80cbd87c9b68101d3953b9b60634c92
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
cdfa428d1e6e04aa1434f24a1871c25431646eb3df49c5f051329c3521a1e2e3
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
f0edead035b02f83c0185decdbd7126950ed267b8e69270d0c0a678fd5a76ed6
f2553b3d7c2149d1a925d61957de150213ca5136ce1d9251626eeda2cc551a97
fcf5643b6fa65252aa13ac202955d4e568789b1def9dc1c0c4b11da57af3886a