rd.app Open in urlscan Pro
2606:4700:20::681a:673 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tiochicobank.com.br/
Effective URL:
https://rd.app/s/RZ5Es59hcxQ
Submission: On July 11 via automatic, source certstream-suspicious (July 11th 2024, 3:14:33 pm UTC) — Scanned from SG

Summary HTTP 75 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 75 HTTP transactions. The main IP is 2606:4700:20::681a:673, located in United States and belongs to CLOUDFLARENET, US. The main domain is rd.app.
TLS certificate: Issued by GTS CA 1P5 on June 5th 2024. Valid for: 3 months.

This is the only time rd.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	15.235.55.95 15.235.55.95	16276 (OVH) (OVH)
37	2606:4700:20:... 2606:4700:20::681a:673	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.21.234.234 104.21.234.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
4	142.251.175.155 142.251.175.155	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c02::61	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::5e	15169 (GOOGLE) (GOOGLE)
1	64.233.170.147 64.233.170.147	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f10c:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
1	64.233.170.104 64.233.170.104	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:44de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	19

2 15.235.55.95 (Canada)

ASN16276 (OVH, FR)
PTR: apolo.hostsrv.org

tiochicobank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:20::681a:673 (United States)

ASN13335 (CLOUDFLARENET, US)

rd.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.rd.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.21.234.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c02::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44de (United States)

ASN13335 (CLOUDFLARENET, US)

fbapi.rifa.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	rd.app rd.app cdn.rd.app	894 KB
7	rsms.me rsms.me — Cisco Umbrella Rank: 25152	665 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 211	215 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 239 www.google.com — Cisco Umbrella Rank: 10	64 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 208	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	287 KB
2	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11056	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	72 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	121 KB
2	tiochicobank.com.br tiochicobank.com.br	4 KB
1	rifa.digital fbapi.rifa.digital
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	273 B
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	896 B
75	14

	Domain	Requested by
31	rd.app	tiochicobank.com.br rd.app
7	rsms.me	rd.app rsms.me
6	cdn.rd.app	rd.app
4	pagead2.googlesyndication.com	rd.app pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com
3	www.googletagmanager.com	rd.app www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	rd.app tpc.googlesyndication.com
2	www.google.com.sg	rd.app
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	cdnjs.cloudflare.com	rd.app cdnjs.cloudflare.com
2	tiochicobank.com.br
1	fbapi.rifa.digital	www.googletagmanager.com
1	www.facebook.com	rd.app
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	rd.app
75	18

This site contains links to these domains. Also see Links.

Domain
wa.me
www.facebook.com
t.me
twitter.com

Subject Issuer	Validity	Valid
tiochicobank.com.br R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
rd.app GTS CA 1P5	`2024-06-05` - `2024-09-03`	3 months	crt.sh
rsms.me WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com.sg WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
rifa.digital GTS CA 1P5	`2024-05-21` - `2024-08-19`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://rd.app/s/RZ5Es59hcxQ
Frame ID: A77FD3F390E93540AE81A029AFC380C5
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Frame ID: FFB9A80E92197294E7D7709968DB8550
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720710864&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=34~28~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=34~28~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=28_16~30_19&aiixl=28_4~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720710864806&bpp=4&bdt=600&idt=151&shv=r20240709&mjsv=m202407030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2958768537354&frm=20&pv=2&ga_vid=724550175.1720710865&ga_sid=1720710865&ga_hid=131432735&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334508%2C95334524%2C95334579%2C95334828%2C95337027%2C31084187%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3598378322363673&tmod=1284156246&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ftiochicobank.com.br%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=188
Frame ID: 600D6ABD189E01B3B7A322B9327145C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7916E68D7EA7546568F58F61A935D251
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67636BF3505B453271E394670325D72A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rifa do Tio Chico | TIO CHICO

Page URL History Show full URLs

https://tiochicobank.com.br/ Page URL
https://rd.app/s/RZ5Es59hcxQ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

75
Requests

97 %
HTTPS

61 %
IPv6

14
Domains

18
Subdomains

19
IPs

4
Countries

2300 kB
Transfer

5459 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/5581989107788
Title: Suporte

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://rd.app/s/RZ5Es59hcxQ

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://rd.app/s/RZ5Es59hcxQ

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://rd.app/s/RZ5Es59hcxQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tiochicobank.com.br/ Page URL
https://rd.app/s/RZ5Es59hcxQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&rl=https%3A%2F%2Ftiochicobank.com.br%2F&if=false&ts=1720710865432&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720710865431.63624986811760962&ler=other&cdl=API_unavailable&it=1720710865121&coo=false&eid=1720710864846.896377.1&tm=1&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D619464952447923%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Frd.app%252Fs%252FRZ5Es59hcxQ%26rl%3Dhttps%253A%252F%252Ftiochicobank.com.br%252F%26if%3Dfalse%26ts%3D1720710865432%26sw%3D1600%26sh%3D1200%26v%3D2.9.161%26r%3Dstable%26a%3DtmSimo-GTM-WebTemplate%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720710865431.63624986811760962%26ler%3Dother%26cdl%3DAPI_unavailable%26it%3D1720710865121%26coo%3Dfalse%26eid%3D1720710864846.896377.1%26tm%3D1%26rqm%3DFGET

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
tiochicobank.com.br/ 802 B
691 B 2094ms
260ms Document
text/html 15.235.55.95
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tiochicobank.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

15.235.55.95 , Canada, ASN16276 (OVH, FR),

Reverse DNS

apolo.hostsrv.org

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ce64b2375e5fdfa4072b53a9a2192923fce755c3cd0f36d1b79b089709924080

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-length: 512
content-type: text/html; charset=UTF-8
date: Thu, 11 Jul 2024 15:14:22 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 Primary Request RZ5Es59hcxQ Show response
rd.app/s/ 135 KB
70 KB 579ms
552ms Document
text/html 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/s/RZ5Es59hcxQ

Requested by

Host: tiochicobank.com.br
URL: https://tiochicobank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10450a0025e0371ac369a23314fb975ba2f75b5f795c955a56e6bede5f5010b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tiochicobank.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a19be31de44564c-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Jul 2024 15:14:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHboe%2FeychFa24G1mSLZhr4jSHRYNSmcCkAwXCCLWkZcZEmWTwPegpWGC1DpjLeN1fzoGNIJ0PcfQgU%2BdabDXPKdn50JzbCUuXT3gkCxvVTewI1iOhbFkwk84ILkt6AqPnh0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
tiochicobank.com.br/ 3 KB
3 KB 311ms
310ms Other
image/x-icon 15.235.55.95
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tiochicobank.com.br/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

15.235.55.95 , Canada, ASN16276 (OVH, FR),

Reverse DNS

apolo.hostsrv.org

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://tiochicobank.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
strict-transport-security: max-age=63072000; includeSubDomains
date: Thu, 11 Jul 2024 15:14:22 GMT
last-modified: Wed, 13 Mar 2024 22:07:04 GMT
server: Microsoft-IIS/10.0
etag: "1fa772c89275da1:0"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 2923

GET
H2 200 app-C2Rkk2Fc.css
rd.app/build/assets/ 13 KB
2 KB 500ms
494ms Stylesheet
text/css 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/app-C2Rkk2Fc.css

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-3241"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ac%2FT83rROBpwiqKyCStpiE235U%2BWiQN34tsnVP%2FG4o0NphxfNtaZHaxZlkPaZwNYjE%2Be4JEmr0GxWIjnkxLJmkTzJ3gDdjFM68fNXHXvWkPqh6%2BqCEX1BsjsHhPdvou7t3fqHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be356fc6564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 app-COmW1YSn.css
rd.app/build/assets/ 111 KB
17 KB 503ms
497ms Stylesheet
text/css 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/app-COmW1YSn.css

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55600540bff1118a47c74b2daec806d3c81dfe06404168b64ee95efc178aff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-1bace"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYV3SeDPbNue73TkA2TWjpNiz2gG0hG8KWjVvVUQOpuZKj%2FuIo2PYVgBlZkk0UZTku%2Fj5Z5z0WKQeEynqkPoWa%2F6Fx9MlxeEorX%2FMKnxAg9TdYmBOXAZPo9BferVHow2ACaDTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be356fca564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 app-BqTPH4wI.js Show response
rd.app/build/assets/ 345 KB
124 KB 2883ms
2877ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/app-BqTPH4wI.js

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f98713e33531eb5560c931c26897837a50eb337286456d9188ed9a1b6ef2434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-5625e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7Dv%2Fl1ECJDgX8XITA726fcpMXaQbuY71xM6oN0qhlZ0WV5jiNl9GqD5aLeYRapsbievdkrR47PEnjQZtHIda%2FzbgF5UQIDMiyM6c9QKdKA%2FimLkf1U6mF86h2s4hhxNYNE5Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be356fcd564c-SIN
x-xss-protection: 1; mode=block

GET
H3 200 inter.css
rsms.me/inter/ 7 KB
1 KB 51ms
29ms Stylesheet
text/css 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: 4433d9aa27eb14001c0e9fcf7059ab0b3553c63f
date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 712
x-served-by: cache-qpg1224-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: B9D8:1BDD3D:94A86A:A1CDC8:66106C3E
x-timer: S1713269130.554656,VS0,VE3
etag: W/"6601abff-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FzOzlZ%2B%2BLerXYmgYD0eSSNlddwbBeW12vJHh%2BLcNAEndNQCSOZ2kSNr2U8J1Lurb%2F3QzCttE3%2FY4MoLf7mhHECUX%2BwV%2FCMCLIQhHKM3DUio6sjIFmtSHpQX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be357a77498b-SIN
expires: Tue, 25 Jun 2024 18:55:55 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/ 99 KB
17 KB 47ms
27ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1815163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17188
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-4324"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVQz12obgSddpJar8GBlRIJhp1PasgrUS4tw6S%2FA1BcY1E0eRVCNRS6x4kgqb4pLc%2BofGQdkeC%2FeGTNMeoCJUWhwrhgR%2FJzt%2BtNQXJsw26cY6WM2ezw8nCwPJjxGNrhekLZ%2FtXGY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a19be357adfa8eb-SIN
expires: Tue, 01 Jul 2025 15:14:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
896 B 46ms
20ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a10c6fb64f864a5967f229ad7857a97a6aec9032a48ff406b7bb59afc6ed4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 38ms
23ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

aabe6f63b973f1c97f30d3e80d9292121a8a2dbb7cc08d62a7ec396555a049da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53439
x-xss-protection: 0
server: cafe
etag: 16822281670629052831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
H2 200 386679617187283614691.png
cdn.rd.app/logos/ 17 KB
18 KB 1153ms
1143ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/logos/386679617187283614691.png
Requested by: Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600386815d8db79ce21322380fb5404b22168763aae8b2ae504b3f5e487ed32f

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 16:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1adb3cd9f6a94baf1025bf958e41bc6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2BzuE2Z2irvMH6n%2Bk3hlLIbCjvPDavsp6ljb7yYF62vvRcIoRZHO%2FQsYNpvSBgJhNgwwoUuRMbsiPIPV5NluELu5oo10%2F7RW%2FM%2BCL5Ef5wDmTZPKUoZ8E%2BaYd3i4ZuLzscjb%2BTkjAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be356fd3564c-SIN
content-length: 17802

GET
H2 200 tio-chico-bank-1718728450038.jpg
cdn.rd.app/raffles/ 16 KB
16 KB 1431ms
1422ms Image
image/jpeg 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/tio-chico-bank-1718728450038.jpg
Requested by: Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d5b7c68e64e1b626147ef40f6447d5d9beb83537e6a615f3c57addfa2f82b3

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 16:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "90e49e70a96e32e2914d99f04bb7ba25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axm7s%2BcFoLKA2SJ4SabBKEwSy66LROzS5X2S6CIDX%2BLB9LRJHCcfWWKShyEtUcN66QEBicYFV4T2NPLbrPbUO%2B8FZ5WaNGxnYiLVZZ2jD6QIrXDvYTsYVX96zuoQlDRHokOxpX6TwpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be356fd1564c-SIN
content-length: 16251

GET
H2 200 tio-17187408239256.png
cdn.rd.app/user/ 111 KB
112 KB 624ms
621ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/user/tio-17187408239256.png
Requested by: Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab0f83d863e3a4bcc4a5028f3273bc9de69ef32135d1c4554c2ea912cce40df

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 20:00:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9f4d486e05dd46b1c553fdeb56bd2712"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWSpnUPkL2%2FWAimPRJgX1wmVfKd%2BI95%2BiFIivSDYv2vvodvuhnlAumOesKhXDpmTYag4SxReh3yT6AmaWZWh7L38tBIm9U7NsrLowqoFlG6frrbBBtE7OnV7TZpcMjVmqvjVxrbUZSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be389966564c-SIN
content-length: 113891

GET
H2 200 medal.png
rd.app/images/ 24 KB
25 KB 742ms
739ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.app/images/medal.png

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88d78af8bc9df67260799fdca512a4d9c8474d10a6b6c79c230274c00510d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 25052
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-61dc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmvV8uhALCdBLndpAl9LU47hlidHb418DMKdRwqLYkKKoRpNDE1vSLxykwsHqxZH4wiacAwKhu1%2F%2F%2BXHZNG5peRfkAHbUijsl8Dh9X9UpuZxfwhyk31hV1V92oYP7xZA%2FUYXag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be389968564c-SIN

GET
H2 200 favicon2.png
rd.app/images/ 412 KB
413 KB 976ms
974ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.app/images/favicon2.png

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jj774PXUkM29lptYvLu2%2Bugb%2FdtkxXjhgwIKWer%2BupinxJWwCD9pPvnlogdoJ1B%2Fn%2BYSqVUD31AoJBWgadBMif%2FpP1i7fCg4J2O7l8JEEeR2xfcmcWmWiJLZSg%2Fx6u7Cyt8lgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be38996c564c-SIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
95 KB 40ms
19ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83382c9a97a343b196697f1d4b3544d58f648d23a08621a389d08df170812d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
DATA 200
OK truncated
/ 51 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c1fb0673d64ecff3c49f1cf8acd66cc2a53e839195c7654fda53aa5acd22e84

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 73ms
39ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: 43888442aa4ce6f7f95e24c673419ba57b8612bc
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Wed, 03 Jul 2024 00:33:04 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111380
x-served-by: cache-qpg1250-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: CA7E:2DD870:843D79:8F4ACF:6611C168
x-timer: S1713281131.286134,VS0,VE1
etag: "6601abff-1b314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuZMGTVD5fJM88u%2Baes9lysMqekVceIVdnnwdpmq7eZfH2BljBqpha%2BbBNhMXzW%2FdCJhbw02HwEUhR2zoGIt61Osho9Td7Fly59d3UM0CJzMSoYmECAei0FQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be3919ea4733-SIN
x-cache-hits: 5

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 106 KB
107 KB 71ms
39ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: ede6fb7ff26e2eed5535c136c4e07c6c008afd95
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Thu, 04 Jul 2024 19:34:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 108488
x-served-by: cache-qpg120099-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 3D8E:150E55:32EF08:3717FA:66610F77
x-timer: S1718027762.296552,VS0,VE1
etag: "6601abff-1a7c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufgkJd0GA97KvbbhaTngde1400mwcE%2FdHDfDtkStUXr4xX0b33MMoF8alDkIYq9XlozfdExX2ecEuWoVvmhdwglsvkvw0ARBdBPgqCYbXLa%2BUGvvHCc68bRy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be3919e94733-SIN
x-cache-hits: 3

GET
H3 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 71ms
39ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: 49f2bed1d490e2a5e8ccf03766c9085027c6c182
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Thu, 27 Jun 2024 01:24:13 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111588
x-served-by: cache-qpg1235-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: E809:21C224:D14C19:DC1D8C:667CBCE4
x-timer: S1720379429.296796,VS0,VE0
etag: "6601abff-1b3e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1i3m3vosweeF5yUOJxO5o8CvdP7jiUkGWk16QIde2IyQGFbrz5qgCh%2Fa%2B49Z2DwkiALeJjIL02coZa2%2B61YC%2BJoP7%2FNj7lRWZMbz%2FGMx%2FEm3W1enMFnoMjX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be3919e84733-SIN
x-cache-hits: 4

GET
H3 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 108 KB
109 KB 61ms
28ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: aa66af1c7b74297dceff909857930d576b06ce18
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Thu, 11 Jul 2024 01:30:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111040
x-served-by: cache-qpg1230-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 4976:50250:4C21FC:501C96:6668DE9D
x-timer: S1720379429.296739,VS0,VE0
etag: "6601abff-1b1c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BnSPjio%2BFwGLUDZLLBms4SPgyiK4CWw0goPWPVNjW1SFciAy%2FZNTX%2B7TV7tH0S%2B22f%2FTEZqGJFXCAaLBJIA8yzCK%2BGVuPISXUaND8hc4fv8FaM0ZDxFFevFj"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8a19be3919eb4733-SIN
x-cache-hits: 7

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/ 103 KB
103 KB 59ms
26ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 74865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 105112
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62deef96-19a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4Ct%2F8FfS2hgCBZV6eZ%2FzqCH2RAo0FBwR3oSV3d61klWLEkUfUUP8ISxWICF%2F8wlLkOD8Q6fbLNF4N%2B09V3sHXjSsREDpUCFLMWPzLV%2FIp1oPBEdRR3pb0BagZj8nG55R%2BUlnT1k"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a19be391c4791ae-SIN
expires: Tue, 01 Jul 2025 15:14:24 GMT

GET
H3 200 Inter-BoldItalic.woff2
rsms.me/inter/font-files/ 116 KB
116 KB 243ms
210ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-BoldItalic.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af46bd584de8bb0aabfdab5c8651f943b089d09959ba30ae75454689c56f3bd2

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: 14b84b633cd29249833b9222dd6202c2acbfcec6
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Tue, 25 Jun 2024 20:33:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 118392
x-served-by: cache-qpg1240-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 2339:27495D:7DCA87:8430C4:667B272E
x-timer: S1720710865.827605,VS0,VE1
etag: "6601abff-1ce78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDkBY1XbA1iZrI5HeL64YhG%2FgHAzZGf8XtAIOqd5UKhDkJyjm9fecdCyOPEEE56IAtfT3JMVPkZNbleGX9PApEd0jzGu1SI2QKS%2BycZ1%2FOVcsV6O%2FWcnaeTl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be3919ec4733-SIN
x-cache-hits: 0

GET
H3 200 Inter-Italic.woff2
rsms.me/inter/font-files/ 112 KB
113 KB 292ms
259ms Font
font/woff2 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Italic.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708b7baa59a80d80465229b74f1dcb599d3ee76515a93d304337b92efb964afe

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id: 01db3ca44820e3720dd4d6781b65a408578f65f7
date: Thu, 11 Jul 2024 15:14:24 GMT
via: 1.1 varnish
expires: Tue, 25 Jun 2024 20:08:14 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 114576
x-served-by: cache-qpg1273-QPG
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 3E29:3A2A52:1B417F:1CF6CD:667B2155
x-timer: S1720578914.100247,VS0,VE1
etag: "6601abff-1bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1XGyo%2BXTgWwX5H7d2kE1%2FribZQEXnKvnXS2oLexdORDjw%2FHCoVBQtqLXbFGOH1vU%2BabyFrgGxpycYuvEIbcUZQaJth12yEZMb8uNpGmdkm4lb5e8yeMBta4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 8a19be3919ed4733-SIN
x-cache-hits: 4

GET
H2 200 wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v19/ 39 KB
39 KB 55ms
8ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlpwgwvFAVdoq2_v-6QU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lexend:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 17:46:29 GMT
x-content-type-options: nosniff
age: 77275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39808
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:33:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 17:46:29 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/ 424 KB
143 KB 62ms
43ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2984742400813413

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

44ebbe5ed180f91c6106aa7eae838518f53df03e7f03bc3bc8863de2b1095d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146700
x-xss-protection: 0
server: cafe
etag: 11591813741725238826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
105 KB 45ms
44ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d20dc9d095113764030db08d9196f200cc8fd7eded6906b11f44a2ab19180261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 118ms
48ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 15:14:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: oaHy1cK6QU7y2hfOF56RceQalepa4A5O7mYNAtJ+phIDCSK1nKAgYN9p5NG87wYyr83urz9w+XvYGg/9MWmq6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 35ms
34ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPCFZ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8f37c245033cf43ee84d33f0e1823a4e28e356b7a0262d40ec7e1b791b38ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 15:14:24 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame FFB9 0
0 388ms
17ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 76806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jul 2024 17:54:19 GMT
etag: 2738592464165616
expires: Wed, 24 Jul 2024 17:54:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=fixed%20z-30%20h-%5B54px%5D%20w-screen%20border-b%20bg-white%20px-4%20dark%3Aborder-gray-700%20dark%3Abg-gray-800%20sm%3Ah-%5B64px%5D&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 600D 0
0 423ms
71ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2984742400813413&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720710864&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=34~28~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=34~28~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=28_16~30_19&aiixl=28_4~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720710864806&bpp=4&bdt=600&idt=151&shv=r20240709&mjsv=m202407030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2958768537354&frm=20&pv=2&ga_vid=724550175.1720710865&ga_sid=1720710865&ga_hid=131432735&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334508%2C95334524%2C95334579%2C95334828%2C95337027%2C31084187%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3598378322363673&tmod=1284156246&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ftiochicobank.com.br%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 15:14:25 GMT
expires: Thu, 11 Jul 2024 15:14:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/ 3 KB
1 KB 309ms
27ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10846468162/?random=1720710865058&cv=11&fst=1720710865058&bg=ffffff&guid=ON&async=1&gtm=45be4790v869150249z8857888618za201zb857888618&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&ref=https%3A%2F%2Ftiochicobank.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&npa=0&pscdl=noapi&auid=698038178.1720710865&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10846468162&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

48045ac95dc8a6c5de65e0106f0832d56d9dbb6ccab4f9b5682580a488a56d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 619464952447923 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 235ms
232ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619464952447923?v=2.9.161&r=stable&domain=rd.app&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79144a26ecdc9e5bb163195a0ae76a185e2b01756fee55cf6338992279695376

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 15:14:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=2, c=39, mss=1297, tbw=64169, tp=-1, tpl=-1, uplat=214, ullat=0
pragma: public
x-fb-debug: Co1+yQ9bTObweSEMjL4W8iAJhi8DnnXOP17dXtyLLgpVJPdGC5pOAt/FhsesePnCOCbidNjoDITOJcYcUM0ZfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 209ms
6ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4790v875720306z8857888618za200zb857888618&_p=1720710864722&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=724550175.1720710865&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720710865&sct=1&seg=0&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&dr=https%3A%2F%2Ftiochicobank.com.br%2F&dt=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&en=page_view&_fv=1&_ss=1&tfd=1559&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 208ms
6ms Ping
text/plain 2404:6800:4003:c1a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHYBPRP9RF&cid=724550175.1720710865&gtm=45je4790v875720306z8857888618za200zb857888618&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1a::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 194ms
5ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4790v875720306z8857888618za200zb857888618&_p=1720710864722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=724550175.1720710865&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1720710865&sct=1&seg=1&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&dr=https%3A%2F%2Ftiochicobank.com.br%2F&dt=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&en=page_view&_et=5&tfd=1574&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rd.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 196ms
8ms Image
image/gif 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KHYBPRP9RF&cid=724550175.1720710865&gtm=45je4790v875720306z8857888618za200zb857888618&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1545198922

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10846468162/ 42 B
64 B 30ms
13ms Image
image/gif 64.233.170.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10846468162/?random=1720710865058&cv=11&fst=1720710000000&bg=ffffff&guid=ON&async=1&gtm=45be4790v869150249z8857888618za201zb857888618&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&ref=https%3A%2F%2Ftiochicobank.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&npa=0&pscdl=noapi&auid=698038178.1720710865&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLwFYUDO8l44QCNejqRurnt6A_gnhsmg&random=2339098873&rmt_tld=0&ipr=y

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/10846468162/ 42 B
154 B 16ms
11ms Image
image/gif 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/10846468162/?random=1720710865058&cv=11&fst=1720710000000&bg=ffffff&guid=ON&async=1&gtm=45be4790v869150249z8857888618za201zb857888618&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&ref=https%3A%2F%2Ftiochicobank.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&npa=0&pscdl=noapi&auid=698038178.1720710865&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLwFYUDO8l44QCNejqRurnt6A_gnhsmg&random=2339098873&rmt_tld=1&ipr=y

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:14:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 18ms
4ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&rl=https%3A%2F%2Ftiochicobank.com.br%2F&if=false&ts=1720710865432&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720710865431.63624986811760962&ler=other&cdl=API_unavailable&it=1720710865121&coo=false&eid=1720710864846.896377.1&tm=1&rqm=GET

Requested by

Host: rd.app
URL: https://rd.app/s/RZ5Es59hcxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2835, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jul 2024 15:14:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=619464952447923&ev=PageView&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&rl=https%3A%2F%2Ftiochicobank.com.br%2F&if=false&ts=1720710...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D619464952447923%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Frd.app%252Fs%...

0
0

GET
H2 200 RaffleModeAuto-BCbvTLwC.js Show response
rd.app/build/assets/ 86 KB
59 KB 769ms
740ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/RaffleModeAuto-BCbvTLwC.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683d65a08c9096fa1baa5f2bdba2b99a530d715bfc0c48f06fdf2f639a49a666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-156ab"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eL7LUXBmTv4y3ZB8T2qQ%2Brv45u5rTMV2BSXgF%2B%2Bx%2FoJW3eZ%2F0F%2BSUyovp%2FsW3Nj%2FVwcPJO4BAzOo7l%2FoIhu%2F0WI9dbU7%2BVVj0rO3iqKcCxv3%2BLO%2FDQzZEWoTowoKLNaNUHKC4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482962564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 IconX-WhSfa-ra.js Show response
rd.app/build/assets/ 9 KB
4 KB 1288ms
1260ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/IconX-WhSfa-ra.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982bdc333a84a405dc9e8300c4481e76430b1e0902370aff0dd50884f3f04df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-245a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4R18Ti%2BQiGLQmVkjBoeiFmnjfdcU6mXTPqOmr%2BZbnOJ9q0IIIRMorrd4LeV1LIr4T7fxAiGm5fakPuELqmB60S5lRBQPNUlZZxakpB9qGWciD2%2BsbcIttu%2FWQciXEPzUFiuSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482965564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 _plugin-vue_export-helper-DlAUqK2U.js Show response
rd.app/build/assets/ 91 B
503 B 527ms
500ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/_plugin-vue_export-helper-DlAUqK2U.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-5b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2nIYpfg8luyqhFm4HceQndkaVsqRQrToObyTDNuf3HeoGQjAU4vsfqf5rlE5qZklQ4XT%2B1da%2Flw7Gl9CnxbXrcclRs5s2AguDWXDwOCygeLDJTvpJlCVMKx0zY3Uosuf1h9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8a19be482966564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 ChevronRightIcon-yPFdCYNo.js Show response
rd.app/build/assets/ 418 B
588 B 525ms
497ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/ChevronRightIcon-yPFdCYNo.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03876a261ac8bec70a155ac2a8fec177a4afd4871377e1ed0afe0343171fed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-1a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXOq8OPVoqNE2JO8n7Q5bRbrfYHHBOIpRwbC0n8deeuP%2BpuGXsWYmZvI2Io8e5qDUcFffiAjMR24oXGHJH8G%2BxE%2BPv9nRfhO%2B73tiho5ol4gZ3rBJa6y8OKzPw%2BWJu58Qeuc5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482968564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 Modal-3dTSs54o.js Show response
rd.app/build/assets/ 675 B
767 B 1428ms
1401ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/Modal-3dTSs54o.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52ef7a470305b35502fb88454cd787b6ee51d0e1d9583e5ef37a4307f8226fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-2a3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0QiCLIxC%2B9S%2FlU1eT6rqSrdJQ57h0pVGUU3KZXakI8O4G3gWRHqJ4n8RDMCbZZpGFyXzG8P2yl0rAWhbN7j5C4oW08TsMUE%2FuGiHA4H4g2i02KRr38mONtwTLivcJHFSyg6xA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482969564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 Countdown-Ct6T37W8.js Show response
rd.app/build/assets/ 1 KB
960 B 518ms
492ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/Countdown-Ct6T37W8.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a71fd803e9800103ff8915c6d46ae8e8ed549e4820a882eabfabbba532aaf3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-5a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9auHNzVbH6ru2m50heNWBzuwedbynocFWt0%2BoP%2BD4jlZSttmTEvxW4UCMroL4m0ARPddCSIYx63jVk%2FQQWG4SPRxJDS0m097zw19fFpQ8pn3y0vJyMITYiHdZSeGj3go6F2YTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48296a564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 CountrySelect-A--DVmrL.js Show response
rd.app/build/assets/ 3 KB
2 KB 519ms
493ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/CountrySelect-A--DVmrL.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f015be9f442c1f9dcc3741b3b8145117829f0867e08b927d2b3a716b585c1847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-b3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AILqVEYLxTtE8a8PjDOqBeGyuNmeY%2BzLOM3xj3juXTBi8jUczasdbM43EoTvchBwqFs1OV%2Fft68dLRvsvUrFhZSgOhSmfKOokTjfdHQmjG4WskZcT2GH7cxxlDi2wlcK6Bn8cw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48296b564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 countries-Lqb5jYC1.js Show response
rd.app/build/assets/ 2 KB
922 B 520ms
494ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/countries-Lqb5jYC1.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b33fa102e25dcc5f959ae2216e2d32464185f2f15ed37c930272a6bf2d97a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-6c4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmD0gcJ4ZPd1PQVtaOUbM7UEj%2FACV8bsvr7k%2FpxqFYuV4H9S1Rm0DM1n98W%2Fp6OzVtrHJhilQTeufB%2FPRJiZ41yJAP9ffqr8cI3%2Be5OkMmc8c2ggYdX%2B0QNwXB%2FJ5ctq94zEeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48296c564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 listbox-DAVjeWru.js Show response
rd.app/build/assets/ 11 KB
4 KB 523ms
497ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/listbox-DAVjeWru.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761538008ea5cab5e829960f16a4b32d9ab5d2411fc20005905f8daaabf3b76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-2ac0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVH0I%2BOt9HLJ9XqhhQwEkwf2FEKd2UtxZnVQFdKLPHNipZ7Kyq4FB9RVo2uxcatb8Mr9JZoU52XhjRvJrrfwaQsNQ4Qb%2FGLyh7XGms35cF50ZVGz%2BWTKgyNKZKg%2FK0c1FXulqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48296d564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 form-ZLPcgwrS.js Show response
rd.app/build/assets/ 959 B
819 B 519ms
495ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/form-ZLPcgwrS.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccaa20d09606b66e8b9cde34210d655cbd4ebf86d25f4dcf1a7392b9c18b3446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-3bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FlXMQ80VRJW22%2BW9K6uNHMPxP2SfYez1hcqaxgi9a2H1%2Fvpv3U7bIP0bNgAhfbm%2BfQ0s1lqcB9QilDs%2FYd%2Fv7V6hhmteyAizy33Mk3NDAuTAJ9cHkIzbC9sEmR9stRSrj1fUkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48296f564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 keyboard-CeMnOCDe.js Show response
rd.app/build/assets/ 4 KB
2 KB 516ms
508ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/keyboard-CeMnOCDe.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be46c4926abe6294b1d5ae042440ee494045594ed5c4b6a98e4215b2bbb2c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-e54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vp%2BPHtPqxGlclbVw9oVc%2Fv12OOJP0iX%2FE8xqSYMpHFUrcyPOtJbX0tkFWUEm6zKuKjXgaLs%2FJlNjz%2BC7dGrdnC2pkFDRX6gyD8VTsgOK90%2FoySK3crgZrREqEVNlDsHfbXgTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482970564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 use-outside-click-FO7ee7fX.js Show response
rd.app/build/assets/ 5 KB
2 KB 528ms
521ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/use-outside-click-FO7ee7fX.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b53363953ad06120da981e7ec7b781e061ac79a9ff6abb168502f3b4238f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-145d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnfSPhQ2JAGTK4PV4A%2Fw4xS28ZiQpND7p8ojCB1snqGVJwWkyvokCgyQZcu85TuPKK7tOxJvcv0S7lhWWk2qDi5%2FkTD9Zyg7CHm7VQTTqFRscw0q%2F392huZe7KWNpZm%2B%2B%2BefLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482971564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 use-resolve-button-type-Bl2sNlti.js Show response
rd.app/build/assets/ 455 B
722 B 526ms
520ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/use-resolve-button-type-Bl2sNlti.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ec8e66964917bd4f8b55d5267455cb6218f0ffe24ffeff6d9a681b3d9dec50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-1c7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWrseCMC8gbh8U7z8%2BPVz35AF5qodOk3nMu%2Fhe6LjSCHrtwBN8k6RIaZKvGNBIynYh55oFdsiQuLvTXAKnBwMagcxKLjkYxF6gN%2FZHSp388E3nKoBFaaxfJwwKjmEC2hVnXwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482972564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 use-text-value-CBjJsKbI.js Show response
rd.app/build/assets/ 2 KB
1 KB 514ms
508ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/use-text-value-CBjJsKbI.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3137f7ec51ee3bb899ff5543bc86581a30580ad15d6b2dfdec352dc57a4a16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-81e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FC%2FKn0zGc7lB4sxcrR4c56X7h5A%2FODtt3YRqIkmYi6UfqX7YJARsNNlh8LoW0zCr9JsDUcqTQgFICZnDc%2FhkjfYAe44gp14Zdm%2BIpDVM2MP2xVj2GYdbYxuiRlcrTvQ2mZ4cWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482973564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 hidden-oS_eR2Xi.js Show response
rd.app/build/assets/ 703 B
763 B 505ms
499ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/hidden-oS_eR2Xi.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f464550c7c06cca8009b4de5ea3d648151c4299128457745a704989db235e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-2bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdSeg7x7R5PtjscUgZ3PJc%2Fj3Cxtegtqd4s%2FO7sJEk7xSPB0vrGIOW4ENDvWIS%2FEq2fcYGUqg1XPwZ6CKdSpuWsLVOlLNfksWuLLlQxWViakOYcMewY220e9Z59aFKHeO1G4EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482975564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 PhoneInput-xLw2e-qB.js Show response
rd.app/build/assets/ 646 B
734 B 525ms
519ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/PhoneInput-xLw2e-qB.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65cf9655810aed641ea52781d29fefe5c03003ee6e5ce5bef297dd4653d1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-286"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQ%2B9KtF1ypXAtGZM5JwwhwjXBFZEJ7AYRopMC4iF%2B2zAfMo7E1ibcpa0bfcYaPoNQ0Ofp7CaWWHBFu%2BAp5FX8U7l97I%2BasVFba%2BRb1C6HpI0Sl8naaJZPmp6UCzDmi0sA%2F6dDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482976564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 PixIcon-Day23wV0.js Show response
rd.app/build/assets/ 3 KB
2 KB 514ms
509ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/PixIcon-Day23wV0.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059f6651899dc3b4b6e3d7a63a7b42eaa68796f40e115f7a45b5384dd45bfbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-c8e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4V5WWkfjqLJ4P9ySpX1nBEm3X1Psu4c5lqvNaO2rvhMPPjixKX0laT%2BiqYbdToKXRPdyurJRwXNl6Q95breAd%2BbtMustG3TUNBc0syglDQHL1omEDxNPFZCpBT9IdqqPqmyw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482977564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 RafflePageHead-C_wKE_eR.js Show response
rd.app/build/assets/ 3 KB
1 KB 507ms
502ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/RafflePageHead-C_wKE_eR.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7eaa6e5bafdf1b6aad13a257d20414b561ec4b84c565f6b2dd55481ba67cc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-c2b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9ECFwWaOTZIS2BKaagAZcSnQZREhbXdzJ2qUGgQ238p9TOUNHbVYHQ9ZOWWYpJTnhZyrIV8YfUzO4UDAZk%2FxehjKZPhG0Sn%2FHmGYyt4VtsNyqvI%2BzbQE5zpetRv%2B5Z2mLjU%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482978564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 FlashMessages-CSZk6PZp.js Show response
rd.app/build/assets/ 408 B
636 B 506ms
502ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/FlashMessages-CSZk6PZp.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3088772407de6480007adf39c0a51be7c67b9781c736e78d87121ca361cf4223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-198"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFMcb9He9NZ%2FfXc8mjZDpJSWbTN1WES4hVW0Ed4vTwt0qDlBvwYtsJH0wELj%2F4PBoaPYm30Lwv3nLqSFKvnCAo9Av9JB7B7q2YM15ZD2U4yedvs4UPqZzfZbRhOVwK4gzb0cEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be482979564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 FacebookPixel-Cz9Hi9lH.js Show response
rd.app/build/assets/ 529 B
672 B 511ms
507ms Script
application/javascript 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/FacebookPixel-Cz9Hi9lH.js

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f61af11c2cb4816c81063893d6a231b8aabb29f9dc80a11518bc89c3aa4b781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://rd.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-211"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pF4nXWjflbwWlxahugtEXcouxRHUcYdo58q%2BdzaaRWJB22a6UZnuxhFG5Qiri16HkOBMjosDXmejEDUxa7FuJ6d8P%2FAdlhbMQD8uoP9gEy6Zc2Br97rXuqvE%2BffjrGiuhFCp4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be48297a564c-SIN
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 28ms
26ms XHR
application/json 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240709&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

43856cbeb5039fc5030bd078b43c4aa5fcb04d73e6def0602b05931386ab59cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0

GET
H2 200 favicon2.png
rd.app/images/ 412 KB
0 1ms
1ms Other
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/images/favicon2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jj774PXUkM29lptYvLu2%2Bugb%2FdtkxXjhgwIKWer%2BupinxJWwCD9pPvnlogdoJ1B%2Fn%2BYSqVUD31AoJBWgadBMif%2FpP1i7fCg4J2O7l8JEEeR2xfcmcWmWiJLZSg%2Fx6u7Cyt8lgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be38996c564c-SIN

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 157ms
52ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 15:14:27 GMT

GET
H2 200 favicon2.png
rd.app/images/ 412 KB
0 0ms
0ms Other
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/images/favicon2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jj774PXUkM29lptYvLu2%2Bugb%2FdtkxXjhgwIKWer%2BupinxJWwCD9pPvnlogdoJ1B%2Fn%2BYSqVUD31AoJBWgadBMif%2FpP1i7fCg4J2O7l8JEEeR2xfcmcWmWiJLZSg%2Fx6u7Cyt8lgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be38996c564c-SIN

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7916 0
0 78ms
11ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rd.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 134829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jul 2024 01:47:18 GMT
expires: Thu, 10 Jul 2025 01:47:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6763 0
0 83ms
19ms Document
text/html 64.233.170.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.170.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f104.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vv74hClKiQlgjhZGLYh-Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Vv74hClKiQlgjhZGLYh-Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 15:14:27 GMT
expires: Thu, 11 Jul 2024 15:14:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 redactorx-Xh19RCnx.css
rd.app/build/assets/ 38 KB
11 KB 698ms
697ms Stylesheet
text/css 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rd.app/build/assets/redactorx-Xh19RCnx.css

Requested by

Host: rd.app
URL: https://rd.app/build/assets/app-BqTPH4wI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54945e1e82cbc66c4e75d4541a296f1eddf61901e56a3185ae22dc6c5175897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Jul 2024 23:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6689d58b-96bd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FivZWI2k9HhCfq2pZgZQdseHJUS1yhFSKuxUXY4k8Fwas5bKpstXmRXr7sjRIJxtv472ZQI33nI52L1Bviv8YuR0HUBfT90fwSdvCH3Vk9Nvvmpzb63%2Fk7YWQYLCIJnynFDIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8a19be513e67564c-SIN
x-xss-protection: 1; mode=block

GET
H2 200 386679617187283614691.png
cdn.rd.app/logos/ 17 KB
0 0ms
0ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/logos/386679617187283614691.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600386815d8db79ce21322380fb5404b22168763aae8b2ae504b3f5e487ed32f

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 16:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1adb3cd9f6a94baf1025bf958e41bc6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2BzuE2Z2irvMH6n%2Bk3hlLIbCjvPDavsp6ljb7yYF62vvRcIoRZHO%2FQsYNpvSBgJhNgwwoUuRMbsiPIPV5NluELu5oo10%2F7RW%2FM%2BCL5Ef5wDmTZPKUoZ8E%2BaYd3i4ZuLzscjb%2BTkjAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be356fd3564c-SIN
content-length: 17802

GET
H2 200 tio-chico-bank-1718728450038.jpg
cdn.rd.app/raffles/ 16 KB
0 2ms
2ms Image
image/jpeg 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/raffles/tio-chico-bank-1718728450038.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d5b7c68e64e1b626147ef40f6447d5d9beb83537e6a615f3c57addfa2f82b3

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 16:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "90e49e70a96e32e2914d99f04bb7ba25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axm7s%2BcFoLKA2SJ4SabBKEwSy66LROzS5X2S6CIDX%2BLB9LRJHCcfWWKShyEtUcN66QEBicYFV4T2NPLbrPbUO%2B8FZ5WaNGxnYiLVZZ2jD6QIrXDvYTsYVX96zuoQlDRHokOxpX6TwpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be356fd1564c-SIN
content-length: 16251

GET
H2 200 tio-17187408239256.png
cdn.rd.app/user/ 111 KB
0 3ms
3ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rd.app/user/tio-17187408239256.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab0f83d863e3a4bcc4a5028f3273bc9de69ef32135d1c4554c2ea912cce40df

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 20:00:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9f4d486e05dd46b1c553fdeb56bd2712"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWSpnUPkL2%2FWAimPRJgX1wmVfKd%2BI95%2BiFIivSDYv2vvodvuhnlAumOesKhXDpmTYag4SxReh3yT6AmaWZWh7L38tBIm9U7NsrLowqoFlG6frrbBBtE7OnV7TZpcMjVmqvjVxrbUZSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be389966564c-SIN
content-length: 113891

GET
H2 200 medal.png
rd.app/images/ 24 KB
0 3ms
3ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.app/images/medal.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88d78af8bc9df67260799fdca512a4d9c8474d10a6b6c79c230274c00510d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 25052
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-61dc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmvV8uhALCdBLndpAl9LU47hlidHb418DMKdRwqLYkKKoRpNDE1vSLxykwsHqxZH4wiacAwKhu1%2F%2F%2BXHZNG5peRfkAHbUijsl8Dh9X9UpuZxfwhyk31hV1V92oYP7xZA%2FUYXag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be389968564c-SIN

GET
H2 200 favicon2.png
rd.app/images/ 412 KB
0 3ms
3ms Image
image/png 2606:4700:20::681a:673
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rd.app/images/favicon2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:673 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rd.app/s/RZ5Es59hcxQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:14:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 421668
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Nov 2023 03:03:39 GMT
server: cloudflare
etag: "6554350b-66f24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jj774PXUkM29lptYvLu2%2Bugb%2FdtkxXjhgwIKWer%2BupinxJWwCD9pPvnlogdoJ1B%2Fn%2BYSqVUD31AoJBWgadBMif%2FpP1i7fCg4J2O7l8JEEeR2xfcmcWmWiJLZSg%2Fx6u7Cyt8lgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19be38996c564c-SIN

POST
H2 404 collect
fbapi.rifa.digital/g/ 0
0 1675ms
1473ms Fetch
text/html 2606:4700:20::ac43:44de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4790v875720306z8857888618za200zb857888618&_p=1720710864722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=724550175.1720710865&ul=en-sg&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720710865&sct=1&seg=1&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&dr=https%3A%2F%2Ftiochicobank.com.br%2F&dt=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1720710864846.896377.1&_et=1&tfd=6575&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHYBPRP9RF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rd.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D619464952447923%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Frd.app%252Fs%252FRZ5Es59hcxQ%26rl%3Dhttps%253A%252F%252Ftiochicobank.com.br%252F%26if%3Dfalse%26ts%3D1720710865432%26sw%3D1600%26sh%3D1200%26v%3D2.9.161%26r%3Dstable%26a%3DtmSimo-GTM-WebTemplate%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720710865431.63624986811760962%26ler%3Dother%26cdl%3DAPI_unavailable%26it%3D1720710865121%26coo%3Dfalse%26eid%3D1720710864846.896377.1%26tm%3D1%26rqm%3DFGET

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240709&jk=3598378322363673&bg=!_v2l_bLNAAZjPzuvQz87ADQBe5WfOAmU391PiBEyZHY3xgqall7xFHGZ9ikvrM_XVOOfP7Uu0dhblNi9SKMrhSf5tFGWAgAAAIZSAAAAA2gBB34ANroeZ58tXezA47iDaF00nNV1ZVsFCdzJkC_2XSPN1a9-kMniL4ERfGIB0Nq5beJodFaGJZkr1AoAI0SfaM_d-PQ6jij-bKU5d1g2ctMfq9TXy86U8aOUU8IL9ITrmQKvVzXacRklR4dEYIMCZpsu4R-yo7oPgCSFncLhJdAad6Rp7GJWTWc5k14C1ioxElJEdF-PUuZe9H3mtNqQmt0NGxA9BamcPpaxWjg5gLVIAHzMvYzNpHQHPFgt1YvRiz_PYIZJfPX0cZ54t0Kh913bT1tW1_SkPfk4AoKbRFEsSiXY4XepCbzEdaWD59zJrS5puZ4LM5GsRdRfKZM2_m5uvKzkTUgw27FQn6adbhTEc3REVm6dCtC2WijIJ_8vBBircrxJKFWbn4E_Fthw2JfcVoDD-_548Hh2iHkanC59ZNsWsvRnsE8YQJSzOEEJO6vMSrtwNm2IVAfPsxZltUVHXzt3_Ujc6qLT4hDK-5f4EUkK-P47V8o14ViseLQwPwrmG8HZhvcVvANftBZRBlE_dOZwu228jZMDCSbRv4ig7IljVxSB3L9h0cZF3jcl20P92SIFuVPqf1GjHLnzHKDBtqjm0dvk7F3easn_zbvcjhyBIvrRYSCYN9B2xPcRhyKsBAmvVv5wc6AqwS2ArVK4gGlSD-hzzxnULI2UDx_CYM2lLkA0ffxSZ-3QNtacMrnSlJz0L-IeI50zVEUxyw7UGyx0dKKEynE5lWcWi2MEutH-E3ZazdkKaME-ouwkkarpilsIcuk7OPY23jKDRu-VyVUnDjtJ-NMutaF2rV_QEmwPnKsLQMc2PAu3NgjgRyMWiY0hmwJmqYf_Q8ldHC2CeI_PJZAN_Inb3PYDo6N3wz9vffE9_NOr9jn54DK-0nuZT_57XiPN8SdWMSIQxh-K_NYAjRgxpllQSImAF5XrfCt_OQklsrHrd2Mw7ydqANFnMQA5QAzOsTkcMneSesLDLC85HOWfc8tPTJ4eueB29eWZV8JLk1nO5mkOp3ckKFMZowKG0yHM__dIuIlMtDOu

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rd.app/	1970-01-20 21:58:59	Name: XSRF-TOKEN Value: eyJpdiI6Ii9VV1F0WG5lQjg0a00vL1lJNERSK1E9PSIsInZhbHVlIjoia3lmM3B1VjJDaU9wNFFYMkdqVHA5TlM2VWZyWHUxUmlvSWtkZ1JjNnRRZXA0ZVgvazJ2R1NDZkx0bmFSVGRjN0pjYzNQWFNFNEw1ZnNOUmxnSyt3YW42TzIxQmQ0YjZDTWRSZm1OVnFMSG1aWkE5eGtyMEQzU2wrS2Q1K0hRenEiLCJtYWMiOiJlYzVkM2Q5ZjQxMmNhOTVmZTI5MzBjYzEyY2EwNjE5YWNkYWY5MWQ0YWIyM2U4NzM2N2YyYjAyZDRlZmEwMzgwIiwidGFnIjoiIn0%3D
rd.app/	1970-01-20 21:58:59	Name: rifadigital_session Value: eyJpdiI6InFtVVhueUVMaFlVQm9PQkhNUzZaeVE9PSIsInZhbHVlIjoiZGNyREJacFBrTGUydXl6ODRCb2luZGRmMXA5NnV0S3dCVllLb2lZY2o4dmdJbUZSVEpMVUtnUXBEZW9xNnZCLzI5ZkRaTzN0djlEa2xQcHZPK1lsQi9SRSt1T1RRRFpiWTZWR3VXVXRxU0tqZkd0NFJVOHowM242NTlXZDdaa2giLCJtYWMiOiIzODBmMTZhODJlZTQ0OTFiZTAwZTZkNjA2ZjQ0NjFlN2MzOTMyMWFhMDMyNWViNmJhYWMwNGRkZTFiNzU3OWJlIiwidGFnIjoiIn0%3D
.rd.app/	1970-01-21 00:08:06	Name: _gcl_au Value: 1.1.698038178.1720710865
.rd.app/	1970-01-21 07:34:30	Name: _ga Value: GA1.1.724550175.1720710865
.rd.app/	1970-01-21 07:34:30	Name: _ga_KHYBPRP9RF Value: GS1.1.1720710865.1.1.1720710865.60.0.0
.doubleclick.net/	1970-01-20 21:58:31	Name: test_cookie Value: CheckForPermission
.rd.app/	1970-01-21 00:08:06	Name: _fbp Value: fb.1.1720710865431.63624986811760962

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fbapi.rifa.digital/g/collect?v=2&tid=G-KHYBPRP9RF&gtm=45je4790v875720306z8857888618za200zb857888618&_p=1720710864722&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=724550175.1720710865&ul=en-sg&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720710865&sct=1&seg=1&dl=https%3A%2F%2Frd.app%2Fs%2FRZ5Es59hcxQ&dr=https%3A%2F%2Ftiochicobank.com.br%2F&dt=Rifa%20do%20Tio%20Chico%20%7C%20TIO%20CHICO%20%7C%20Rifa%20Digital&en=PageView&ep.event_id=1720710864846.896377.1&_et=1&tfd=6575&_z=fetch Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.rd.app
cdnjs.cloudflare.com
connect.facebook.net
fbapi.rifa.digital
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rd.app
rsms.me
stats.g.doubleclick.net
tiochicobank.com.br
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
pagead2.googlesyndication.com
www.facebook.com
104.17.24.14
104.21.234.234
142.251.175.155
15.235.55.95
2001:4860:4802:32::181
2404:6800:4003:c00::5f
2404:6800:4003:c02::5e
2404:6800:4003:c02::61
2404:6800:4003:c11::84
2404:6800:4003:c1a::9c
2404:6800:4003:c1c::5e
2606:4700:20::681a:673
2606:4700:20::ac43:44de
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
64.233.170.104
64.233.170.147
74.125.200.155
02b33fa102e25dcc5f959ae2216e2d32464185f2f15ed37c930272a6bf2d97a5
059f6651899dc3b4b6e3d7a63a7b42eaa68796f40e115f7a45b5384dd45bfbfa
10450a0025e0371ac369a23314fb975ba2f75b5f795c955a56e6bede5f5010b5
1a10c6fb64f864a5967f229ad7857a97a6aec9032a48ff406b7bb59afc6ed4b6
1f98713e33531eb5560c931c26897837a50eb337286456d9188ed9a1b6ef2434
212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5
220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b
2a71fd803e9800103ff8915c6d46ae8e8ed549e4820a882eabfabbba532aaf3e
2f464550c7c06cca8009b4de5ea3d648151c4299128457745a704989db235e25
3088772407de6480007adf39c0a51be7c67b9781c736e78d87121ca361cf4223
43856cbeb5039fc5030bd078b43c4aa5fcb04d73e6def0602b05931386ab59cb
44ebbe5ed180f91c6106aa7eae838518f53df03e7f03bc3bc8863de2b1095d70
4522082cba4909ad4b9a81e3b657c4c243f2e62f6dd5556d1a7b1a72caff6405
48045ac95dc8a6c5de65e0106f0832d56d9dbb6ccab4f9b5682580a488a56d80
4be46c4926abe6294b1d5ae042440ee494045594ed5c4b6a98e4215b2bbb2c5a
4c1fb0673d64ecff3c49f1cf8acd66cc2a53e839195c7654fda53aa5acd22e84
4f61af11c2cb4816c81063893d6a231b8aabb29f9dc80a11518bc89c3aa4b781
52ef7a470305b35502fb88454cd787b6ee51d0e1d9583e5ef37a4307f8226fd6
55600540bff1118a47c74b2daec806d3c81dfe06404168b64ee95efc178aff95
58b53363953ad06120da981e7ec7b781e061ac79a9ff6abb168502f3b4238f82
600386815d8db79ce21322380fb5404b22168763aae8b2ae504b3f5e487ed32f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
683d65a08c9096fa1baa5f2bdba2b99a530d715bfc0c48f06fdf2f639a49a666
708b7baa59a80d80465229b74f1dcb599d3ee76515a93d304337b92efb964afe
761538008ea5cab5e829960f16a4b32d9ab5d2411fc20005905f8daaabf3b76c
79144a26ecdc9e5bb163195a0ae76a185e2b01756fee55cf6338992279695376
83382c9a97a343b196697f1d4b3544d58f648d23a08621a389d08df170812d02
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6
982bdc333a84a405dc9e8300c4481e76430b1e0902370aff0dd50884f3f04df8
9ab0f83d863e3a4bcc4a5028f3273bc9de69ef32135d1c4554c2ea912cce40df
a03876a261ac8bec70a155ac2a8fec177a4afd4871377e1ed0afe0343171fed4
a88d78af8bc9df67260799fdca512a4d9c8474d10a6b6c79c230274c00510d0e
aabe6f63b973f1c97f30d3e80d9292121a8a2dbb7cc08d62a7ec396555a049da
af46bd584de8bb0aabfdab5c8651f943b089d09959ba30ae75454689c56f3bd2
b3137f7ec51ee3bb899ff5543bc86581a30580ad15d6b2dfdec352dc57a4a16d
b4beab007326b210349e30a05dc28160e8e058f840f8be41b8e3650dd6e11761
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c7eaa6e5bafdf1b6aad13a257d20414b561ec4b84c565f6b2dd55481ba67cc00
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
ccaa20d09606b66e8b9cde34210d655cbd4ebf86d25f4dcf1a7392b9c18b3446
ce64b2375e5fdfa4072b53a9a2192923fce755c3cd0f36d1b79b089709924080
d20dc9d095113764030db08d9196f200cc8fd7eded6906b11f44a2ab19180261
d65cf9655810aed641ea52781d29fefe5c03003ee6e5ce5bef297dd4653d1f48
e2ec8e66964917bd4f8b55d5267455cb6218f0ffe24ffeff6d9a681b3d9dec50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54945e1e82cbc66c4e75d4541a296f1eddf61901e56a3185ae22dc6c5175897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f015be9f442c1f9dcc3741b3b8145117829f0867e08b927d2b3a716b585c1847
f5d5b7c68e64e1b626147ef40f6447d5d9beb83537e6a615f3c57addfa2f82b3
f8f37c245033cf43ee84d33f0e1823a4e28e356b7a0262d40ec7e1b791b38ebb

rd.app Open in urlscan Pro 2606:4700:20::681a:673 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

61 %IPv6

14 Domains

18 Subdomains

19 IPs

4 Countries

2300 kBTransfer

5459 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rd.app Open in urlscan Pro
2606:4700:20::681a:673 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

61 %
IPv6

14
Domains

18
Subdomains

19
IPs

4
Countries

2300 kB
Transfer

5459 kB
Size

7
Cookies

75 HTTP transactions
1 data transactions