urlscan.io logo urlscan.io
SecurityTrails logo

rirm.hekadot.com Open in urlscan Pro
104.21.31.89  Public Scan

Go To Rescan Add Verdict Report
URL: https://rirm.hekadot.com/
Submission: On July 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 104.21.31.89, located in and belongs to CLOUDFLARENET, US. The main domain is rirm.hekadot.com.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time rirm.hekadot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 104.21.31.89 13335 (CLOUDFLAR...)
26 1
Apex Domain
Subdomains		 Transfer
26 hekadot.com
rirm.hekadot.com
600 KB
26 1
Domain Requested by
26 rirm.hekadot.com rirm.hekadot.com
26 1

This site contains no links.

Subject Issuer Validity Valid
hekadot.com
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://rirm.hekadot.com/
Frame ID: EF3DE390914822663105C6905B6703CA
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Comment éviter de développer un diabète ?

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

600 kB
Transfer

964 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rirm.hekadot.com/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e52f54f7f22387c88b26b14c295c04c8d8bdba1b6bf9e928bf9f3d2916467

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8923f8eb8637ca-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 03:42:31 GMT
expires
Thu, 25 Jul 2024 03:42:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wb3QmWR91NLfweNx7KfTpf4ZHbG3pmuuRbjwCY1v4ENyIWpUymouVk1XKPm7T7frpdsAOefmd580CGatC2nlPhADnzGIK3syjGaHClH3ZWWgCdFbLu0B8shAZzsr%2FwDheL21"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/ 		111 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/bootstrap.min.css
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-1bb5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RUMPmGJFI2x%2BW4e3msDXCRWtmzpSeQ3x%2F2feg16P2H1Apb4Ec8I1EamGdgos7xaKNc4rrBLcu2IIj5rTGY9oMsX0aPbusklcp1SaDo%2BboMJNv2VXQ0k7SEoFLw%2FmIoyTGpw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4937ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
plugins.css
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/ 		70 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/plugins.css
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add5749710cd7965461ce266c025b2de3cc72957764b5f4f2b7d9b038a196435

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-1176b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGElX%2BsVhBwjZEheF%2BjI3dNUcnenpAigmqa7Ki3W9vDc4DHSXdbh5E9fTKdX1c7LhKnLszOZ3S5o9Emz5kK7zctzKylfmKfA8w2TD6w4m7RGSkxgRs%2Ba3K65NMk4CZWNMrUg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4a37ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
magnific-popup.css
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/magnific-popup.css
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648aacd32da86d341dec60d5ece0de2cfc7d578e981fad920af31a8ad8ab874c

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a107cd-1e7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXhTRYAfC5hSJNF7cQl2c4KlBRQ7VoPF7mS0IoyU%2BVZ%2FqbEKTtIru9%2B02MtfX4DZDVfegFrydO%2BmJGvaXazVjnKcWNIV3Qom4UX9ZnoisvA51lLysunJWUcWKcfcOCUL0Eyo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4b37ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Aug 2024 03:42:32 GMT
style.css
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9303d3f1498f74ec11b4dce1df1df7dd46059d5848ab304e40e7ff565d6fe6eb

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-657d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLMjsHiC5MHaUv64DhNJf9BwAtAP0zw41GllriBy0pjzYKNoIHilmSBIProU8NssauENZUlJYmUUsM2lAYIpRO0A6mW919SBAzkrNtcWWbypo%2FZH53cJCX6JOxZU%2FpzeeAGL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4c37ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
responsive.css
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/responsive.css
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad667c7975209d340e5ce5cf8b67c856bef305c5d7099c08fa945624560160c

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a107cd-a92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWIdbiCDnQbi%2FniXAsJ%2FGjOg4N05Ncllwpgle0%2FsJFe%2FkLQhj%2Frz0gPZ7Jf9l2oqyOKyyyjr8xxfqPttrNcp7rxHG1RKu%2FQjBUx%2FV2zsAEaqxpOmGO7jjHmSCZd6mXVEhR4Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4d37ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Aug 2024 03:42:32 GMT
modernizr-2.8.3-respond-1.4.2.min.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-4e8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTHLyciBK8hFyv%2F%2F7J8qqKvbpqCZRrVNludDAmeQVJV6eHsEGqwIFRG%2BVQdhXJsdztn%2Fqh%2FWAAfufsrvSwzBE2zoryxDT8I6BmjNsGIS1IN2zlSYZtBsVpQZgXGLmBVOGvq2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fc1d4e37ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
logo_site_this
rirm.hekadot.com/lander/wg-fr-lqrxe/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/logo_site_this
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zt596ukPgOXrL3vgjWACIjqA2udlYR97IM2Er2KyQ1mMK68aJhKH9moXYy1jlmk1kXcRn22LzneuEy9OpXMpmlxkQOwvMhNmVwnMlpJPnBrdEtTBjPR3zIQF5PUqFnTq0zpB"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8923fc1d4f37ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jul 2024 03:42:32 GMT
3636.jpg
rirm.hekadot.com/lander/wg-fr-lqrxe/image_def/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/image_def/3636.jpg
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494ccd4dc4bfc68cbd0beafc0dcbbdd2a65f1f6ea497d672c08f52d199fa561d

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
58209
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-e361"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4sqTJ9EPMsP6CbWDNuXt0l9fjGp2%2BM1cw%2FbNgu5Cd56kvnExPiBxDAUoNcRaLLZVulMSMDc%2F1huab%2Fh714LRo9mV5jcJFQuhG3Neapqefd3tz%2BoCvpAUszF%2B%2BxU0U1NgN9fh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fc1d5037ca-FRA
expires
Sun, 04 Aug 2024 03:42:32 GMT
separator.png
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/images/separator.png
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cda19798fd44e51c518d861c6981378c68cc83d45a3752bfe199f6ec8ebdad

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
content-length
1197
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-4ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54i1WhbWybkI%2Frt0gKZLGMqEB%2BQfRFZxqe5IP512REDJktYPv6SwL5uFABG1j%2BGZoJBRH0tQ53%2FEI%2BCiHzFacOGAjcbo7%2B92rK8gtNlTjTqG0XVOxXgcQbidBp3%2FlkclQOrg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fe0e6337ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
jquery-1.11.2.min.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/jquery-1.11.2.min.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a107cd-176bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74c%2Bgy3bHM3n%2FDXT44iZR%2Bo0JdNzX6s5IRuCSx70llrt15tb4SaXA%2FZlYXps9GofLjF72yz71qwFwMpgv0Te%2F11bfsVqKOrvMav%2F61QTbOvfZauKpO%2BqGvUvTs9u57qGkHIp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe7e9b37ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Aug 2024 03:42:32 GMT
bootstrap.min.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/vendor/bootstrap.min.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-8b11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovWOtnAjtV2t4yfI9HwUpHRfFzyk%2Fp6Oj%2B1dgkG0ZqQsqVDIBSNwASNWiO%2FBMXCrlW4FFV6OBrwcDGwmy8E1KVFTF6%2BxFVBs77sPGb2Sw7bcSlTRwGl52u%2Fz9BXcr6lbIAvF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eac37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
jquery.mixitup.min.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/jquery.mixitup.min.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b4cb3db2cf3d417e8e69528fde70b5ed09686cbf54cb06e5dd993dfa452670

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-7107"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfI73JBvhLhApeauZ8VvfacWZUdpQ%2Bn2UkEe3lE%2BfWnaFnG%2B3gHCHbK3vrrNy8QkuKWaAoWvOGdriAf6E7BfNNnFBURwf0eFtQ99xU5GpAkUMrqexAA2ky5%2F3zmPmH8Cwm5P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eae37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
jquery.easypiechart.min.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/jquery.easypiechart.min.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68402284ca93b99eafdfe9cbd378402e8f1412fefe6c490c99ec28cc797a18c9

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-f4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLXicCjoa%2F3TCVWA88fPv2y8y1Z%2FjO4Px7UhJpI7eKwXlKZ4ha%2Bvn4%2FNQZDnpJAFIo3QOyVok0%2BxyRVrqzQVL4BLC3BRd5PaWhKC%2B6WAy99qxs93Ooj79EGIh8Q6Q3ihbS5G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eb037ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
jquery.magnific-popup.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/jquery.magnific-popup.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e09dab833f4eff29b9c6308e05431f3fd0db8af3e319a9e9332fad7772172c

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a107cd-b512"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAzPI5prPrHhxEti67bjJMj4g1znP1C9VTuouhd7kW04QA%2BD8I4M%2FD7jB0G6OSNBNL4dsoFem31dGtg53WGsUU0bxjq0oKSUOgTvtMHb9KptePoxyPzP7kh5W7Tbc8S4o79%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eb137ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Aug 2024 03:42:32 GMT
modernizr.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/modernizr.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee94dda0af1fc5c5045741b39e54136015365eedca34095f1d3c666998bb442d

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-c8a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97oouei4JVIrZpD53CUdTdQFqLYtnENTcFwAVx65AnWXlrlzCahsFHbU1WZlftjYrWR%2BxA6x5wqfFD2ok11YD6JAickZis8O7Dzlm%2BcfLx5bxc3R2wmTyPio9QcUEmaziFC2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eb237ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
main.js
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/js/main.js
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add40f7310ae60229595575d7a02056392a47ac79ad22da2b8f0b254cf9cdbee

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
W/"66a107cd-c96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BDN%2FGkijclfQ0pge82IPIetbimfCk1pAI1gP%2FLFcIhJZdpF%2BkFt9QNdjIuwezyXZHiVTTxU5ZQw35CrDw%2FnZhkmXmuOd37c4a18hPVeSQ1%2FceU%2BkotBEFy62SRAisjWo5Js"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
8a8923fe9eb337ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
pt_sans-web-regular.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/pt_sans-web-regular.woff2
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6091bb03c53ebf9d4c8570fa48a069437e0961e6affea50d2c88cc71488af705

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12596
alt-svc
h3=":443"; ma=86400
content-length
105040
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-19a50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbzmFsQ1v8NuJJmlf3Eao3ZtWSPU6G9XiDnezp0L9Qqe2fnJEt9IPumjzyAeSP88Zme1tAAzbQcV8yoXbJ1C7XpnZWnozybponbDZ0xJXi8igJIJeDp%2BfkXfrGVaxQH96yEE"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fe6e9937ca-FRA
expires
Sun, 04 Aug 2024 00:12:36 GMT
logo_site_this
rirm.hekadot.com/lander/wg-fr-lqrxe/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/logo_site_this
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fb8bftIjFI%2BssKvVW34S1Pbwz23QTiP%2FFa2rOqxuen7W%2BoVJL1w0PjnHXXFTy0wr4LpL5LK%2FOr9qmazSmef5HLNdnNhpT1LRQNdzgRHIcnTITR1spoLjSoO2HvAMUGzFlne6"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a8923fe9eb637ca-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jul 2024 03:42:32 GMT
video.jpg
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/images/video.jpg
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e847b1db6839fcb529aff243820e4bae8ff52f948c45b549e16cdc0f91ab0854

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
content-length
64488
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-fbe8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kM%2BUJf7T0sCMjr77gy0m0t5DWO%2B3d8BpvCV82B0dUMq%2BJnm8A2b3g4wLAy6wwH%2FOoZzPXEIFvye4PwNzPfmzMZ7jSHv3nO6qEQsaT%2FzihL370I2KV2YxHOxv%2BdnFuM85cT6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fe9eba37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
oswald-regular.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/oswald-regular.woff2
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38e3a88d9af2cbde3b2bda0bf10ad7e371220f2161782471462adbefaf73166

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
22396
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-577c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3wsQV8U10NCh5AHw6rpHTwImFWByBkW5peHSS0sVYiLaKxjSIS8h%2FN8vr4ZS6rQNXpVren%2BqU3WVg5P1habkm8uHa4Xv%2By6YYJys8rTE1sPrSi%2Fl8URUY8OoHvNJcNuZyO1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923feced937ca-FRA
expires
Sun, 04 Aug 2024 03:42:32 GMT
oswald-bold.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/oswald-bold.woff2
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3db0682dfecf06042aea84e913668c4bd3e5192e607e7b877c143b742c5832f

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23552
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-5c00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJyVBrPxz9pCFIWo5VOpOjXlCp5yR9tWSEOQ1Bm%2FImEBbRjyvt00cGI5b1JBFkA6KIL8o%2F3jDKMweHMTNfYiN9D2J%2Fd5wjoQd%2FpZAm7H6qkByRQPHKozPtLXaXHdSXjoxM4Z"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923feceda37ca-FRA
expires
Sun, 04 Aug 2024 03:42:32 GMT
oswald-light.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/oswald-light.woff2
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91827ff33766e01a736718c19ea0b053dba6bbef96b1e52fff8fc0d1b1d0af3c

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
content-length
20732
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-50fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4a9cYc%2FE5%2BpA9C6LT3WPUnfGN5heeM%2B4sP3ukJTjsfu6moik6T03oyjjZtLAcyGt2%2F%2F8R35IqWijOMmf64aQAwT9tLVV2J8Kg3wSaD0jWHvJtEdxlEWbfr0qdfg5gDHy2lL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fecedb37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
fontawesome-webfont.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/plugins.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/plugins.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
content-length
64464
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-fbd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vK2%2B2a1MZDJ8TtJABaYgTOlvyDL45Ofce2aVrzLu9LtrvRSqTA5SQY30iF1BMkAJfENtsFG69qhHNfQLjUZ8v46wCLoyKsjp1ccHV%2BHVF%2BjhgcJmIkxPCd%2FiZQ8B5fLwVx%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fecedd37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
pt_sans-web-italic.woff2
rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/fonts/pt_sans-web-italic.woff2
Requested by
Host: rirm.hekadot.com
URL: https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ceffa64f1f4f5dcc409247e51ee1360404c92410e33bcb3b90d7581a4e7640e

Request headers

Referer
https://rirm.hekadot.com/lander/wg-fr-lqrxe/assets/css/style.css
Origin
https://rirm.hekadot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12595
alt-svc
h3=":443"; ma=86400
content-length
99012
last-modified
Wed, 24 Jul 2024 13:55:25 GMT
server
cloudflare
etag
"66a107cd-182c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WDKoH%2FSgZXAsc86vRy7%2BG5sSmKI9gmv%2FpQ7omo3h%2Fr7j4%2BYRELdjaZ0HpsX07FQVskgPmhO5QX59OCFZAiWWtBgp5SU7IUxTLFlJgR6B50VH%2BZWmf%2BTfqFKMUD%2BQdph0I8g"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
8a8923fecede37ca-FRA
expires
Sun, 04 Aug 2024 00:12:37 GMT
favicon.ico
rirm.hekadot.com/ 		548 B
561 B 		Other
General
Check archive.org
Download Go to
Full URL
https://rirm.hekadot.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://rirm.hekadot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:33 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ii5KPBZoBKvXecj5w%2FDehUPYVjqzEeL9u6POMznDz%2Fcj2%2FqjUr%2FzZO%2FFdle8tnvSrYgB4WYaHCiJ917LPmWksPqeJSNkXX7qErDYLuCeG1oxKc6r%2B%2BmO1bppI7dFiclbR0vO"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8a892401e95637ca-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| yepnope object| respond function| $ function| jQuery object| jQuery111205114266864364587

2 Cookies

Domain/Path Name / Value
rirm.hekadot.com/ Name: 05709
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM1Nzk5NVwiOjE3MjE4Nzg5NTF9LFwiY2FtcGFpZ25zXCI6e1wiMTcwODYxXCI6MTcyMTg3ODk1MX0sXCJ0aW1lXCI6MTcyMTg3ODk1MX0ifQ.qa3yjJGt72k7cRamgKSfzui0V4TpddAJPaQNYEhHe5Y
rirm.hekadot.com/ Name: _subid
Value: 2gvuti264rcoe

1 Console Messages

Source Level URL
Text
network error URL: https://rirm.hekadot.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rirm.hekadot.com
104.21.31.89
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ceffa64f1f4f5dcc409247e51ee1360404c92410e33bcb3b90d7581a4e7640e
494ccd4dc4bfc68cbd0beafc0dcbbdd2a65f1f6ea497d672c08f52d199fa561d
555e52f54f7f22387c88b26b14c295c04c8d8bdba1b6bf9e928bf9f3d2916467
6091bb03c53ebf9d4c8570fa48a069437e0961e6affea50d2c88cc71488af705
648aacd32da86d341dec60d5ece0de2cfc7d578e981fad920af31a8ad8ab874c
68402284ca93b99eafdfe9cbd378402e8f1412fefe6c490c99ec28cc797a18c9
91827ff33766e01a736718c19ea0b053dba6bbef96b1e52fff8fc0d1b1d0af3c
9303d3f1498f74ec11b4dce1df1df7dd46059d5848ab304e40e7ff565d6fe6eb
a7b4cb3db2cf3d417e8e69528fde70b5ed09686cbf54cb06e5dd993dfa452670
add40f7310ae60229595575d7a02056392a47ac79ad22da2b8f0b254cf9cdbee
add5749710cd7965461ce266c025b2de3cc72957764b5f4f2b7d9b038a196435
b3db0682dfecf06042aea84e913668c4bd3e5192e607e7b877c143b742c5832f
c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
d8e09dab833f4eff29b9c6308e05431f3fd0db8af3e319a9e9332fad7772172c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e847b1db6839fcb529aff243820e4bae8ff52f948c45b549e16cdc0f91ab0854
ee94dda0af1fc5c5045741b39e54136015365eedca34095f1d3c666998bb442d
f1cda19798fd44e51c518d861c6981378c68cc83d45a3752bfe199f6ec8ebdad
f38e3a88d9af2cbde3b2bda0bf10ad7e371220f2161782471462adbefaf73166
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fad667c7975209d340e5ce5cf8b67c856bef305c5d7099c08fa945624560160c