rivuletqa.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/nbvcdfghytre/mdsand2.html#redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
Effective URL:
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Submission: On April 11 via manual (April 11th 2023, 6:03:22 pm UTC) from NL — Scanned from NL

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 14 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rivuletqa.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2023. Valid for: 3 months.

This is the only time rivuletqa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:80e::2010	15169 (GOOGLE) (GOOGLE)
1 2	94.102.4.223 94.102.4.223	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
1	167.114.163.200 167.114.163.200	16276 (OVH) (OVH)
1 1	156.96.157.98 156.96.157.98	46664 (VDI-NETWORK) (VDI-NETWORK)
2 7	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::ac43:b158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
33	17

1 2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.102.4.223 (Turkey) 1 redirects

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: enviro.concept-websites.co.uk

emanhtap.arfiandi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.163.200 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip200.ip-167-114-163.net

herlingtz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.96.157.98 (United States) 1 redirects

ASN46664 (VDI-NETWORK, US)

povlandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

rivuletqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:b158 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.55.126.207 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.rivuletqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushserve.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	rivuletqa.com 3 redirects rivuletqa.com beacon.rivuletqa.com	473 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1666 ka-f.fontawesome.com — Cisco Umbrella Rank: 3207	24 KB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 514809	4 KB
2	pushserve.xyz pushserve.xyz — Cisco Umbrella Rank: 310145	2 KB
2	arfiandi.me 1 redirects emanhtap.arfiandi.me	574 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 8940	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	347 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
1	povlandy.com 1 redirects povlandy.com	598 B
1	herlingtz.com herlingtz.com	440 B
33	14

	Domain	Requested by
7	rivuletqa.com	2 redirects herlingtz.com rivuletqa.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rivuletqa.com
4	fonts.googleapis.com	rivuletqa.com
3	beacon.rivuletqa.com	1 redirects rivuletqa.com
3	virtualpushplatform.com	rivuletqa.com virtualpushplatform.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	pushserve.xyz	virtualpushplatform.com
2	emanhtap.arfiandi.me	1 redirects storage.googleapis.com
1	www.google.nl
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	rivuletqa.com
1	kit.fontawesome.com	rivuletqa.com
1	povlandy.com	1 redirects
1	herlingtz.com	emanhtap.arfiandi.me
1	storage.googleapis.com
33	17

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
herlingtz.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-06` - `2024-03-05`	a year	crt.sh
*.rivuletqa.com GTS CA 1P5	`2023-02-25` - `2023-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
beacon.rivuletqa.com R3	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-08-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Frame ID: BE6603254A050A2CD03E0A3943F3ED59
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 Page URL
http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 HTTP 302
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009 Page URL
https://povlandy.com/r/9a8aaa2d-9fe3-4524-ab57-00a951be4aab/472683/1357227730/2 HTTP 302
https://rivuletqa.com/sf/tpl38?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
http://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

33
Requests

94 %
HTTPS

71 %
IPv6

14
Domains

17
Subdomains

17
IPs

6
Countries

587 kB
Transfer

1832 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 Page URL
http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 HTTP 302
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009 Page URL
https://povlandy.com/r/9a8aaa2d-9fe3-4524-ab57-00a951be4aab/472683/1357227730/2 HTTP 302
https://rivuletqa.com/sf/tpl38?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
http://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 301
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777 HTTP 302
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009

Request Chain 18

https://beacon.rivuletqa.com/g2/5c6d753b-9c3b-47b2-a266-5e7a7c0ddab3?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 HTTP 302
https://beacon.rivuletqa.com/s/7bc7994c-19ec-46f2-8f84-5a4907959182?&requestid=fggkWwJu6R&destinationid=3961396631&item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mdsand2.html
storage.googleapis.com/nbvcdfghytre/ 274 B
762 B 86ms
21ms Document
text/html 2a00:1450:4001:80e::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/nbvcdfghytre/mdsand2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 274
content-type: text/html
date: Tue, 11 Apr 2023 17:06:10 GMT
etag: "ac1ca4e8ee8e94cba92eb2562ae317d4"
expires: Tue, 11 Apr 2023 18:06:10 GMT
last-modified: Wed, 22 Jun 2022 16:59:40 GMT
server: UploadServer
x-goog-generation: 1655917180019685
x-goog-hash: crc32c=1MKBPA== md5=rByk6O6OlMupLrJWKuMX1A==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 274
x-guploader-uploadid: ADPycdtMDpK-cl3FRhyHHGKC_6fwZt48F7dBrFg9woAzbXG3Lp-sTZcZc2uZq-QyXXmjR5tB3HdM_G9xlkCO-rWNfzE8lQ

GET
H/1.1 200
OK c19101XQgPP6531093gyNm68476OOi8009FgdG2777
emanhtap.arfiandi.me/redirect.php/ 253 B
370 B 179ms
72ms Document
text/html 94.102.4.223
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/mdsand2.html
Protocol: HTTP/1.1
Server: 94.102.4.223 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: enviro.concept-websites.co.uk
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Length: 253
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Apr 2023 17:55:20 GMT

GET
H/1.1

200
OK

6531093-68476-8009
herlingtz.com/1003dfa41e48c610800/2/2777-19101/
Redirect Chain

http://emanhtap.arfiandi.me/track/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009

142 B
440 B

513ms
291ms

Document
text/html

167.114.163.200
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009
Requested by: Host: emanhtap.arfiandi.me
URL: http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.114.163.200 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip200.ip-167-114-163.net
Software: Apache /
Resource Hash

Request headers

Referer: http://emanhtap.arfiandi.me/redirect.php/c19101XQgPP6531093gyNm68476OOi8009FgdG2777
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Length: 142
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Apr 2023 18:03:05 GMT
Server: Apache

Redirect headers

Content-Length: 96
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Apr 2023 17:55:20 GMT
Location: https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009

GET
H2

200

Primary Request / Show response
rivuletqa.com/sf/tpl38/
Redirect Chain

https://povlandy.com/r/9a8aaa2d-9fe3-4524-ab57-00a951be4aab/472683/1357227730/2
https://rivuletqa.com/sf/tpl38?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
http://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

3 KB
2 KB

27ms
26ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Requested by: Host: herlingtz.com
URL: https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575df15a3fff013c571ab99d22fa93641e0d21479905a74338fe6b0a197c1d44

Request headers

Referer: https://herlingtz.com/1003dfa41e48c610800/2/2777-19101/6531093-68476-8009
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6524f819e60e33-AMS
content-encoding: br
content-type: text/html
date: Tue, 11 Apr 2023 18:03:06 GMT
last-modified: Mon, 03 Apr 2023 16:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVOtnI77zb92y98wdFUC%2BdAUiHHJHSltvMD%2F6FQKS1ypzGGoCxcLe8kOPgDyrDF2A2CKBn0xXLgzTqA3ahdq8jcZ7OvKXtisa2zDFQKW9TdMTZWwr4%2BxCaG6eMnVTQXjIumobi9GqJHIaS0O"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7b6524f7f97d1e85-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 11 Apr 2023 18:03:06 GMT
Expires: Tue, 11 Apr 2023 19:03:06 GMT
Location: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsU%2BUTYNAeGhqMyOFZ%2FChd8qlgQiahImMawxv0O%2BDQmhhB1W1JpYknK5Xk2FVC6nq2DJ4oROaL9TN3JtrWd3%2BS0VeKC90MNV4lmrvQ76MM9vZ76odgYBDkaZE1ytGk%2B%2BEFuj7wyZTgBcif6f"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
915 B 175ms
81ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9df2da5cb0badfa89929364402fa3adcd1638e2c0be1b5ec1a963d1181a94b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:03:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:03:07 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 77ms
32ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d02cabba45f295ece38d60d4b176fee816d969ee29865ee606b37ad8285f81e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:06 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 46
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7b6524f8ab29b7f8-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F1BTI8W0VmnDwaMAEi5i

GET
H2 400 css2
fonts.googleapis.com/ 0
0 174ms
80ms Stylesheet
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Muli:wght@900:wght@400&display=swap
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 700 B
774 B 173ms
80ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cd5d9b9721d6b1bfc18d8c81562508902e01c61e2d2058485cc31fad4222c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 17:10:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:03:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 181ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148357412-1

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

570f97cd079671d3e6b969adca906125e3b97adfa66582b07779e2ad709ead07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Apr 2023 18:03:07 GMT

GET
H2 200 bundle.2d9c55de897bc59d50b7.css
rivuletqa.com/sf/tpl38/ 75 KB
15 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rivuletqa.com/sf/tpl38/bundle.2d9c55de897bc59d50b7.css?t=1680537685568
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533ff0001abcabb51689c162adf7ea293747feefb41d530918393e09e03a46bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 16:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 93751
etag: W/"642af877-12b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzpgGTHTzFVOP5%2B7sPdVOPYq%2FWhYWGu3NL4cP8uIxD7Ge4XSLsFQzcAQZxSyLQECO1H14JSUD42Pz12OONRDsuJw0dAEhz32DNnwRv5xViByUE6%2BVviI0oa0rWj2Fez%2FHLKJLHdlq5o3DfrK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7b6524f86ac30e33-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 Apr 2024 16:00:41 GMT

GET
H3 200 apple_logo.png
rivuletqa.com/sf/tpl38/public/ 51 KB
52 KB 28ms
24ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rivuletqa.com/sf/tpl38/public/apple_logo.png
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed071de25afe945a3c80724a3a6623f28b2092c642102b85a77cdc5fdbd2b5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93793
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52224
last-modified: Mon, 03 Apr 2023 16:01:59 GMT
server: cloudflare
etag: "642af877-cc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cyRzKns%2Fhk0usJGAyXOOyK6gT2qfIbpSyw%2FJv10NCcGuqGKuHV%2BNjh5rdoR2lcbJl3ANWknF2740kvAlwuncYsbk3rhagulKjq7i6baeyJd0p0o3l5K9O4EhE0HfWxECm%2FivkrH85wOsK%2FB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b6524f98fbb0bd5-AMS
expires: Tue, 09 Apr 2024 16:00:00 GMT

GET
H3 200 11.a4ba6d6e.chunk.js Show response
rivuletqa.com/sf/tpl38/js/ 360 KB
118 KB 66ms
59ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rivuletqa.com/sf/tpl38/js/11.a4ba6d6e.chunk.js
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da4430244ddb3ff5741579fdc376e2dd219adbed78c2fb90263efb1ab7bc081

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 16:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 93793
etag: W/"642af877-5a01f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNEuWMupEfmo2bznHTmGX%2FFa6BvLzmSZdLP%2FqM8NiUgkknyk4VK8pfwqFaU52pv%2FiZS0pHzoHYRYsCtyGMihwVAJs5DKvNcbT6kVNG%2Fae7BCVzfUG97cqgQFXQkZwMm3x%2BFf0HqCtvZtzRyT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7b6524f98fb70bd5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 Apr 2024 16:00:00 GMT

GET
H3 200 app.a57bdeb1.js Show response
rivuletqa.com/sf/tpl38/js/ 673 KB
127 KB 43ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rivuletqa.com/sf/tpl38/js/app.a57bdeb1.js
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98be2dbd8c34830491c94f202211013cc1d15377cf30959d17ee4ea571ed4019

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/sf/tpl38/?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 16:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 93793
etag: W/"642af877-a82f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9g22INO%2BhJ2t0Yd2m0gJcLCIlaP3Uyg9Qy2wRK%2BR%2Bsi6%2BTNWXPMyjasdAop33h40ko8YWQclgf8qp69gUEaOM9fVN8vUe4EoxAKc8ZYuJqsYeUvMfw%2B90ICCnM6ou8IRDA6UwgexRI8ig3Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7b6524f98fb80bd5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 Apr 2024 16:00:00 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 119ms
22ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
via: 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 115690
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35XMiNFzjGq%2FAzxacctJAuz0wgDQjzbuNScLtBMzCse%2F71WMn5nFuVwV73xnUH8VlCRgholWBfueY1ffJPArMArXRKl2c692CmIi%2FytmvyIo5S8t%2F5Svaiftf9cuvy4Vlgvt0MIp%2BM7c99td5LriXFlWYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b6524f988221c8c-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sTMccfxpEs735bKVOXFteqaQY8c5Os-14k8_dTtNAQ1Mto1jExuncw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 118ms
21ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 93892
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEMcH3z78YSFybOP6w%2FnoH2lH1g2DgEQ8Hyxk6N94vbXegizXVXMy14onIoSGZAOUVisg3NKGlCmSaZim9qORA37nZKmcpEyP%2F94LZg5QNNWsYaQTwdfBZPBt%2F0svjhzD8RUpgNVmzu3S%2F8cNsp3JnI2vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b6524f988231c8c-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: NNZrna7S_p6WEBl-BWb0LjefKA8A6MKY6Y1riAP6gy04No9ZBTqq9g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 117ms
20ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
via: 1.1 397f210a9eb9ec34ba3f1f814bc1a7a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 93892
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZ2KdG%2Fk6BxXPOUNDYUOdpK4cjfh%2BlPMJ2RwHXsKlTIKpdlYE7r7kQHwcknK4TBBvygMla9PGcpktIi93zQdS5N%2BP57ujJ2u3Hw7ubTziriTIBavppqrYbOyEB6ih30SGrUd6ZbSjbo7JfWhwkmB33jhqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b6524f988251c8c-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: U9v5AHxuqI9QG78Ds337exL7PXqyVdI3CKpXj3znlqXyfj8Gm9Oxig==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
495 B 39ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/bundle.2d9c55de897bc59d50b7.css?t=1680537685568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c911afacd64e9c0f7ab908077b532a201f0f3358b553f14839e8d479c443e1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 16:26:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:03:07 GMT

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 10 KB
4 KB 114ms
61ms Script
application/javascript 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/js/app.a57bdeb1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3d34041e665d64895d9d6bff29804c011795a32ee500288266da578a761d5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5816
cf-polished: origSize=13985
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 17:58:44 GMT
server: cloudflare
etag: W/"1d968b16d83d4a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUufh2LOUtgPucSkC7XCSnPL1m6aEgmSj703tN4vE9U7WqrYoscgc1yku%2FDep7ZIMWWTnK%2BOcMr6Ki942yAVrUlYHNxQQCpGC0Q9Qp2szkjlf97ERvsiNiBMn6qQ9cJGJNT5yqgm0tRhlh9mDmisFb4cQ9wFcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b6524fb68590bce-AMS

GET
H2 200 summary Show response
beacon.rivuletqa.com/geo/ 117 B
563 B 301ms
94ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.rivuletqa.com/geo/summary

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/js/11.a4ba6d6e.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1095d32ef61d9ac04d1a07392d57ebcfc394a75649b196e7f0fdb0cb9d18332d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://rivuletqa.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2

200

7bc7994c-19ec-46f2-8f84-5a4907959182 Show response
beacon.rivuletqa.com/s/
Redirect Chain

https://beacon.rivuletqa.com/g2/5c6d753b-9c3b-47b2-a266-5e7a7c0ddab3?item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
https://beacon.rivuletqa.com/s/7bc7994c-19ec-46f2-8f84-5a4907959182?&requestid=fggkWwJu6R&destinationid=3961396631&item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

212 KB
158 KB

128ms
127ms

XHR
text/plain

45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.rivuletqa.com/s/7bc7994c-19ec-46f2-8f84-5a4907959182?&requestid=fggkWwJu6R&destinationid=3961396631&item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

83f8fcd47b243d2fbd3ae636452b456039defe20ee0f241760992050078ca9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date: Tue, 11 Apr 2023 18:03:07 GMT
strict-transport-security: max-age=2592000
server: Kestrel
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
location: https://beacon.rivuletqa.com/s/7bc7994c-19ec-46f2-8f84-5a4907959182?&requestid=fggkWwJu6R&destinationid=3961396631&item=F7F0&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 81ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rivuletqa.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:02:35 GMT
x-content-type-options: nosniff
age: 10832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16748
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:02:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
30ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148357412-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 16:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 18:05:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
143 B 44ms
39ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2054572833&t=pageview&_s=1&dl=https%3A%2F%2Frivuletqa.com%2Fsf%2Ftpl38%2F%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=315268118&gjid=1693715736&cid=230397218.1681236188&tid=UA-148357412-1&_gid=1725440552.1681236188&_r=1&gtm=457e34a0&jsscut=1&z=1930754476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivuletqa.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:03:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivuletqa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 33ms
32ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2054572833&t=event&_s=2&dl=https%3A%2F%2Frivuletqa.com%2Fsf%2Ftpl38%2F%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=%2Fsf%2Ftpl38&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=230397218.1681236188&tid=UA-148357412-1&_gid=1725440552.1681236188&gtm=457e34a0&jsscut=1&z=203744447

Requested by

Host: rivuletqa.com
URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&session_id=035219ad-11f1-47a0-b2fe-c702d7eec240&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 73ms
27ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-148357412-1&cid=230397218.1681236188&jid=315268118&gjid=1693715736&_gid=1725440552.1681236188&_u=YEBAAUAAAAAAACAAI~&z=1638672430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivuletqa.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Apr 2023 18:03:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivuletqa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 visit
pushserve.xyz/api/v1/ 0
0 119ms
31ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushserve.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rivuletqa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Tue, 11 Apr 2023 18:03:07 GMT

POST
H2 200 visit Show response
pushserve.xyz/api/v1/ 2 KB
2 KB 42ms
41ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushserve.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 01124a250103c3a9da4b8879c491112b204e14c3ca836f9d40f7dc3b1b6075b9

Request headers

Referer: https://rivuletqa.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 18:03:07 GMT
server: Kestrel
content-length: 1580
content-type: application/json; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 110ms
56ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-148357412-1&cid=230397218.1681236188&jid=315268118&_u=YEBAAUAAAAAAACAAI~&z=387763748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 109ms
56ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-148357412-1&cid=230397218.1681236188&jid=315268118&_u=YEBAAUAAAAAAACAAI~&z=387763748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 44ms
44ms Fetch 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://rivuletqa.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 11 Apr 2023 18:03:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC56mrMQorTcw843xdM13V3Q2a1blJla06grhYAWA2JfFmbmw4GTkdiwzYqw9ZwtXe0K2mpFpmLY7HmLnwXfOOSDsmSZTwu5lXsz3p6xaV3FxIcCcE5up6ikLVAFFksd%2FOw%2FBZ%2BGE8TQRW7FsTwtH1SdFj1KnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b6524fecbb00bad-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 70ms
45ms Preflight 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rivuletqa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6524fe7af30bad-AMS
content-length: 0
date: Tue, 11 Apr 2023 18:03:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykQE59Oi3ysH6CneZjfgLdP6umQDOjjYjkb1ud8Lw%2FuXJM%2Be3ZX1ITCN48c8bUzvdF2WtTZ3ubTYHZco%2BzAtiNAiaiJECot%2FPhmYuDAqXGh%2BDswsFZtNCS7ukadm1B7cduqmFylqJ9eaCNo8Ck1xAUry64IcWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 157 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e125f35a0e6e268bb685f8dfa009cc7322bdbb91902504128a8af8d01257dde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2054572833&t=event&_s=3&dl=https%3A%2F%2Frivuletqa.com%2Fsf%2Ftpl38%2F%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&dp=%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NL-iCloud&ea=view&el=%2Fsf%2Ftpl38&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=230397218.1681236188&tid=UA-148357412-1&_gid=1725440552.1681236188&gtm=457e34a0&jsscut=1&z=568502655

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86276
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2054572833&t=event&_s=4&dl=https%3A%2F%2Frivuletqa.com%2Fsf%2Ftpl38%2F%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&dp=0%3Fitem%3DF7F0%26session_id%3D035219ad-11f1-47a0-b2fe-c702d7eec240%26sub1%3Da2326e31-5875-479e-8f9c-f220ad07d9ab%26sub2%3DMO0W_472683&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20started%20Survey%20Flow&ea=survey-flow-started&el=%2Fsf%2Ftpl38&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=230397218.1681236188&tid=UA-148357412-1&_gid=1725440552.1681236188&gtm=457e34a0&jsscut=1&z=1641333101

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rivuletqa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86276
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
herlingtz.com/	1970-01-20 11:45:10	Name: uid24373 Value: 1357227730-20230411130305-f4df1f7f4abac5d34adec0e3401aaa96-3319
.rivuletqa.com/	1970-01-20 20:36:36	Name: _ga Value: GA1.2.230397218.1681236188
.rivuletqa.com/	1970-01-20 11:02:02	Name: _gid Value: GA1.2.1725440552.1681236188
.rivuletqa.com/	1970-01-20 11:00:36	Name: _gat_gtag_UA_148357412_1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2?family=Muli:wght@900:wght@400&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: https://rivuletqa.com/sf/tpl38/?item=F7F0&session_id=035219ad-11f1-47a0-b2fe-c702d7eec240&sub1=a2326e31-5875-479e-8f9c-f220ad07d9ab&sub2=MO0W_472683 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.rivuletqa.com
emanhtap.arfiandi.me
fonts.googleapis.com
fonts.gstatic.com
herlingtz.com
ka-f.fontawesome.com
kit.fontawesome.com
povlandy.com
pushserve.xyz
rivuletqa.com
stats.g.doubleclick.net
storage.googleapis.com
virtualpushplatform.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
156.96.157.98
167.114.163.200
20.50.64.3
2606:4700:3032::ac43:b158
2606:4700::6812:1634
2606:4700:e4::ac40:a916
2a00:1450:4001:80e::2010
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0d::9c
2a06:98c1:3120::3
45.55.126.207
94.102.4.223
01124a250103c3a9da4b8879c491112b204e14c3ca836f9d40f7dc3b1b6075b9
1095d32ef61d9ac04d1a07392d57ebcfc394a75649b196e7f0fdb0cb9d18332d
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
4cd5d9b9721d6b1bfc18d8c81562508902e01c61e2d2058485cc31fad4222c7d
533ff0001abcabb51689c162adf7ea293747feefb41d530918393e09e03a46bc
570f97cd079671d3e6b969adca906125e3b97adfa66582b07779e2ad709ead07
575df15a3fff013c571ab99d22fa93641e0d21479905a74338fe6b0a197c1d44
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e125f35a0e6e268bb685f8dfa009cc7322bdbb91902504128a8af8d01257dde
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7ed071de25afe945a3c80724a3a6623f28b2092c642102b85a77cdc5fdbd2b5e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f8fcd47b243d2fbd3ae636452b456039defe20ee0f241760992050078ca9dc
8da4430244ddb3ff5741579fdc376e2dd219adbed78c2fb90263efb1ab7bc081
98be2dbd8c34830491c94f202211013cc1d15377cf30959d17ee4ea571ed4019
9df2da5cb0badfa89929364402fa3adcd1638e2c0be1b5ec1a963d1181a94b02
c911afacd64e9c0f7ab908077b532a201f0f3358b553f14839e8d479c443e1cf
cf3d34041e665d64895d9d6bff29804c011795a32ee500288266da578a761d5e
d02cabba45f295ece38d60d4b176fee816d969ee29865ee606b37ad8285f81e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

rivuletqa.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

71 %IPv6

14 Domains

17 Subdomains

17 IPs

6 Countries

587 kBTransfer

1832 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rivuletqa.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

71 %
IPv6

14
Domains

17
Subdomains

17
IPs

6
Countries

587 kB
Transfer

1832 kB
Size

4
Cookies

33 HTTP transactions
1 data transactions