urlscan.io logo urlscan.io
SecurityTrails logo

eu.rdrfles.com Open in urlscan Pro
104.248.249.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Effective URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiO...
Submission: On December 02 via manual from ID — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 21 domains to perform 101 HTTP transactions. The main IP is 104.248.249.91, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is eu.rdrfles.com.
TLS certificate: Issued by R11 on December 1st 2024. Valid for: 3 months.
This is the only time eu.rdrfles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 3.75.10.80 16509 (AMAZON-02)
2 142.250.185.170 15169 (GOOGLE)
1 172.240.108.76 7979 (SERVERS-COM)
2 104.16.225.240 13335 (CLOUDFLAR...)
6 142.250.185.195 15169 (GOOGLE)
1 3.65.115.184 16509 (AMAZON-02)
1 199.232.196.134 54113 (FASTLY)
4 13.224.189.87 16509 (AMAZON-02)
3 103.49.221.102 24211 (DETIK-AS-...)
1 104.18.8.94 13335 (CLOUDFLAR...)
1 2 192.243.59.13 39572 (ADVANCEDH...)
1 151.101.192.134 54113 (FASTLY)
1 1 3.127.216.164 16509 (AMAZON-02)
46 104.248.249.91 14061 (DIGITALOC...)
3 99.86.4.43 16509 (AMAZON-02)
2 143.204.215.42 16509 (AMAZON-02)
2 199.232.192.64 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 139.45.197.240 9002 (RETN-AS R...)
1 23.158.56.123 63023 (AS-GLOBAL...)
3 139.45.197.236 9002 (RETN-AS R...)
12 139.45.197.250 9002 (RETN-AS R...)
1 188.114.96.3 13335 (CLOUDFLAR...)
101 23
5    3.75.10.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
swarafakta.my.id
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
1    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
www.topcpmcreativeformat.com
2    104.16.225.240 (None, )

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
in.getclicky.com
6    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
1    3.65.115.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-115-184.eu-central-1.compute.amazonaws.com
proftrafficcounter.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
swarafakta.disqus.com
4    13.224.189.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-87.fra2.r.cloudfront.net
asset.kompas.com
3    103.49.221.102 (Depok, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com
awsimages.detik.net.id
1    104.18.8.94 (None, )

ASN13335 (CLOUDFLARENET, US)
images.bisnis.com
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
sometimeadministratormound.com
1    151.101.192.134 (San Francisco, United States)

ASN54113 (FASTLY, US)
disqus.com
1    3.127.216.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-216-164.eu-central-1.compute.amazonaws.com
go.sndirectsb.com
46    104.248.249.91 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
eu.rdrfles.com
3    99.86.4.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-43.fra6.r.cloudfront.net
c.disquscdn.com
2    143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net
cdn.viglink.com
2    199.232.192.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
propeller-tracking.com
1    23.158.56.123 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 123-56-158-23.clients.gthost.com
news-xcemoce.com
3    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
unphionetor.com
12    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
beevakum.net
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
46 rdrfles.com
eu.rdrfles.com
1 MB
12 beevakum.net
beevakum.net — Cisco Umbrella Rank: 451876
19 KB
6 gstatic.com
fonts.gstatic.com
140 KB
5 swarafakta.my.id
swarafakta.my.id
131 KB
4 kompas.com
asset.kompas.com — Cisco Umbrella Rank: 23126
418 KB
4 disqus.com
swarafakta.disqus.com
disqus.com — Cisco Umbrella Rank: 1315
links.services.disqus.com — Cisco Umbrella Rank: 20538
28 KB
3 unphionetor.com
unphionetor.com — Cisco Umbrella Rank: 727222
2 KB
3 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 6938
27 KB
3 detik.net.id
awsimages.detik.net.id — Cisco Umbrella Rank: 123455
108 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 15119
775 B
2 sometimeadministratormound.com
sometimeadministratormound.com
5 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 12927
in.getclicky.com — Cisco Umbrella Rank: 11405
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
1008 B
1 news-xcemoce.com
news-xcemoce.com
10 KB
1 propeller-tracking.com
propeller-tracking.com — Cisco Umbrella Rank: 699631
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
19 KB
1 sndirectsb.com
go.sndirectsb.com — Cisco Umbrella Rank: 711706
3 KB
1 bisnis.com
images.bisnis.com — Cisco Umbrella Rank: 83084
30 KB
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
301 B
1 topcpmcreativeformat.com
www.topcpmcreativeformat.com — Cisco Umbrella Rank: 328436
12 KB
101 21
Domain Requested by
46 eu.rdrfles.com swarafakta.my.id
eu.rdrfles.com
beevakum.net
12 beevakum.net eu.rdrfles.com
beevakum.net
6 fonts.gstatic.com fonts.googleapis.com
5 swarafakta.my.id swarafakta.my.id
4 asset.kompas.com swarafakta.my.id
3 unphionetor.com propeller-tracking.com
3 c.disquscdn.com swarafakta.disqus.com
3 awsimages.detik.net.id swarafakta.my.id
2 links.services.disqus.com c.disquscdn.com
2 cdn.viglink.com
2 sometimeadministratormound.com 1 redirects swarafakta.my.id
2 fonts.googleapis.com swarafakta.my.id
eu.rdrfles.com
1 my.rtmark.net beevakum.net
1 news-xcemoce.com eu.rdrfles.com
1 propeller-tracking.com eu.rdrfles.com
1 cdnjs.cloudflare.com eu.rdrfles.com
1 go.sndirectsb.com 1 redirects
1 in.getclicky.com static.getclicky.com
1 disqus.com swarafakta.disqus.com
1 images.bisnis.com swarafakta.my.id
1 swarafakta.disqus.com swarafakta.my.id
1 proftrafficcounter.com www.topcpmcreativeformat.com
1 static.getclicky.com swarafakta.my.id
1 www.topcpmcreativeformat.com swarafakta.my.id
101 24

This site contains no links.

Subject Issuer Validity Valid
swarafakta.my.id
E5		 2024-11-01 -
2025-01-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
topcpmcreativeformat.com
R11		 2024-10-05 -
2025-01-03		 3 months crt.sh
*.getclicky.com
E6		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2024-10-21 -
2025-11-20		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-16 -
2025-04-16		 a year crt.sh
kompas.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.detik.net.id
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-25		 a year crt.sh
bisnis.com
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
lnk.ftrackcamps.com
R11		 2024-12-01 -
2025-03-01		 3 months crt.sh
a.disquscdn.com
Amazon RSA 2048 M02		 2024-07-30 -
2025-08-27		 a year crt.sh
viglink.com
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-10		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-10 -
2025-07-12		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
propeller-tracking.com
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
*.news-xcemoce.com
E6		 2024-10-19 -
2025-01-17		 3 months crt.sh
unphionetor.com
R11		 2024-10-18 -
2025-01-16		 3 months crt.sh
beevakum.net
E5		 2024-10-28 -
2025-01-26		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Frame ID: 6EF1879EB18DD39B8F00878B08C33B00
Requests: 98 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=swarafakta&t_u=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&t_d=Hasto%20PDI-P%3A%20Effendi%20Simbolon%20Tak%20Dipecat%20jika%20Bertemu%20Prabowo%2C%20Bukan%20Jokowi&t_t=Hasto%20PDI-P%3A%20Effendi%20Simbolon%20Tak%20Dipecat%20jika%20Bertemu%20Prabowo%2C%20Bukan%20Jokowi&s_o=default
Frame ID: 496F8EF2002BDD7599C70ED5A0A7EAA7
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 0C691B919EA9CD7444F8275781C68DBE
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 231FBADE12817046F80E2EE5E2FD8609
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Smartphone, Tv, Notebook, Elettrodomestici | MediaWorld

Page URL History Show full URLs

  1. https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-j... Page URL
  2. https://go.sndirectsb.com/go/42dc788e-2071-40a6-987d-f3061b1e4f78?cost=0.050000&clickid=46d09b5c7d376c... HTTP 302
    https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

98 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

23
IPs

6
Countries

2080 kB
Transfer

3034 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/ Page URL
  2. https://go.sndirectsb.com/go/42dc788e-2071-40a6-987d-f3061b1e4f78?cost=0.050000&clickid=46d09b5c7d376c070e13316c3d501acb&placementid=24617828&campid=1154576&remote_country=Italy&country_code=IT&bannerid=3186780 HTTP 302
    https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://sometimeadministratormound.com/watch.1504353238731.js?key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22%2C%22jika%22%2C%22bertemu%22%2C%22prabowo%22%2C%22bukan%22%2C%22jokowi%22%2C%22-%22%2C%22swarafakta%22%2C%22-%22%2C%22baca%22%2C%22berita%22%2C%22terbaru%22%2C%22hari%22%2C%22ini%22%5D&refer=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&tz=1&dev=r&res=14.4127&rb=&uuid=737cea14-e070-46ff-bf6d-756432aa0ace%3A2%3A1 HTTP 307
  • https://sometimeadministratormound.com/watch.1504353238731.js?dev=r&key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22%2C%22jika%22%2C%22bertemu%22%2C%22prabowo%22%2C%22bukan%22%2C%22jokowi%22%2C%22-%22%2C%22swarafakta%22%2C%22-%22%2C%22baca%22%2C%22berita%22%2C%22terbaru%22%2C%22hari%22%2C%22ini%22%5D&pst=1733102813&rb=&refer=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&res=14.4127&rmtc=t&shu=8fe38baf118a949425c9fa9561c4eb2cba7b1b3d1eac55d500207c7e65906b46379787f3d05df1728b5dff6a069164252279313a36758e9d82eb77f2c8e93d885f2a0ba7d6d55caebad530e119c1b314d908e0e987d8076adcb3&tz=1&uuid=737cea14-e070-46ff-bf6d-756432aa0ace%3A2%3A1

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/ 		30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
f470a0ac15c250521cc0c8df1acedcad7c447c7673c5cdca583fa39302e5a86f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 01:25:51 GMT
etag
"2aa96f87f21fa1c7ab7c1cc237fdedc6-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JE2FJKVMT0T8E01N5MMXR41G
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
ce33194867312cfba76a4d9c6525a906ad8f3562b70a95e4175fc8a67b54e2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 01:25:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 02 Dec 2024 01:25:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
swarafakta.my.id/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swarafakta.my.id/css/style.css
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
e58c4baadbcdb8784c6417a710d2de380d7ba9bb00093e3eb204d97dd30d66ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"457022950eabb9dde4725c49329e10b6-ssl-df"
age
0
accept-ranges
bytes
x-nf-request-id
01JE2FJM1DDJD6PSBVEPWR3D27
cache-status
"Netlify Edge"; fwd=miss
date
Mon, 02 Dec 2024 01:25:51 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
Netlify
logo-top6.png
swarafakta.my.id/img/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swarafakta.my.id/img/logo-top6.png
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
ee188ef9d8718188c49d1b286f604bd36c095371b0a814ece1b266db436e4266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"0b6b759882f4a3c981039d997ea3ba56-ssl"
age
38
accept-ranges
bytes
content-length
79182
x-nf-request-id
01JE2FJM1JCZ2MQYPMRWNZV42T
cache-status
"Netlify Edge"; hit
date
Mon, 02 Dec 2024 01:25:51 GMT
content-type
image/png
server
Netlify
invoke.js
www.topcpmcreativeformat.com/bdae482765f3013972343e6a8bac2743/ 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topcpmcreativeformat.com/bdae482765f3013972343e6a8bac2743/invoke.js
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
9a194737f52350f171092941232fdeb3d11c69afc869f17bf67af5173b353691
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
68544b4db1451ed4c39435ec435ab799
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 02 Dec 2024 01:25:52 GMT
Content-Type
application/javascript
Host
www.topcpmcreativeformat.com
Server
nginx/1.21.6
avatar.png
swarafakta.my.id/img/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swarafakta.my.id/img/avatar.png
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
80d86009cda6292c546e9a85762725c788f8ed382dc730228fde860ef3716c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"88fc796b6493b8ef88a2da95b2a7598b-ssl"
age
0
accept-ranges
bytes
content-length
40392
x-nf-request-id
01JE2FJMNMM0NYC2HQF34MB90R
cache-status
"Netlify Edge"; fwd=miss
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
image/png
server
Netlify
menu.js
swarafakta.my.id/js/ 		723 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://swarafakta.my.id/js/menu.js
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-10-80.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
d7df5597d8d0a6669262b56cf82be299f1e6313a1a5190e8f4249f0f20fd3129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"64ad636f06232693dc7d808051843887-ssl"
age
0
accept-ranges
bytes
content-length
723
x-nf-request-id
01JE2FJMNQ3SN4X2B5VC4CAS91
cache-status
"Netlify Edge"; fwd=miss
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
application/javascript; charset=UTF-8
server
Netlify
101467200.js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/101467200.js
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b0b4564225fc5ca0e1ef6153ee6377070682a59da640312576bc2dcd9cb703

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
public, max-age=604800
content-encoding
gzip
cf-cache-status
HIT
age
83
cf-ray
8eb7868daa5bdca5-FRA
expires
Mon, 09 Dec 2024 01:25:52 GMT
x-proxy-cache
MISS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sun, 01 Dec 2024 23:17:13 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://swarafakta.my.id
Referer
https://fonts.googleapis.com/

Response headers

age
530789
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://swarafakta.my.id
Referer
https://fonts.googleapis.com/

Response headers

age
371659
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 18:11:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 18:11:33 GMT
last-modified
Thu, 14 Dec 2023 02:02:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19280
x-xss-protection
0
server
sffe
stats
proftrafficcounter.com/ 		40 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: www.topcpmcreativeformat.com
URL: https://www.topcpmcreativeformat.com/bdae482765f3013972343e6a8bac2743/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.115.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-115-184.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
5c689603abbe342ab5215a62a296e3acd47e7b5ed7fecc391acc2b34aa34366d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

access-control-allow-origin
https://swarafakta.my.id
content-length
40
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
text/html; charset=UTF-8
vary
Origin
server
fasthttp
access-control-allow-credentials
true
embed.js
swarafakta.disqus.com/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarafakta.disqus.com/embed.js
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
15137ea2ede418aac1363549bf93bc73f203ba9a1455757bce28f890a0b1b7c7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control
private, max-age=60
x-service
router_nr
content-encoding
gzip
Age
0
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Content-Length
26440
Date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
application/javascript; charset=utf-8
Vary
Accept-Encoding
server
openresty
64abc60a61571.jpg
asset.kompas.com/crops/bu6EJqqi8nYIDARNTJKhKDXtoXo=/0x0:0x0/1200x800/data/photo/2023/07/10/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/bu6EJqqi8nYIDARNTJKhKDXtoXo=/0x0:0x0/1200x800/data/photo/2023/07/10/64abc60a61571.jpg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-87.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
0df13b5460a53f81a43fcbd2474a2422d1a39b8b481478baed8de38cca52eb06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

x-cache-status
MISS
cache-control
max-age=31536000
etag
"39fb05985694c04650567295ae61a77c3652f633"
age
83012
access-control-allow-methods
GET, OPTION
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Mon, 01 Dec 2025 02:22:20 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
104585
x-amz-cf-id
p1iAtx229emLufEqiMeeoMSywhzVr3ppyhj4lj_rPhDcexDhFeImEg==
date
Sun, 01 Dec 2024 02:22:20 GMT
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
server
nginx
habib-rizieq-tiba-di-acara-reuni-212_169.jpeg
awsimages.detik.net.id/api/wm/2024/12/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/api/wm/2024/12/02/habib-rizieq-tiba-di-acara-reuni-212_169.jpeg?wid=0&w=650&v=1&t=jpeg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
st3 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache_wm
HIT, HIT
date
Mon, 02 Dec 2024 01:25:53 GMT
cache-status
HIT
content-type
image/jpeg
vary
Accept-Encoding
middle-cache
HIT
server
st3
x-frame-options
SAMEORIGIN
670f232ad932d.jpg
asset.kompas.com/crops/eIZ-J3AvMrx_3xEVQ3VJW5KrCHs=/0x0:0x0/1200x800/data/photo/2024/10/16/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/eIZ-J3AvMrx_3xEVQ3VJW5KrCHs=/0x0:0x0/1200x800/data/photo/2024/10/16/670f232ad932d.jpg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-87.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d92a9fcce8e022acfed1722f7ab1a4a762bd92de5a0875e70c18c05f077b3666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

x-cache-status
MISS
cache-control
max-age=31536000
etag
"322b12e6a03f60538b152a565b55eb30091f2341"
age
78361
access-control-allow-methods
GET, OPTION
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Mon, 01 Dec 2025 03:39:51 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
50780
x-amz-cf-id
Rj_JMAoeTY3QaFT76oTe7fQ8nJaSetyiwpwuwV8VE6EA9w4s9o5r2A==
date
Sun, 01 Dec 2024 03:39:51 GMT
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
server
nginx
fny-bpjs-2.jpg
images.bisnis.com/posts/2024/12/02/1820653/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.bisnis.com/posts/2024/12/02/1820653/fny-bpjs-2.jpg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29848f8489dda96cfc44b8721406fccc745aee97f141fc083d7cf956a774166c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"674ce443-fc06"
age
9822
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 01:25:53 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=64518
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 01:25:53 GMT
content-type
image/webp
content-disposition
inline; filename="fny-bpjs-2.webp"
vary
Accept
last-modified
Sun, 01 Dec 2024 22:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
cf-ray
8eb7868e9e644d8a-FRA
x-xss-protection
1; mode=block
server
cloudflare
pt-kai-mengatur-pola-operasi-ka-jarak-jauh-keberangkatan-dari-stasiun-gambir-dengan-akan-diberhentikan-di-stasiun-jatinegara-m_169.jpeg
awsimages.detik.net.id/api/wm/2024/03/09/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/api/wm/2024/03/09/pt-kai-mengatur-pola-operasi-ka-jarak-jauh-keberangkatan-dari-stasiun-gambir-dengan-akan-diberhentikan-di-stasiun-jatinegara-m_169.jpeg?wid=0&w=650&v=1&t=jpeg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
st3 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache_wm
HIT, HIT
date
Mon, 02 Dec 2024 01:25:53 GMT
cache-status
HIT
content-type
image/jpeg
vary
Accept-Encoding
middle-cache
HIT
server
st3
x-frame-options
SAMEORIGIN
1420471011-fot0149780x390.JPG
asset.kompas.com/crops/M6del7J2pe4SPtFX8kHqyDx-QEg=/115x0:700x390/1200x800/data/photo/2015/06/30/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/M6del7J2pe4SPtFX8kHqyDx-QEg=/115x0:700x390/1200x800/data/photo/2015/06/30/1420471011-fot0149780x390.JPG
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-87.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3f2c600fa25ebdec3c1e5e5a22cb44b9d9d111e66eb6ce05ccf1239cb6c70e25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

x-cache-status
HIT
cache-control
max-age=31536000
etag
"4af4c8a243ece8aa69c3f9ef0de14293ea47ba93"
age
86782
access-control-allow-methods
GET, OPTION
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Mon, 01 Dec 2025 01:19:30 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
65573
x-amz-cf-id
_f19JY50oEO5lEpYGNbUwOXabio80_v-AgGHSBZuy7t2bTwxNfwIiA==
date
Sun, 01 Dec 2024 01:19:30 GMT
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
server
nginx
juru-bicara-jubir-pdip-chico-hakim-1_169.jpeg
awsimages.detik.net.id/api/wm/2024/06/28/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/api/wm/2024/06/28/juru-bicara-jubir-pdip-chico-hakim-1_169.jpeg?wid=0&w=650&v=1&t=jpeg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.102 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-102-221-49-103.detik.com
Software
st3 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=315360000
content-encoding
gzip
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache_wm
HIT, HIT
date
Mon, 02 Dec 2024 01:25:53 GMT
cache-status
HIT
content-type
image/jpeg
vary
Accept-Encoding
middle-cache
HIT
server
st3
x-frame-options
SAMEORIGIN
636c70b53332a.jpg
asset.kompas.com/crops/sm_XTZjTgJpIx9ewjT3wkW_0Ryk=/0x0:0x0/1200x800/data/photo/2022/11/10/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.kompas.com/crops/sm_XTZjTgJpIx9ewjT3wkW_0Ryk=/0x0:0x0/1200x800/data/photo/2022/11/10/636c70b53332a.jpg
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-87.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
cc6b5988c2d42f521f95d15f0984812f456ead21914899ba9f9fe32fe67ce305

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

x-cache-status
HIT
cache-control
max-age=31536000
etag
"8bbc78eb428e3dc4861f6e065f2e00ba83848706"
age
10871
access-control-allow-methods
GET, OPTION
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Mon, 01 Dec 2025 22:24:41 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
205208
x-amz-cf-id
by9YG1-ABQWA9WlCpyQRPdzfK7saqO0gGWSGa1DuSVUZSTM-sulkGA==
date
Sun, 01 Dec 2024 22:24:41 GMT
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
server
nginx
watch.1504353238731.js
sometimeadministratormound.com/
Redirect Chain
  • https://sometimeadministratormound.com/watch.1504353238731.js?key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22%2C%22...
  • https://sometimeadministratormound.com/watch.1504353238731.js?dev=r&key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22...
2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sometimeadministratormound.com/watch.1504353238731.js?dev=r&key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22%2C%22jika%22%2C%22bertemu%22%2C%22prabowo%22%2C%22bukan%22%2C%22jokowi%22%2C%22-%22%2C%22swarafakta%22%2C%22-%22%2C%22baca%22%2C%22berita%22%2C%22terbaru%22%2C%22hari%22%2C%22ini%22%5D&pst=1733102813&rb=&refer=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&res=14.4127&rmtc=t&shu=8fe38baf118a949425c9fa9561c4eb2cba7b1b3d1eac55d500207c7e65906b46379787f3d05df1728b5dff6a069164252279313a36758e9d82eb77f2c8e93d885f2a0ba7d6d55caebad530e119c1b314d908e0e987d8076adcb3&tz=1&uuid=737cea14-e070-46ff-bf6d-756432aa0ace%3A2%3A1
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

X-Request-ID
b32f94d4f339c907000ace2f95658973
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 02 Dec 2024 01:25:53 GMT
Content-Type
text/html
Host
sometimeadministratormound.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://swarafakta.my.id
Access-Control-Allow-Origin
https://swarafakta.my.id
Server
nginx/1.19.5

Redirect headers

X-Request-ID
c10def14fe50461eaf4310d1a9f28b16
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 02 Dec 2024 01:25:53 GMT
Content-Type
text/html
Host
sometimeadministratormound.com
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Location
https://sometimeadministratormound.com/watch.1504353238731.js?dev=r&key=bdae482765f3013972343e6a8bac2743&kw=%5B%22hasto%22%2C%22pdi-p%22%2C%22effendi%22%2C%22simbolon%22%2C%22tak%22%2C%22dipecat%22%2C%22jika%22%2C%22bertemu%22%2C%22prabowo%22%2C%22bukan%22%2C%22jokowi%22%2C%22-%22%2C%22swarafakta%22%2C%22-%22%2C%22baca%22%2C%22berita%22%2C%22terbaru%22%2C%22hari%22%2C%22ini%22%5D&pst=1733102813&rb=&refer=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&res=14.4127&rmtc=t&shu=8fe38baf118a949425c9fa9561c4eb2cba7b1b3d1eac55d500207c7e65906b46379787f3d05df1728b5dff6a069164252279313a36758e9d82eb77f2c8e93d885f2a0ba7d6d55caebad530e119c1b314d908e0e987d8076adcb3&tz=1&uuid=737cea14-e070-46ff-bf6d-756432aa0ace%3A2%3A1
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://swarafakta.my.id
Access-Control-Allow-Origin
https://swarafakta.my.id
Content-Length
0
Server
nginx/1.19.5
/
disqus.com/embed/comments/ Frame 496F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=swarafakta&t_u=https%3A%2F%2Fswarafakta.my.id%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&t_d=Hasto%20PDI-P%3A%20Effendi%20Simbolon%20Tak%20Dipecat%20jika%20Bertemu%20Prabowo%2C%20Bukan%20Jokowi&t_t=Hasto%20PDI-P%3A%20Effendi%20Simbolon%20Tak%20Dipecat%20jika%20Bertemu%20Prabowo%2C%20Bukan%20Jokowi&s_o=default
Requested by
Host: swarafakta.disqus.com
URL: https://swarafakta.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swarafakta.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3029
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 02 Dec 2024 01:25:53 GMT
ETag
W/"lounge:view:10393203729.c00ea586de514754c1968307b4cfe985.2"
Last-Modified
Mon, 02 Dec 2024 01:25:53 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
in.php
in.getclicky.com/ 		117 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101467200&href=%2Fberita%2Fhasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886%2F&title=Hasto%20PDI-P%3A%20Effendi%20Simbolon%20Tak%20Dipecat%20jika%20Bertemu%20Prabowo%2C%20Bukan%20Jokowi%20-%20SwaraFakta%20-%20Baca%20berita%20terbaru%20hari%20ini&res=1600x1200&lang=it-IT&tz=Europe%2FRome&tc=&ck=1&x=2hpb4o
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/101467200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8eb7868f7c83dca5-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 01:25:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
Primary Request /
eu.rdrfles.com/sweeps/
Redirect Chain
  • https://go.sndirectsb.com/go/42dc788e-2071-40a6-987d-f3061b1e4f78?cost=0.050000&clickid=46d09b5c7d376c070e13316c3d501acb&placementid=24617828&campid=1154576&remote_country=Italy&country_code=IT&ban...
  • https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjg...
121 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Requested by
Host: swarafakta.my.id
URL: https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7967fd3bb1ea4c3dcfc1b7b663a9d95fc2891a19932b952f3c8359b635c6342e

Request headers

Referer
https://swarafakta.my.id/berita/hasto-pdi-p-effendi-simbolon-tak-dipecat-jika-bertemu-prabowo-bukan-jokowi-7a886/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 01:26:05 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin
*
cache-control
no-cache
content-length
1306
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 01:25:53 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
server
openresty
vary
Accept
x-response-time
6.834ms
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: swarafakta.disqus.com
URL: https://swarafakta.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-43.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

content-encoding
gzip
surrogate-key
next
etag
"66f6bd2d-67d2"
age
5409750
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 10:43:25 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
WPaNYkafVSzyI-s9-JPnYWJE63TVS2I-nUMuqzZLX_Aa4IlQXGgdmw==
date
Mon, 30 Sep 2024 10:43:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 14:11:57 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
26578
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA6-C1
server
nginx
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 0C69 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: swarafakta.disqus.com
URL: https://swarafakta.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-43.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

content-encoding
gzip
surrogate-key
next
etag
"66e9ff51-f4"
age
6391143
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 02:06:52 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Yz4AnuTUcwV5c9HZbwpxT0l6F305KIkkmebbJOvb2y4ffl9R6qzJsA==
date
Thu, 19 Sep 2024 02:06:52 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 22:14:41 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
244
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA6-C1
server
nginx
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 231F 		337 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: swarafakta.disqus.com
URL: https://swarafakta.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-43.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

content-encoding
gzip
surrogate-key
next
etag
"66e9ff51-f4"
age
6391143
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 02:06:52 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Yz4AnuTUcwV5c9HZbwpxT0l6F305KIkkmebbJOvb2y4ffl9R6qzJsA==
date
Thu, 19 Sep 2024 02:06:52 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 22:14:41 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
244
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA6-C1
server
nginx
pixel.gif
cdn.viglink.com/images/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.9493195529079794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-42.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=15, must-revalidate
etag
"221d8352905f2c38b3cb2bd191d630b0"
age
4
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
43
x-amz-cf-id
onV-k9hRm2YFkrpgk5cNqqh9-m9OQzMSFaGzcVjkfrE_alhiIy3I-Q==
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
image/gif
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
pixel.gif
cdn.viglink.com/images/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.9493195529079794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-42.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swarafakta.my.id/

Response headers

cache-control
max-age=15, must-revalidate
etag
"221d8352905f2c38b3cb2bd191d630b0"
age
4
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
43
x-amz-cf-id
H10yKI6VoIR41IUf6y-ELfNutsGpD9L3jXpLuJtGx9Y8kT3Q7KRN2w==
date
Mon, 02 Dec 2024 01:25:52 GMT
content-type
image/gif
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
ping
links.services.disqus.com/api/ 		315 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://swarafakta.my.id/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://swarafakta.my.id
Content-Length
315
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Date
Mon, 02 Dec 2024 01:25:55 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache-Coyote/1.1
sync.gif
links.services.disqus.com/api/ 		0
0
domains
links.services.disqus.com/api/ 		74 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://swarafakta.my.id/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://swarafakta.my.id
Content-Length
74
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Date
Mon, 02 Dec 2024 01:25:56 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache-Coyote/1.1
jquery.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/jquery.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
453432f153a63654fa6f63c846eaf7ee9e8910165413ba3cc0f80cbeed7c302e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"1538f-621389acee090"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:59 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 01:26:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 01:26:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 01 Dec 2024 23:41:23 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
popper.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/popper.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"4e7f-621389b09c756"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:03 GMT
bootstrap.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		62 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/bootstrap.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"f708-621389ad9cd8e"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:00 GMT
styles.min.css
eu.rdrfles.com/sweeps/templates/base_template/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/styles.min.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f43344992c45e63a9dfd7db558c3d53390cb429bd997a1b5be5ce3215d029c52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"17a7-621389aef884c"
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:01 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/ 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"660cc074-49fa"
age
253976
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRQNgsY8MUSa3h%2FdgVcY6QYtMRONxyjwY1NQTSpHb97ZqqxDfqiK9VT97zQ4ATGlmmCh8apudI%2BtW7wUODtpRMkZhy%2FSkRfzDwaEumoGzci%2FUVM5ywx0BA77ZSFnrLg2vydqgsuA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 01:26:05 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 01:26:05 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 03 Apr 2024 02:35:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eb786de2f065d6d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18938
server
cloudflare
mdb.min.css
eu.rdrfles.com/sweeps/templates/base_template/ 		370 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/mdb.min.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1c7724878e4926be0b7fe3c1bb72b334ac1c48f7db0ae396e1899f6cd6c2b259

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"5c6fb-621389a8812c7"
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:54 GMT
p.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/p.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c92c07fa34e48d71a6bb6866a6b1ff197b0ddbcf421c0a159a089b50c8dd19e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"e64-621389b108dc9"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:03 GMT
style.min.css
eu.rdrfles.com/sweeps/templates/base_template/ 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/style.min.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b03608017115b51cdc0e1e28beed1507e95b3483dfff70622dca295e21b25862

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"894-621389a659646"
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:52 GMT
fv.js
propeller-tracking.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=87026
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Mon, 02 Dec 2024 01:26:05 GMT
content-type
text/javascript; charset=utf8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-origin
server
nginx
process.js
news-xcemoce.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xcemoce.com/process.js?id=1239203935&p1=d5715217-8a4d-4deb-97f0-74380a2f2797&p2=it&p3=sub3&p4=sub4
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
9636050b4de4ca105c80149ca4c45f27a742fdf73e9e669cecda5ef727e55622

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
0
date
Mon, 02 Dec 2024 01:26:06 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
mobileheader.jpg
eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/mobileheader.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
446d9ed0d16a660db55cffbee4cf126f233a7a4fb98ed927dc3c72c18a291919

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
40323
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"9d83-62138a80b8315"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:24:41 GMT
server
nginx
header.jpg
eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/header.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5a01a9b81ce70e43bc753a5c1b3cbabce0b707a2ba24e97504db1d331fb95d95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
119143
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"1d167-62138a8164133"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:24:42 GMT
server
nginx
shop_shopper2.jpg
eu.rdrfles.com/sweeps/templates/base_template/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/shop_shopper2.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
53b602159ae1187d1749ee2a3189f19179e4d496e51849433288315239ab277c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
37912
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"9418-621389ac29bcd"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:20:58 GMT
server
nginx
checkoutpic.png
eu.rdrfles.com/sweeps/templates/offers/15/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/offers/15/checkoutpic.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3f4257dfcecd4f8f7119395f5e8fce79cc6c2c223050d486f8e66b5006dcb574

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
26528
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"67a0-62138a64b6f03"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:24:12 GMT
server
nginx
style.min.css.1.css
eu.rdrfles.com/sweeps/templates/base_template/ 		1 KB
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/style.min.css.1.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b43e5461a9cfe889612d3140b32410017170415bb56b6ec46bcd40886c43eb32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"400-621389afac36b"
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:02 GMT
template.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		2 KB
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/template.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ef455ba3515ad45c577a2f582afae4eacab162d480c121f861696e94e03d1c9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"992-621389b14d395"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:03 GMT
firstmodalpackage.png
eu.rdrfles.com/sweeps/templates/base_template/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/firstmodalpackage.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
950c9b9d10c02843ca4038e5fadcf5cc0d140a9127f3dc06d7f9d582b7fb66ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
21647
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"548f-621389b2d8bfb"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:21:05 GMT
server
nginx
style.min.css.1.1.css
eu.rdrfles.com/sweeps/templates/base_template/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/style.min.css.1.1.css
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
766a882287cb66f0572f5b000f6e21950e594e033d4c5faa0541e6d170cb4a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"cdd-621389a79ca5f"
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:53 GMT
box-04.png
eu.rdrfles.com/sweeps/templates/offers/15/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/offers/15/box-04.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3f4257dfcecd4f8f7119395f5e8fce79cc6c2c223050d486f8e66b5006dcb574

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
26528
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"67a0-62138a61d59a1"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:24:09 GMT
server
nginx
box-01.png
eu.rdrfles.com/sweeps/templates/base_template/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/box-01.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4d9f8763c93d44cb444ad95e36bb17ae2e2a6c94e6a69fdf4f38bd7f0e0652ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
14406
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"3846-621389a9f830a"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:56 GMT
server
nginx
box-03.png
eu.rdrfles.com/sweeps/templates/base_template/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/box-03.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
05183cb3652b2ccbb0da9b484d39a5a3b45f5d7afc378901e8ecffa8730b1de8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
3270
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"cc6-621389a5b4589"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:51 GMT
server
nginx
box-02.png
eu.rdrfles.com/sweeps/templates/base_template/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/box-02.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
50bd1346c8c993ed7ed7b6f867eb5631d40a511e466b2dda5c0e2eda3a638862

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
7989
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"1f35-621389a8ac24f"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:54 GMT
server
nginx
box.js
eu.rdrfles.com/sweeps/templates/base_template/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/box.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
de8647eb44a19e528d4449d7a81fb5bcc65636d6501e9496f72918b8ba175fcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"1198-621389aaa9ee9"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:57 GMT
box-00.png
eu.rdrfles.com/sweeps/templates/base_template/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/box-00.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ffd2e5b9e6b6b2b7b9b2011ae27feea2218baaab5b9553539d46e418d5327ba0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
20670
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"50be-621389a95ce8e"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:55 GMT
server
nginx
unnamed-user.png
eu.rdrfles.com/sweeps/templates/base_template/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/unnamed-user.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
53fc49c067556b629040e14387ad0fc6015c417c80371feac68320f8ddb157a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
1378
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"562-621389a432965"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:50 GMT
server
nginx
commface2.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface2.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fcdb82e9783e2e222ccd425184d1b700d322b808b9c2f3d7348d6ddc8950ae4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
18707
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"4913-621389ed4284b"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:06 GMT
server
nginx
commfacesupport.png
eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/commfacesupport.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
93b6f0846cec8b67ec8eeaa0e11509a2cad9220012fbbb511853f92ac1a30aa2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
8963
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"2303-62138a809fc70"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:24:41 GMT
server
nginx
commface1.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface1.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd0bb63e88fcd154dcce32108e45ec59accd5c3425cd0ceaed3677a9edb42d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
22978
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"59c2-621389ec90c6c"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:06 GMT
server
nginx
comments_photo_1.jpg
eu.rdrfles.com/sweeps/templates/offers/15/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/offers/15/comments_photo_1.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cf51f6ec4cc7641796d38c6dde9cf3f57d09cc8e61e3a2b51a2b0d6e9aae6f41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
98039
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"17ef7-62138a62a1b65"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:24:09 GMT
server
nginx
commface8.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface8.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1f206572aecd31b138dcfa5d59cea072c6a9ed0f615be13e8eacb27a17b30148

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
20474
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"4ffa-621389ea353c1"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:03 GMT
server
nginx
commface9.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface9.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
90592ec48b28b2bae8794d5213989563c557a609867bb01d5653d8d4fa9e697e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
16957
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"423d-621389eae3120"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:04 GMT
server
nginx
comments_photo_2.jpg
eu.rdrfles.com/sweeps/templates/offers/15/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/offers/15/comments_photo_2.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f44f8135f924d26908f86de611ebcf8a4e527044ad5bed23424806df2af4a48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
75178
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"125aa-62138a640b0e4"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:24:11 GMT
server
nginx
commface14.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface14.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
034c45c1556a000244d4d2a1db1947d82e28f674c3ea32a42de8e7c1d740960f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
21589
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"5455-621389ef6d3ad"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:09 GMT
server
nginx
commface10.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface10.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bf910cbf12f89daa01599715da2378524f9caf574c1b832bbca4f406c87188

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
17636
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"44e4-621389ec37e7c"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:05 GMT
server
nginx
commface11.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface11.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7ae575605b737012a785a065124d9c8ce5e2ea558c84154291339f607327772a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
21913
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"5599-621389ece6b7b"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:06 GMT
server
nginx
commface3.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface3.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
821588cca3335464399a0b504bd1cf81b3e219e3b102925904f696dc8a120f1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
21888
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"5580-621389ee464b9"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:07 GMT
server
nginx
comments_photo_3.jpg
eu.rdrfles.com/sweeps/templates/offers/15/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/offers/15/comments_photo_3.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f364d655ba8aef20fe347fb3d26f6f4dacc2f406b1d2a5ba0cb7101cbe27d238

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
74881
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"12481-62138a641ba87"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:24:11 GMT
server
nginx
commface4.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface4.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
88834ddada9515f425fce7f76f10113f2a5428da043a08ad5ed515f110e05a6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
13555
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"34f3-621389eef3278"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:08 GMT
server
nginx
commface5.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface5.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
775a41fb8fec18ad009e1407deab8ef51a0b0d127fa00254a5905f197b6d1dd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
15440
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"3c50-621389ef9f096"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:09 GMT
server
nginx
commface6.jpg
eu.rdrfles.com/sweeps/geos/it/comments_faces/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/geos/it/comments_faces/commface6.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b44de474a8caa07d31a9a26bd21d85f1f570baaa55114c2c40619ed5f5ff5316

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
19962
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"4dfa-621389eeafc4c"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:22:08 GMT
server
nginx
script.js
eu.rdrfles.com/sweeps/templates/base_template/ 		426 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/script.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0cff6395202d37923488943c34b51629e532e9c2cd57cf0aacc45f76153d6794

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"1aa-621389ad8b44b"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:00 GMT
confetti.js
eu.rdrfles.com/sweeps/templates/base_template/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/confetti.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
047ef33f2cf7daafe3029d25d9439705b2ca5bdc26adf2f8a7019c03644b1e31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"1326-621389a3a20cb"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:20:49 GMT
parceliconfornot.png
eu.rdrfles.com/sweeps/templates/base_template/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/parceliconfornot.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e22695935ae48b74f77ccbd6beb5a161abda09e673ae3cf96bf209f64f85596c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
8285
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"205d-621389a50682a"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:51 GMT
server
nginx
mdb.umd.min.js
eu.rdrfles.com/sweeps/templates/base_template/ 		122 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/mdb.umd.min.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5bf26fb6f5017fc29c44aa65b31b3da6217cc09f22a3762de5bdace1986c8f11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
W/"1e8f7-621389b27ee6b"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 03 Sep 2024 15:21:05 GMT
vctx
unphionetor.com/ 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unphionetor.com/vctx?t=87026
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=87026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin
https://eu.rdrfles.com
date
Mon, 02 Dec 2024 01:26:06 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
micro.tag.min.js
beevakum.net/pfe/current/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
b68c0cf3999943cb526261177710deb123aaa648e26bac3d231bcefc19bd7437

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

cache-control
no-cache
content-encoding
gzip
etag
W/"6749c655-b108"
pragma
no-cache
access-control-allow-credentials
true
date
Mon, 02 Dec 2024 01:26:06 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:49:09 GMT
server
nginx
shop_bnr2.jpg
eu.rdrfles.com/sweeps/templates/base_template/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/shop_bnr2.jpg
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e7c24eea187d9525fb7bef132d4c27652941f6dfce808af565305f2ee163abda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
174084
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"2a804-621389a7fa670"
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 15:20:54 GMT
server
nginx
fb-icon.png
eu.rdrfles.com/sweeps/templates/base_template/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.rdrfles.com/sweeps/templates/base_template/fb-icon.png
Requested by
Host: eu.rdrfles.com
URL: https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0f10824f948c32623f56a112decc8d289fe6dbc0e54d5f30834de1993b16e60e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/?ts=d5715217-8a4d-4deb-97f0-74380a2f2797&cid=Cod9BzcoGCvD6EXvi3VBcw&key=eyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%3D%3D&offer=15&track=go.sndirectsb.com&geo=it&ltype=shop&bname=mediaworld&prefill=ad&bemobdata=c%3D42dc788e-2071-40a6-987d-f3061b1e4f78..l%3D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%3D0..b%3D0..z%3D0.05..e%3D46d09b5c7d376c070e13316c3d501acb..c1%3D24617828..c2%3D1154576..c3%3DItaly..c4%3DIT..c5%3D3186780..r%3Dhttps%253A%252F%252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%252F..ts%3D1733102753957

Response headers

accept-ranges
bytes
content-length
17576
date
Mon, 02 Dec 2024 01:26:05 GMT
etag
"44a8-621389aa222f1"
content-type
image/png
last-modified
Tue, 03 Sep 2024 15:20:56 GMT
server
nginx
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://eu.rdrfles.com
Referer
https://fonts.googleapis.com/

Response headers

age
380130
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://eu.rdrfles.com
Referer
https://fonts.googleapis.com/

Response headers

age
517401
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://eu.rdrfles.com
Referer
https://fonts.googleapis.com/

Response headers

age
323637
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 07:32:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 07:32:09 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://eu.rdrfles.com
Referer
https://fonts.googleapis.com/

Response headers

age
475644
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
sw-check-permissions-0db61.js
eu.rdrfles.com/ 		0
389 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sw-check-permissions-0db61.js?var=null&zoneId=5004716
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/

Response headers

content-encoding
br
date
Mon, 02 Dec 2024 01:26:06 GMT
etag
W/"236-5dc0c323b0400"
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 07 Apr 2022 08:23:44 GMT
zone
beevakum.net/ 		0
334 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/zone?pub=0&zone_id=5004716&is_mobile=false&domain=eu.rdrfles.com&var=null&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.574&trace_id=aa08c46a-fa5e-41b4-89b8-5e7ca820d20d&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=https://swarafakta.my.id/
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://eu.rdrfles.com
content-length
0
date
Mon, 02 Dec 2024 01:26:06 GMT
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
gid.js
my.rtmark.net/ 		65 B
1008 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5004716&checkDuplicate=true&ymid=&var=null&source=pusher
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd646c2bb35c052d2ab71d2ba1de93a5083680b196ef06501bdf1499a31c6f6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mN7X0dLFNhFJhdLj1A%2Fj6P2FH8R7BqPvNwJlpVBjBqrguYluUU7ExjGL7QjXBdjHSTX%2BUK0iBlmWV82AxJMi2lbZ232rCaSpfSRNVdwvnkeM9A%2F9w9aqhgOfr2KKvvAI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=21609&min_rtt=20813&rtt_var=7437&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3926&recv_bytes=2228&delivery_rate=184289&cwnd=232&unsent_bytes=0&cid=f75efd8cc38c5ed9&ts=125&x=0"
date
Mon, 02 Dec 2024 01:26:07 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8eb786e5de73dba9-FRA
access-control-allow-origin
https://eu.rdrfles.com
server
cloudflare
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
zone
beevakum.net/ 		473 B
842 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/zone?pub=0&zone_id=5004716&is_mobile=false&domain=eu.rdrfles.com&var=null&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.574&trace_id=aa08c46a-fa5e-41b4-89b8-5e7ca820d20d&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
de5c6cd10b00064c3f9b4f9031711c3723fd3d664a2f25115af9fd18744beeff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://eu.rdrfles.com
content-length
473
date
Mon, 02 Dec 2024 01:26:06 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
vbl
unphionetor.com/ 		0
568 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://unphionetor.com/vbl?t=87026&bid=undefined&aid=undefined
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=87026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin
https://eu.rdrfles.com
date
Mon, 02 Dec 2024 01:26:06 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
favicon.webp
eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/ 		806 B
941 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eu.rdrfles.com/sweeps/geos/it/brands/mediaworld/favicon.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.248.249.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
abdded7ece9b62c28323c3c8ff5c94f0b630306c1f3909b78b094808417dd52f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/sweeps/

Response headers

accept-ranges
bytes
content-length
806
date
Mon, 02 Dec 2024 01:26:06 GMT
etag
"326-62138a8164133"
content-type
image/webp
last-modified
Tue, 03 Sep 2024 15:24:42 GMT
server
nginx
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
event
beevakum.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://beevakum.net/event
Requested by
Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=5004716&var=null&sw=/sw-check-permissions-0db61.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://eu.rdrfles.com/

Response headers
vbri
unphionetor.com/ 		0
568 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://unphionetor.com/vbri?t=87026&bid=undefined&aid=undefined&tp=14887.800000011921
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=87026
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://eu.rdrfles.com/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin
https://eu.rdrfles.com
date
Mon, 02 Dec 2024 01:26:08 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
links.services.disqus.com
URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Popper object| bootstrap string| portal string| theme string| template string| brand_country object| dayNames object| monthNames string| img_regalo string| minutos_y string| segundos object| modalOptions function| stepfinal function| goToUrlFinish function| getBrowser function| getPlatform object| url object| s number| count number| intentos object| boxRoot function| getRandom object| mdb number| uidEvent function| getURLParameter function| buildQueryParams function| unloadHandler object| _PHV2SITE object| webpackChunklands_static object| _phv2Activator object| zfgformats

20 Cookies

Domain/Path Name / Value
swarafakta.my.id/ Name: isFTime_bdae482765f3013972343e6a8bac2743
Value: true
swarafakta.my.id/ Name: isFTime_bdae482765f3013972343e6a8bac2743_expiry
Value: Mon, 02 Dec 2024 01:25:52 GMT
proftrafficcounter.com/ Name: uid_id2
Value: 737cea14-e070-46ff-bf6d-756432aa0ace:2:1
swarafakta.my.id/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 737cea14-e070-46ff-bf6d-756432aa0ace%3A2%3A1
.bisnis.com/ Name: _cfuvid
Value: he1_phG4C_c2.3WMxqyQgmtf43d7v1yIqlRpK9wi7UI-1733102753063-0.0.1.1-604800000
sometimeadministratormound.com/ Name: u_pl24617828
Value: 1
sometimeadministratormound.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDYxNzgyOCwiayI6ImJkYWU0ODI3NjVmMzAxMzk3MjM0M2U2YThiYWMyNzQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MzA5OTIxLCJwaWQiOjIyMTY2NzIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJ0dGdlaDQwdCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjE0MzYyODQsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTM2MTQyLCJibiI6IkNocm9tZSIsImJ2IjoiMTMxIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTA4LCJjIjoiSVQiLCJuIjoiSXRhbHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJHbG9iYWwgUm91dGVyIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zd2FyYWZha3RhLm15LmlkL2Jlcml0YS9oYXN0by1wZGktcC1lZmZlbmRpLXNpbWJvbG9uLXRhay1kaXBlY2F0LWppa2EtYmVydGVtdS1wcmFib3dvLWJ1a2FuLWpva293aS03YTg4Ni8iLCJhciI6W119fQ.OBVWvL4N6oE0MvVYf_4aD5OWBMbeaDYKMcssrZos-OQ
sometimeadministratormound.com/ Name: uid_id2
Value: 737cea14-e070-46ff-bf6d-756432aa0ace:2:1
sometimeadministratormound.com/ Name: iprc471b20fd74d75a9ed07e69e4ba940fb6
Value: 5664233
sometimeadministratormound.com/ Name: pdhtkv
Value: true
sometimeadministratormound.com/ Name: uncs
Value: 1
sometimeadministratormound.com/ Name: pdhtkv5
Value: true
sometimeadministratormound.com/ Name: uncs5
Value: 1
swarafakta.my.id/ Name: imprCounter_bdae482765f3013972343e6a8bac2743_expiry
Value: Tue, 03 Dec 2024 01:25:53 GMT
swarafakta.my.id/ Name: imprCounter_bdae482765f3013972343e6a8bac2743
Value: 1
.go.sndirectsb.com/ Name: bemob-viewer-id
Value: eb550441-9b0d-47e4-9dea-141c32bf09b3
.go.sndirectsb.com/ Name: bemob-uniq-visit:42dc788e-2071-40a6-987d-f3061b1e4f78
Value: 1
.go.sndirectsb.com/ Name: bemob-rotation:42dc788e-2071-40a6-987d-f3061b1e4f78:random:3155385e287e5b063b8ef38dc8e6b12c
Value: 0-0-0
.go.sndirectsb.com/ Name: bemob-track-url
Value: https%3A%2F%2Feu.rdrfles.com%2Fsweeps%2F%3Fts%3Dd5715217-8a4d-4deb-97f0-74380a2f2797%26cid%3DCod9BzcoGCvD6EXvi3VBcw%26key%3DeyJ0aW1lc3RhbXAiOiIxNzMzMTAyNzUzIiwiaGFzaCI6IjBiZTZiYThkMzI5ODJkYjEzM2U3MGIzZGY0OTk2NGQzZmYxZjgwYmMifQ%253D%253D%26offer%3D15%26track%3Dgo.sndirectsb.com%26geo%3Dit%26ltype%3Dshop%26bname%3Dmediaworld%26prefill%3Dad%26bemobdata%3Dc%253D42dc788e-2071-40a6-987d-f3061b1e4f78..l%253D38104a43-7c1b-46f8-8ac5-2370c71e8dcc..a%253D0..b%253D0..z%253D0.05..e%253D46d09b5c7d376c070e13316c3d501acb..c1%253D24617828..c2%253D1154576..c3%253DItaly..c4%253DIT..c5%253D3186780..r%253Dhttps%25253A%25252F%25252Fswarafakta~BEMOB_DOT~my~BEMOB_DOT~id%25252F..ts%253D1733102753957
my.rtmark.net/ Name: ID
Value: 018126fd21af4cb9f8d4e3a352173da4

1 Console Messages

Source Level URL
Text
rendering warning URL: https://eu.rdrfles.com/sweeps/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A04066045C030000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset.kompas.com
awsimages.detik.net.id
beevakum.net
c.disquscdn.com
cdn.viglink.com
cdnjs.cloudflare.com
disqus.com
eu.rdrfles.com
fonts.googleapis.com
fonts.gstatic.com
go.sndirectsb.com
images.bisnis.com
in.getclicky.com
links.services.disqus.com
my.rtmark.net
news-xcemoce.com
proftrafficcounter.com
propeller-tracking.com
sometimeadministratormound.com
static.getclicky.com
swarafakta.disqus.com
swarafakta.my.id
unphionetor.com
www.topcpmcreativeformat.com
links.services.disqus.com
103.49.221.102
104.16.225.240
104.17.25.14
104.18.8.94
104.248.249.91
13.224.189.87
139.45.197.236
139.45.197.240
139.45.197.250
142.250.185.170
142.250.185.195
143.204.215.42
151.101.192.134
172.240.108.76
188.114.96.3
192.243.59.13
199.232.192.64
199.232.196.134
23.158.56.123
3.127.216.164
3.65.115.184
3.75.10.80
99.86.4.43
034c45c1556a000244d4d2a1db1947d82e28f674c3ea32a42de8e7c1d740960f
047ef33f2cf7daafe3029d25d9439705b2ca5bdc26adf2f8a7019c03644b1e31
05183cb3652b2ccbb0da9b484d39a5a3b45f5d7afc378901e8ecffa8730b1de8
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0cff6395202d37923488943c34b51629e532e9c2cd57cf0aacc45f76153d6794
0df13b5460a53f81a43fcbd2474a2422d1a39b8b481478baed8de38cca52eb06
0f10824f948c32623f56a112decc8d289fe6dbc0e54d5f30834de1993b16e60e
0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
12b0b4564225fc5ca0e1ef6153ee6377070682a59da640312576bc2dcd9cb703
15137ea2ede418aac1363549bf93bc73f203ba9a1455757bce28f890a0b1b7c7
1c7724878e4926be0b7fe3c1bb72b334ac1c48f7db0ae396e1899f6cd6c2b259
1f206572aecd31b138dcfa5d59cea072c6a9ed0f615be13e8eacb27a17b30148
29848f8489dda96cfc44b8721406fccc745aee97f141fc083d7cf956a774166c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f2c600fa25ebdec3c1e5e5a22cb44b9d9d111e66eb6ce05ccf1239cb6c70e25
3f4257dfcecd4f8f7119395f5e8fce79cc6c2c223050d486f8e66b5006dcb574
446d9ed0d16a660db55cffbee4cf126f233a7a4fb98ed927dc3c72c18a291919
453432f153a63654fa6f63c846eaf7ee9e8910165413ba3cc0f80cbeed7c302e
4d9f8763c93d44cb444ad95e36bb17ae2e2a6c94e6a69fdf4f38bd7f0e0652ea
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
50bd1346c8c993ed7ed7b6f867eb5631d40a511e466b2dda5c0e2eda3a638862
53b602159ae1187d1749ee2a3189f19179e4d496e51849433288315239ab277c
53fc49c067556b629040e14387ad0fc6015c417c80371feac68320f8ddb157a4
5a01a9b81ce70e43bc753a5c1b3cbabce0b707a2ba24e97504db1d331fb95d95
5bf26fb6f5017fc29c44aa65b31b3da6217cc09f22a3762de5bdace1986c8f11
5c689603abbe342ab5215a62a296e3acd47e7b5ed7fecc391acc2b34aa34366d
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
5f44f8135f924d26908f86de611ebcf8a4e527044ad5bed23424806df2af4a48
766a882287cb66f0572f5b000f6e21950e594e033d4c5faa0541e6d170cb4a5c
775a41fb8fec18ad009e1407deab8ef51a0b0d127fa00254a5905f197b6d1dd9
7967fd3bb1ea4c3dcfc1b7b663a9d95fc2891a19932b952f3c8359b635c6342e
7ae575605b737012a785a065124d9c8ce5e2ea558c84154291339f607327772a
80d86009cda6292c546e9a85762725c788f8ed382dc730228fde860ef3716c0a
821588cca3335464399a0b504bd1cf81b3e219e3b102925904f696dc8a120f1e
88834ddada9515f425fce7f76f10113f2a5428da043a08ad5ed515f110e05a6b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
90592ec48b28b2bae8794d5213989563c557a609867bb01d5653d8d4fa9e697e
93b6f0846cec8b67ec8eeaa0e11509a2cad9220012fbbb511853f92ac1a30aa2
950c9b9d10c02843ca4038e5fadcf5cc0d140a9127f3dc06d7f9d582b7fb66ed
9636050b4de4ca105c80149ca4c45f27a742fdf73e9e669cecda5ef727e55622
9a194737f52350f171092941232fdeb3d11c69afc869f17bf67af5173b353691
abdded7ece9b62c28323c3c8ff5c94f0b630306c1f3909b78b094808417dd52f
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b03608017115b51cdc0e1e28beed1507e95b3483dfff70622dca295e21b25862
b43e5461a9cfe889612d3140b32410017170415bb56b6ec46bcd40886c43eb32
b44de474a8caa07d31a9a26bd21d85f1f570baaa55114c2c40619ed5f5ff5316
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b68c0cf3999943cb526261177710deb123aaa648e26bac3d231bcefc19bd7437
c0bf910cbf12f89daa01599715da2378524f9caf574c1b832bbca4f406c87188
c92c07fa34e48d71a6bb6866a6b1ff197b0ddbcf421c0a159a089b50c8dd19e0
cc6b5988c2d42f521f95d15f0984812f456ead21914899ba9f9fe32fe67ce305
cdd646c2bb35c052d2ab71d2ba1de93a5083680b196ef06501bdf1499a31c6f6
ce33194867312cfba76a4d9c6525a906ad8f3562b70a95e4175fc8a67b54e2d1
cf51f6ec4cc7641796d38c6dde9cf3f57d09cc8e61e3a2b51a2b0d6e9aae6f41
d7df5597d8d0a6669262b56cf82be299f1e6313a1a5190e8f4249f0f20fd3129
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d92a9fcce8e022acfed1722f7ab1a4a762bd92de5a0875e70c18c05f077b3666
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dcd0bb63e88fcd154dcce32108e45ec59accd5c3425cd0ceaed3677a9edb42d8
de5c6cd10b00064c3f9b4f9031711c3723fd3d664a2f25115af9fd18744beeff
de8647eb44a19e528d4449d7a81fb5bcc65636d6501e9496f72918b8ba175fcf
e22695935ae48b74f77ccbd6beb5a161abda09e673ae3cf96bf209f64f85596c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c4baadbcdb8784c6417a710d2de380d7ba9bb00093e3eb204d97dd30d66ea
e7c24eea187d9525fb7bef132d4c27652941f6dfce808af565305f2ee163abda
ee188ef9d8718188c49d1b286f604bd36c095371b0a814ece1b266db436e4266
ef455ba3515ad45c577a2f582afae4eacab162d480c121f861696e94e03d1c9b
f364d655ba8aef20fe347fb3d26f6f4dacc2f406b1d2a5ba0cb7101cbe27d238
f43344992c45e63a9dfd7db558c3d53390cb429bd997a1b5be5ce3215d029c52
f470a0ac15c250521cc0c8df1acedcad7c447c7673c5cdca583fa39302e5a86f
fcdb82e9783e2e222ccd425184d1b700d322b808b9c2f3d7348d6ddc8950ae4f
ffd2e5b9e6b6b2b7b9b2011ae27feea2218baaab5b9553539d46e418d5327ba0