rwfemfest.com Open in urlscan Pro
104.21.31.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rwfemfest.com/
Submission: On November 06 via manual (November 6th 2022, 10:17:20 pm UTC) from US — Scanned from NZ

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 49 HTTP transactions. The main IP is 104.21.31.96, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is rwfemfest.com.
TLS certificate: Issued by GTS CA 1P5 on September 24th 2022. Valid for: 3 months.

This is the only time rwfemfest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.21.31.96 104.21.31.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
2	139.99.63.197 139.99.63.197	16276 (OVH) (OVH)
26 26	139.99.68.6 139.99.68.6	16276 (OVH) (OVH)
26 26	172.67.221.41 172.67.221.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26 26	104.21.4.33 104.21.4.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	104.21.81.127 104.21.81.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.99.28.182 139.99.28.182	16276 (OVH) (OVH)
2	172.64.135.37 172.64.135.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.187.229.56 213.187.229.56	43937 (PTNET) (PTNET)
49	8

3 104.21.31.96 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

rwfemfest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.63.197 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ns5000585.ip-139-99-63.net

staticimages.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 139.99.68.6 (Singapore, Singapore) 26 redirects

ASN16276 (OVH, FR)
PTR: ns564141.ip-139-99-68.net

joker123slot.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.221.41 (United States) 26 redirects

ASN13335 (CLOUDFLARENET, US)

www.liteonaward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.21.4.33 (Shahr, Iran, Islamic Republic Of) 26 redirects

ASN13335 (CLOUDFLARENET, US)

www.whalenet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.21.81.127 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.worldaviationfestivalblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.99.28.182 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip182.ip-139-99-28.net

139.99.28.182	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.135.37 (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.187.229.56 (Canada)

ASN43937 (PTNET, EE)

tickers.playtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	b-cdn.net 26 redirects staticimages.b-cdn.net joker123slot.b-cdn.net	37 KB
26	worldaviationfestivalblog.com www.worldaviationfestivalblog.com	2 MB
26	whalenet.org 26 redirects www.whalenet.org	8 KB
26	liteonaward.com 26 redirects www.liteonaward.com	8 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 317	151 KB
3	rwfemfest.com rwfemfest.com	16 KB
2	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 73777	275 KB
1	playtech.com tickers.playtech.com — Cisco Umbrella Rank: 94286	51 KB
49	8

	Domain	Requested by
26	www.worldaviationfestivalblog.com	rwfemfest.com
26	www.whalenet.org	26 redirects
26	www.liteonaward.com	26 redirects
26	joker123slot.b-cdn.net	26 redirects
9	cdn.ampproject.org	rwfemfest.com cdn.ampproject.org
3	rwfemfest.com	rwfemfest.com
2	nx-cdn.trgwl.com	rwfemfest.com 139.99.28.182
2	staticimages.b-cdn.net	rwfemfest.com
1	tickers.playtech.com	139.99.28.182
49	9

This site contains links to these domains. Also see Links.

Domain
303.kim

Subject Issuer	Validity	Valid
*.rwfemfest.com GTS CA 1P5	`2022-09-24` - `2022-12-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
j.pe Sectigo RSA Domain Validation Secure Server CA	`2021-12-06` - `2022-12-06`	a year	crt.sh
*.trgwl.com E1	`2022-10-29` - `2023-01-27`	3 months	crt.sh
*.playtech.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-23` - `2023-05-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://rwfemfest.com/
Frame ID: F610721FCB7E71B63F0BCDD60959B9F6
Requests: 47 HTTP requests in this frame

Frame: https://139.99.28.182/amp/iframe/jackpot
Frame ID: 57BBE5683508E35FE32A06E948A4585F
Requests: 7 HTTP requests in this frame

Frame: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Frame ID: 5A1942A6A0436291A4D458A9B7E01F92
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Agen Sbobet Resmi, Daftar Sbobet Terpercaya, Agen Casino Sbobet

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

49
Requests

47 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

2447 kB
Transfer

3044 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://303.kim/Bursa303
Title: DAFTAR

Search URL Search Domain Scan URL

URL: http://303.kim/LIVECHATbs303
Title: LIVECHAT

Search URL Search Domain Scan URL

URL: http://303.kim/WAbs303
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: http://303.kim/LINEbs303
Title: BURSA303

Search URL Search Domain Scan URL

URL: http://303.kim/TELEbs303
Title: Bursa_303

Search URL Search Domain Scan URL

URL: https://303.kim/DAFTARbs303
Title: DAFTAR

Search URL Search Domain Scan URL

URL: http://303.kim/PROMObs303
Title: BONUS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://joker123slot.b-cdn.net/index_files/logobursa303.png HTTP 301
https://www.liteonaward.com/index_files/logobursa303.png HTTP 301
https://www.whalenet.org/index_files/logobursa303.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/logobursa303.png

Request Chain 15

https://joker123slot.b-cdn.net/index_files/hotgames-icon3.png HTTP 301
https://www.liteonaward.com/index_files/hotgames-icon3.png HTTP 301
https://www.whalenet.org/index_files/hotgames-icon3.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/hotgames-icon3.png

Request Chain 16

https://joker123slot.b-cdn.net/index_files/gameslot-icon.png HTTP 301
https://www.liteonaward.com/index_files/gameslot-icon.png HTTP 301
https://www.whalenet.org/index_files/gameslot-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/gameslot-icon.png

Request Chain 17

https://joker123slot.b-cdn.net/index_files/casino-icon.png HTTP 301
https://www.liteonaward.com/index_files/casino-icon.png HTTP 301
https://www.whalenet.org/index_files/casino-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/casino-icon.png

Request Chain 18

https://joker123slot.b-cdn.net/index_files/sports-icon.png HTTP 301
https://www.liteonaward.com/index_files/sports-icon.png HTTP 301
https://www.whalenet.org/index_files/sports-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/sports-icon.png

Request Chain 19

https://joker123slot.b-cdn.net/index_files/arcade-icon.png HTTP 301
https://www.liteonaward.com/index_files/arcade-icon.png HTTP 301
https://www.whalenet.org/index_files/arcade-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/arcade-icon.png

Request Chain 20

https://joker123slot.b-cdn.net/index_files/poker-icon.png HTTP 301
https://www.liteonaward.com/index_files/poker-icon.png HTTP 301
https://www.whalenet.org/index_files/poker-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/poker-icon.png

Request Chain 21

https://joker123slot.b-cdn.net/index_files/togel-icon.png HTTP 301
https://www.liteonaward.com/index_files/togel-icon.png HTTP 301
https://www.whalenet.org/index_files/togel-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/togel-icon.png

Request Chain 22

https://joker123slot.b-cdn.net/index_files/tv-icon.png HTTP 301
https://www.liteonaward.com/index_files/tv-icon.png HTTP 301
https://www.whalenet.org/index_files/tv-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/tv-icon.png

Request Chain 23

https://joker123slot.b-cdn.net/index_files/line-icon.png HTTP 301
https://www.liteonaward.com/index_files/line-icon.png HTTP 301
https://www.whalenet.org/index_files/line-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/line-icon.png

Request Chain 24

https://joker123slot.b-cdn.net/index_files/phone-icon.png HTTP 301
https://www.liteonaward.com/index_files/phone-icon.png HTTP 301
https://www.whalenet.org/index_files/phone-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/phone-icon.png

Request Chain 25

https://joker123slot.b-cdn.net/index_files/whatsapp-icon.png HTTP 301
https://www.liteonaward.com/index_files/whatsapp-icon.png HTTP 301
https://www.whalenet.org/index_files/whatsapp-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/whatsapp-icon.png

Request Chain 26

https://joker123slot.b-cdn.net/index_files/telegram-icon.png HTTP 301
https://www.liteonaward.com/index_files/telegram-icon.png HTTP 301
https://www.whalenet.org/index_files/telegram-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/telegram-icon.png

Request Chain 27

https://joker123slot.b-cdn.net/index_files/BCA.png HTTP 301
https://www.liteonaward.com/index_files/BCA.png HTTP 301
https://www.whalenet.org/index_files/BCA.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/BCA.png

Request Chain 28

https://joker123slot.b-cdn.net/index_files/BNI.png HTTP 301
https://www.liteonaward.com/index_files/BNI.png HTTP 301
https://www.whalenet.org/index_files/BNI.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/BNI.png

Request Chain 29

https://joker123slot.b-cdn.net/index_files/BRI.png HTTP 301
https://www.liteonaward.com/index_files/BRI.png HTTP 301
https://www.whalenet.org/index_files/BRI.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/BRI.png

Request Chain 30

https://joker123slot.b-cdn.net/index_files/MANDIRI.png HTTP 301
https://www.liteonaward.com/index_files/MANDIRI.png HTTP 301
https://www.whalenet.org/index_files/MANDIRI.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/MANDIRI.png

Request Chain 31

https://joker123slot.b-cdn.net/index_files/CIMB.png HTTP 301
https://www.liteonaward.com/index_files/CIMB.png HTTP 301
https://www.whalenet.org/index_files/CIMB.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/CIMB.png

Request Chain 32

https://joker123slot.b-cdn.net/index_files/DANAMON.png HTTP 301
https://www.liteonaward.com/index_files/DANAMON.png HTTP 301
https://www.whalenet.org/index_files/DANAMON.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/DANAMON.png

Request Chain 33

https://joker123slot.b-cdn.net/index_files/E-WALLET.png HTTP 301
https://www.liteonaward.com/index_files/E-WALLET.png HTTP 301
https://www.whalenet.org/index_files/E-WALLET.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/E-WALLET.png

Request Chain 34

https://joker123slot.b-cdn.net/index_files/TELKOMSEL.png HTTP 301
https://www.liteonaward.com/index_files/TELKOMSEL.png HTTP 301
https://www.whalenet.org/index_files/TELKOMSEL.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/TELKOMSEL.png

Request Chain 35

https://joker123slot.b-cdn.net/index_files/home-icon.png HTTP 301
https://www.liteonaward.com/index_files/home-icon.png HTTP 301
https://www.whalenet.org/index_files/home-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/home-icon.png

Request Chain 37

https://joker123slot.b-cdn.net/index_files/login-icon2.png HTTP 301
https://www.liteonaward.com/index_files/login-icon2.png HTTP 301
https://www.whalenet.org/index_files/login-icon2.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/login-icon2.png

Request Chain 38

https://joker123slot.b-cdn.net/index_files/promotion-icon.png HTTP 301
https://www.liteonaward.com/index_files/promotion-icon.png HTTP 301
https://www.whalenet.org/index_files/promotion-icon.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/promotion-icon.png

Request Chain 39

https://joker123slot.b-cdn.net/index_files/livechat-icon2.png HTTP 301
https://www.liteonaward.com/index_files/livechat-icon2.png HTTP 301
https://www.whalenet.org/index_files/livechat-icon2.png HTTP 301
https://www.worldaviationfestivalblog.com/index_files/livechat-icon2.png

Request Chain 46

https://joker123slot.b-cdn.net/index_files/bonusmembe100.jpg HTTP 301
https://www.liteonaward.com/index_files/bonusmembe100.jpg HTTP 301
https://www.whalenet.org/index_files/bonusmembe100.jpg HTTP 301
https://www.worldaviationfestivalblog.com/index_files/bonusmembe100.jpg

49 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rwfemfest.com/ 61 KB
16 KB 843ms
542ms Document
text/html 104.21.31.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rwfemfest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.31.96 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90942abf4eaffa2e93dec3b65152c96001b0f190fa7d655ec3a61bee3d4e99da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7661329138f6a941-SYD
content-encoding: br
content-type: text/html
date: Sun, 06 Nov 2022 22:17:08 GMT
last-modified: Fri, 28 Oct 2022 08:20:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EuVxwotW9eL1Kq1utI9OOS5UwiUP9WGgUZHxu1c4f%2BTMGfhlDOrb5UwJv7e1t%2FUlAjJwWLlSvGsnX8gEWZs3X%2FfC8eQ3bdykozFkK5txFZ8T1dZDjwIH9yQah1PZGEZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 109 KB
31 KB 764ms
285ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

a14cac7ed9fb93238a1028e7f2c2a9d4c0725817f28163ad9ec5aa3385fcf8ef

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31965
x-xss-protection: 0
server: sffe
etag: "3e7b765450cba712"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 276 KB
71 KB 1119ms
640ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

af01f23413b5533c1b5a1c400e3076726312db3cb2fe0a48d3dbdb5f2b4cd231

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72613
x-xss-protection: 0
server: sffe
etag: "0367d95198e5c34f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 694ms
234ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

03b0aa38599191c39c11d7a72b3be55f6591eafc0b114f4c2074712330ecc8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11517
x-xss-protection: 0
server: sffe
etag: "f76300f78361dc0e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 1052ms
593ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

4db4e93d4fa83a55a4fbc394bf2d88b7f06d108b45b06c26a177b2f1cb3681a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9664
x-xss-protection: 0
server: sffe
etag: "50cebd18023311ca"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 1266ms
806ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

873590343c34be6a11c63393447d8ca8494263eadc650e6f5f46e5b1541c1207

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2486
x-xss-protection: 0
server: sffe
etag: "4aef5f3412c72b0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 1018ms
559ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

2fa0573850512ff810d96a034c2b199fc696cf2946ec91e013505a2b56bf6bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8949
x-xss-protection: 0
server: sffe
etag: "ed46e6557509e50b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 820ms
820ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

fe58f3514ca2bc2bf91e32748dbf5bf7c4654a7e625bc9f32c7f0378db9fd61c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 22:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8466
x-xss-protection: 0
server: sffe
etag: "6d4d3601a80e134e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 22:17:09 GMT

GET
H2 404 digital_sans_ef_medium.woff2
rwfemfest.com/fonts/ 0
0 523ms
522ms Font
text/html 104.21.31.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rwfemfest.com/fonts/digital_sans_ef_medium.woff2
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.31.96 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://rwfemfest.com/
Origin: https://rwfemfest.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 22:17:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYhNIObl%2BEGtSx111GXoZY8zEa3%2Fp9YjMDPMKL0%2FTHnpin2xgUsVccWfUUSdHGfILZQkzGpqYz%2BYazCwtSWYOfRQUnpiEp9FM0f8h6KdBd8tSshgiw52Dp%2FGW8I%2BsBYp"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 76613294bd94a941-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 whatsapp.gif
staticimages.b-cdn.net/ 9 KB
9 KB 761ms
284ms Image
image/gif 139.99.63.197
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticimages.b-cdn.net/whatsapp.gif
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ns5000585.ip-139-99-63.net
Software: BunnyCDN-SG2-744 /
Resource Hash: 1e4bd52d1fe338a710ee0ff361d5c2621de619f881172e43516f3e7648e4fddf

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:09 GMT
cdn-edgestorageid: 744
cdn-storageserver: SG-76
cdn-cachedat: 06/27/2022 13:22:16
cdn-pullzone: 760787
content-length: 8852
last-modified: Sat, 16 Apr 2022 09:22:34 GMT
server: BunnyCDN-SG2-744
cdn-fileserver: 319
cdn-requestpullcode: 206
cdn-proxyver: 1.02
content-type: image/gif
cdn-cache: HIT
cdn-uid: a65d7957-9077-4235-898b-f4cca2b72fe4
cache-control: public, max-age=2592000
cdn-requestid: 87cd8d31f205b61d2e04cee78fad4a52
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 404 digital_sans_ef_medium.woff
rwfemfest.com/fonts/ 0
0 535ms
534ms Font
text/html 104.21.31.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rwfemfest.com/fonts/digital_sans_ef_medium.woff
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.31.96 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://rwfemfest.com/
Origin: https://rwfemfest.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 22:17:09 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbCLbNrEJSd8B3%2BdAXzOGPXGKbRBgKsipRvPPVRMXLgvfFerY6JUWRs0%2B4c0ucJagpQpx8dm6nuZMXE1b%2FVHiGKI48cPb5o9D5QOE8TZaFfB2E9tWrILwbRhDvgpSDR2"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 766132980d28a971-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 981f512aefddb90d78906ed696e27ae2934085ed0a55e2bc637d8dd41271a5b7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf6b7da432c0e08032b94b75584294cfd04ad93244821dcdd2e286bc7eda759

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

200

logobursa303.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/logobursa303.png
https://www.liteonaward.com/index_files/logobursa303.png
https://www.whalenet.org/index_files/logobursa303.png
https://www.worldaviationfestivalblog.com/index_files/logobursa303.png

25 KB
26 KB

1177ms
905ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/logobursa303.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81efc5737113aba5be204965e256499d1e6ae134438b9b170a66ce2d005b8fa7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 14:08:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUKfWk7D5v4aSv3ID9WsjNwr641kIcyK8B%2FegZedfHwxKuA4i9xNuW5LmK%2BF%2BuvS54bdpFp%2BCT00LUGcPyMAGkJ0p%2BInrWepgG%2F4cvFnUWFCUsCcd2PtG2uD4sFlcHpibO0h2HvCnLxFzx161p3CGZBL2oE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e0a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25819
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BcANLyREO8CqHvv2ccGHQylbM9ecvm6B7j8UqEE6G5hfpsNjq%2BPyMe5CmWCV6PdjA7AXDOCsErlOQ2dXJZ8m%2BwgO%2F%2BVg0SM8rQEtD%2BYTUs8Cn%2FD%2F8LD7FaQrVoMk078s2cq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/logobursa303.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2ee3a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

hotgames-icon3.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/hotgames-icon3.png
https://www.liteonaward.com/index_files/hotgames-icon3.png
https://www.whalenet.org/index_files/hotgames-icon3.png
https://www.worldaviationfestivalblog.com/index_files/hotgames-icon3.png

53 KB
53 KB

1246ms
1086ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/hotgames-icon3.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac25b6ef1e18dda6b4e576a6d7733c7a162cd82fc3abb97f207c1e76680bef8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJIIvFGhJNwGliq7u7KpOTnivNy4rsaJvx1PRvPOFUUA0rdE8S6roKV8Mo%2BKThuI9n0UWKjVd5gJYx8wUhVw5tjyFQssrT3XCHV89KsHVnkMNu3SoQ1Sn7YlXb%2B1%2BKuno2NXv4aO%2B480LDZbDT401oHLkjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e5a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54159
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaF%2BiOMnK7GJLTXZ7nsA%2BRbhqUCyf%2Bu%2F2WrfxCNKn5tl9mWUN62kWyQHeA5IV5u8JsY5mEf%2BZ1c67LiGS3SsphUSPK2C8EJDAKr4brEDGcD3Z0nz370Akx58wplH4pG1Dumv"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/hotgames-icon3.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f95a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

gameslot-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/gameslot-icon.png
https://www.liteonaward.com/index_files/gameslot-icon.png
https://www.whalenet.org/index_files/gameslot-icon.png
https://www.worldaviationfestivalblog.com/index_files/gameslot-icon.png

175 KB
175 KB

1265ms
989ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/gameslot-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea0aeb11f05f045bf4ac8efe2acc339df68f3133cacc4c64a82a60decbd6076

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERj2RI6KjyzWt3oQ9rfwpV%2By1ck2BBGuW1YpITcvXhOCYi55oiS8RXStev8UwEb8AIrK2TnDhJduFW6LpNZfj8DvCe4QEGvM9xRjPFS6wYbNT2IYy76OcuiqaJ8EUy2v8LZtbXzYYq0QhIAYGDgUJU0pjgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468dfa80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 179001
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s87qgxyz454EQOUSrYJVYgAL9g40ImMR6dSLmVWFkHcjPimpT055f3X0pTSi0QlKAN%2FKSBIq%2F%2Fkl985NJCPzBMfgHH59RyrVwCzbnwIG%2BbII9hdPUblinPTq%2F%2FK0P%2F0Oed6"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/gameslot-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2edda8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

casino-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/casino-icon.png
https://www.liteonaward.com/index_files/casino-icon.png
https://www.whalenet.org/index_files/casino-icon.png
https://www.worldaviationfestivalblog.com/index_files/casino-icon.png

201 KB
201 KB

1369ms
1236ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/casino-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a55378b51799b207d491a98b149721fd9a6f44522346b26c808be113b2049f0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:58:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31pEpGG9FdxN3YPrksRBsTTliAa6PTfvYl2H6vfnFD81HTsTkwqXYZhGeUalTCtGWSsC8exfkElLr1NrD7eYttE%2B7me%2B4GPBVjgsy2kGsYsWDWCHcQkbiHr%2F0vcGy%2FOXIR9eErM4gN0lNHvIiDdyg5oKXkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f1a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 205353
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2k4LHiq1npQiOIvYSYiu4fJ%2B8RLbJwW%2BC6R9mPubdVlRuiEcrUK1iGBqn8PcFBEH6CPSVVmDMLaPQHQXEpHL0BJNeTpU%2FLn45oSwV1k89zrBwiG84DWMb460pT32T%2BYJSpW"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/casino-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f9aa8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

sports-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/sports-icon.png
https://www.liteonaward.com/index_files/sports-icon.png
https://www.whalenet.org/index_files/sports-icon.png
https://www.worldaviationfestivalblog.com/index_files/sports-icon.png

149 KB
149 KB

1249ms
951ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/sports-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d82533dd9b82e3d52173d77caac6a88ca653ed4e22627d0c86fdcadb0bfeba

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:01:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH21PBo3TF3ilqR6ZqSOHvQfgxKij5UgPvPtSKwrou57HhKU%2FL0oxYfdn6FkEkGoJu16HaESGMP0o9ZOFPhhZk7ZEkMj%2FG0iP1TYR06J%2FgCfdJgIwAwCvymPvNQqR%2F7OjA7N7peq1WqfILHoTEFlbTeh%2FGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468d4a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 152108
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCtWpVTYtVApjQ5qFiqh%2B8cpWJtJKXK%2BCfn9EU58%2BeP%2F4fU6oo6C28M9Q3m%2F99HsIk3tfLsPM7BzEU9pGcJ7N0tvF0Aje8yE21bhgMPCO5dztij47SRIVpoXHVLFpvXfn9kG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/sports-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2edaa8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

arcade-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/arcade-icon.png
https://www.liteonaward.com/index_files/arcade-icon.png
https://www.whalenet.org/index_files/arcade-icon.png
https://www.worldaviationfestivalblog.com/index_files/arcade-icon.png

117 KB
118 KB

1269ms
1120ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/arcade-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a23f38606d4a7a9e8f6ee22e038e5f1dea636e4da40cad8e328a81c76e2e11

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGtaAT6rCarPvJfJvlk8bRpcVB6gswSYswCZFo1sIOPFK72bOBlsEGEhqjjcYBsYdVXfL23M1yhcoHhTjDPVVim%2BASTl4ov4k3tujPFDES3tzh8ufpWjWOIt%2FY2dBPOPZkuJehYT9C1SIdfCB8W%2F4wFdRcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549eba80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 120081
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8Ml5VF3GgbodSyZ%2FaEyLqp%2FyCa8Ba4hHypkBstd6ontDRyTpx5YSD6uxBUqvvlf4mTAQ52TQZP4oOM01NH49J%2BgHACsA5FvSJE1R1SIrwp5v1wepLJwSbkVqr21t5CmpmUo"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/arcade-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f9ea8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

poker-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/poker-icon.png
https://www.liteonaward.com/index_files/poker-icon.png
https://www.whalenet.org/index_files/poker-icon.png
https://www.worldaviationfestivalblog.com/index_files/poker-icon.png

48 KB
49 KB

1213ms
1087ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/poker-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d238d74735073d849fa23031af2d72f694a8729324bf80904e40dd7a3926157

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:04:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrlhAH4mF3KZwDUUSaIPNBW2KNdqCoaf2mfTwdH29GJ0KsgZ9LAkPxIY74YesQQjomJz4H2IOujfWTAzFvIVS19PR7xMlJaRi7RGbfhlD6tunqDFaljFKxqY9F8Asv6gynoPlYM%2BR1FZ7IaR5ISqJX388EU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f8a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49509
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE0vX7mrQ2QtCUR9DekNcmaQTsrIwCVR8Zk7ZnRx6mLyOmpEm3PAn4Gs7kWB%2BaTRJHpkAIeaYf54%2Bfr7FwtEXNW0JtAlLl%2BWexCli7IBDNx%2FGV4A9NrvMwPZiWnQPDSm0fO6"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/poker-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0fa0a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

togel-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/togel-icon.png
https://www.liteonaward.com/index_files/togel-icon.png
https://www.whalenet.org/index_files/togel-icon.png
https://www.worldaviationfestivalblog.com/index_files/togel-icon.png

87 KB
87 KB

1221ms
1086ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/togel-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f511af7e2f925134327c0c3cf1ecdfb7cb4d0ebd12ec8d36225188c49e9bfc1c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:05:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaPAw0qE%2FfNs9U7QLqgflF4lx%2FjI%2Fhlo%2FPULpqXwLBy5pygncCsZvUixrqmak5XRxlnjR4oeBAOthy0549UilhvnHYpqDe8IzXcGYmswibtGEiaQAE7U22sFX1arcpQu2AKgzLUpmG1s8v6TaFbFLyvIbB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f0a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88961
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGabdBBeiXIZXEaZOQm8OvN94yOG9Oqy%2B1kI%2Fa4Y59zh74pwFzcPfcmDPM6%2Btr2jfc%2FvLbIcLGAvi7B315ZKKCa9VfCvYC16xmM43AhgO1qkreLUAsSH06ukQxdxNEVch9H%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/togel-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f98a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

tv-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/tv-icon.png
https://www.liteonaward.com/index_files/tv-icon.png
https://www.whalenet.org/index_files/tv-icon.png
https://www.worldaviationfestivalblog.com/index_files/tv-icon.png

88 KB
89 KB

1199ms
1087ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/tv-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1af1faceda57d4f29334660a94570de1345ef966ef8e55dcaa1e722d20bf260

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:06:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niMrjiWrmt%2FdCkDL8Vul6Bal6hwQOylcju23X%2Fj4JuQVfrz4mPrc%2B3SVadtYThORtbqmkh%2BbHzjGFidRJH5V86qB2AakwDj5qaUjFFAzpEYkXpcTXnfSZXlmKTDKxjPSCFWgw8U%2ByfQRhOw2uJ5%2B0SgpsGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f9a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90245
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FZacHyWIlyqA39UPsNavEpI9gdso8htC1mCMHO%2FB%2F7NzW2FnnjFKn5Jh%2FyCnHUNgc%2F5w7l93wX1uflGcAuJDtQlSf8dkj4FY3WvO91BXmPfLG9aUBPGJ2UHdR3xSw0wp8AL"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/tv-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af2fb1a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

line-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/line-icon.png
https://www.liteonaward.com/index_files/line-icon.png
https://www.whalenet.org/index_files/line-icon.png
https://www.worldaviationfestivalblog.com/index_files/line-icon.png

5 KB
6 KB

838ms
711ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/line-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3282050ab4c94adb4fe464a93543dd87d6d4e3a7227798e2276dabd9328ebc

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x44zGEtadTIt%2BiJ0gCX1aH7ETb75zQ%2BsUULAUVB6syxSJaoG8cy2IVf9PHt%2FsTje7H5MIjAljrkYLLTeZxKf1qGCd4L1uI%2Byvitf2oIiBYRDnIRmf7DaC9ycTDsq2FZCM5ArpZUbrXfOLQzeeOk1qDeiMjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f7a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5595
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zbnc6OXGXzdKwYz%2FlnZSnh4zV50bdeE0T4AMAIPGhemPFYuSJN1lgwbFmitxTnqIiM7VFfn2JiE3bJVEIH8b9njuAIaN1yOis4Fzdl0IuFQNwEE%2FdduYt5SKZZvB8bukF2V4"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/line-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0fa1a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

phone-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/phone-icon.png
https://www.liteonaward.com/index_files/phone-icon.png
https://www.whalenet.org/index_files/phone-icon.png
https://www.worldaviationfestivalblog.com/index_files/phone-icon.png

65 KB
66 KB

1274ms
1120ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/phone-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d90d59dec759b36537cf1bc1b26b1f3a089ed51e3534239cb614c59192093e7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCDHBhsc40fc7KyhTBZRrJbe%2Be3zsLI%2BkQ7UxX0dHsata4gb06bceMSy3I03l4AUMLYDxUUYhhrbuQ9wWUDHmI5hKbvUYrp%2BTDtwf3FUVXlZ8eK1nzoBgnQ9exEfdb%2FjFLsuNRl09bCx3Y%2ByXyxQVmxlMbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f2a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67002
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkYFCNpJg1T%2B%2F46NQ7PJeyurAGq%2BTgmTIDYljTwxBQ0p8W9A1l1dz%2F06IkTO5f6PUGdna3trq%2F1to45DPHjasW5q7ZZi6FgNNhO3TXmY01wYSpwRV1iaAXm8Qc5bYeoVfqpt"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/phone-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f9ba8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

whatsapp-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/whatsapp-icon.png
https://www.liteonaward.com/index_files/whatsapp-icon.png
https://www.whalenet.org/index_files/whatsapp-icon.png
https://www.worldaviationfestivalblog.com/index_files/whatsapp-icon.png

149 KB
149 KB

1226ms
951ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/whatsapp-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX1ym2r9SPSXxgMFuOIgj%2FT6fOdKae15rF1xV%2F7G0Sx7c%2FVaIM4idtIWEUEOwlCvu3Z6iYcuffP1z9FXZIwZ5tKmMEFkmKMDjhFPMaLMr%2FqdLt77Amo79AyWpXxmJanz%2BtN0XJcsSpcBd0fAOKK23YVo2a8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468dea80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 152291
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdmdfIwf2VzzdzlRO%2F6iGohqYHXunEe8b9C7beqE31zEX23TVm8RRWd9msoSQcv2lZkwO8ODEzusVRUDzupMzHkrYJbsBIlQVsKmIlhozqZfVT8N8k3vZbTA7mf%2F0SnBCfhw"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/whatsapp-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2ee1a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

telegram-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/telegram-icon.png
https://www.liteonaward.com/index_files/telegram-icon.png
https://www.whalenet.org/index_files/telegram-icon.png
https://www.worldaviationfestivalblog.com/index_files/telegram-icon.png

127 KB
127 KB

1281ms
988ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/telegram-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91939414e7fe2a648e761f627ab98001a0c62e6c276451eada617e0a8e76b94

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 12:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GHnSE5zTEtqZ77xiiipen4AzMisdq65R5vYAhDJw%2BHERZCtaw%2BsRwtWt1Znoi0U5Fm4Mhb1L4rBFm4PlFJZBzJ62%2Fmo7QI4zOyk%2BM5m9LT8nkg1DLOx413aY4hf97ByBrNbs4gH%2FZori69PWBOyk7o8bs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468d8a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130048
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voxth7fLZwghb6r14%2BRHqma%2BsbeUlMTkth5aZa%2BjkZnndvPyVj88TT1iSRyeOTeIZaI44ORCaQe3nAxD0wcFRsPpidYZY3rojW5bglm%2F1FX32gQ68rev7B7u8mVJ2lauQ7gq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/telegram-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2ed9a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

BCA.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/BCA.png
https://www.liteonaward.com/index_files/BCA.png
https://www.whalenet.org/index_files/BCA.png
https://www.worldaviationfestivalblog.com/index_files/BCA.png

7 KB
8 KB

857ms
702ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/BCA.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd22ecd75139cd463b414cee5118665973997d447a110bf57d782725c421d047

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huQ6EPe%2FhrEOPaM%2Bdh2zByXt1gxRjtW3vVfHSXtHVrNHuChAx8dEdeOKlFnrLYyO%2BNoJZXzQACUhHdi41tTU1wl0ZG8LANhw7Ur1lDxo8HG5oYlX6K4TEL%2F0yF26kjhfWlPvqh0iYz0sCdRTWfpA4B90jzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e7a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7401
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrdMGaOyUTVT%2BOXIfVhMjWWQ4XFmRYPH%2FmEB6Ndvn8k%2BGCXSoODkga0T64BuCJnKjV56rURDSyioNS%2BclKGiQhw0bx6UQJkO7Al4a6PJdk%2F4CM4K0D1RIQzXZfZV4yHwKTsN"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/BCA.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f99a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

BNI.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/BNI.png
https://www.liteonaward.com/index_files/BNI.png
https://www.whalenet.org/index_files/BNI.png
https://www.worldaviationfestivalblog.com/index_files/BNI.png

5 KB
6 KB

688ms
526ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/BNI.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09eeffe3661aad698f9525506953a6c334b6ce70c90cd420fc8d6e11501bf1e6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQb3E38VSEcY5udqBWMLv1ImoJx1lmpL8wvkIVwsZ5NYnR14oJAx4eWLr0glAWGnIGNrRv9OYaofkZPsgl50kwo6qVX6dpkxJzhhEl3q84MZH9X0CpGXMr14lKZB8gzTqpYAdLXwzEaMpNd6NPWJ7%2ByYniU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468dda80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5401
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGRmLx51ltItP%2B46QusrHr%2FbyNyqvDZiLn2eGiMPjR8%2BaRLdDY5t56mClcheXfs1zVmazmkLUpnG%2BVahY8wA35Htt6hb06fg2L9QoyjK3Ahgj0taYeL6r1MruPqKfp9RNMrt"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/BNI.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f9ca8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

BRI.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/BRI.png
https://www.liteonaward.com/index_files/BRI.png
https://www.whalenet.org/index_files/BRI.png
https://www.worldaviationfestivalblog.com/index_files/BRI.png

5 KB
6 KB

832ms
535ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/BRI.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67445fe829dabdb3f7165696da86d20df432e0407bbd28a74783d2517f66d7d0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9ATVi38RzxlM1ahI4p2%2FOfvH2mvZwnMCEqln%2FE34usZ3x5vZk3ymaRN7A%2BoH4b6N72XX1z6EH8oKNdPdBXiKx4%2Bhooku1NlmtvDpJurxgVOE1MskLbsb566MMolnir1KM6iMw8lO0yDZao87ZxZSnsGkiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468d5a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5383
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g16VtY2k7Mh3l0boSCYJ9bPbnN1bCoTSVo58FWEEzzEWh8QB8ZAFZnKyglXDyiocJpBK0Fo2DcDCEzQotjGKHZWFBqD21SnVSBNM39pnw7GRBiX6C8MVvPnyoFtfFeTsO7px"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/BRI.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2edca8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

MANDIRI.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/MANDIRI.png
https://www.liteonaward.com/index_files/MANDIRI.png
https://www.whalenet.org/index_files/MANDIRI.png
https://www.worldaviationfestivalblog.com/index_files/MANDIRI.png

6 KB
7 KB

819ms
676ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/MANDIRI.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2ff7f5d7a9ce992c1bc4f0814432d64be17aa6918895020fb3d0bf321bd5dd

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbS7RqoBYg%2Fvz7BptryVSAj73CJA04Hu7l3kd80uDioJxZE%2BhmiyQA7JxuHCwwVMF6FIZoaMkIYvd9YcjHWmY%2FkVghJHeIwE77E098%2BwLF4L4rscC0p0c76o2Z3w9aaySJn3LDo4u2eA0etkSJkBSYMIXA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549eea80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6559
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM1nrtxglBADhBjYmCJImHQOpf0vBM3QWUmBul21Ty%2BU16%2FOhNOg9%2Bo%2B7GehF3gzoTa%2F3iwVLQEZIIhhiDwMVikM6NhCH5rXmm1PT0irtCrdEmeWlBT89CU5bxsHscesvY0S"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/MANDIRI.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0fa3a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

CIMB.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/CIMB.png
https://www.liteonaward.com/index_files/CIMB.png
https://www.whalenet.org/index_files/CIMB.png
https://www.worldaviationfestivalblog.com/index_files/CIMB.png

5 KB
5 KB

817ms
685ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/CIMB.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a62c4900c7dbeaab975c8ffb50827066f3cfa5129bb6f268645e31b22e25650

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VreOYItJ2cj6cAnjrQYcLrhhttdZgdU5azHuK2apCK2nJdkaGLWzLNWF4z8VBvFsx47Prsomt4Kt%2B32ZIC30f48Y8W6bp8Go2rG2%2Bm3H5W4n%2BXugEgIdPxeULyVaItwKJVSJVLoLdXmb5NWCKfSh4nqbJHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549eaa80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4753
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PayRmgiLKuSSFpXS20572I%2Fd5%2BEyyzcgR%2FSQNlhkcuUoaZpcsBzgEHk2AF%2F8Ai7DdLJy%2Bk3sqak3n%2FxC9B4TzoSPzNFlG5Hi0%2FaNTYjG1FkJU1XdvbeW5duXvxQdfQpHFRo9"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/CIMB.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f96a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

DANAMON.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/DANAMON.png
https://www.liteonaward.com/index_files/DANAMON.png
https://www.whalenet.org/index_files/DANAMON.png
https://www.worldaviationfestivalblog.com/index_files/DANAMON.png

5 KB
5 KB

823ms
692ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/DANAMON.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f27a082ca0ac19ae0e005cd6f9bfb698beca0d3c12de160b7dec172730cf950f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j29Zfh6IZfnxLT84KxgqE%2BCGeVIJOocJ%2BkIPhFcYCepgBjwtUtEWizQGPpRHxl3mIeK4lbqwOgo5dAt2VKT%2BOZ8nfWwjRFN09QAAqLw73L302ObDRVM%2FFLhdzsycUfFUkaBIqQkXR%2B%2FDQu5SLWzcupo0Nhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549f4a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5005
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSQV2JHO0%2BxsRPmZQO%2BJzjm86PWeoBiRm7vqLQVFh%2BqlHnbWMqJEJ8fqPtfsrXQLQwjY9brwnLN86%2Bt9bOlM4C1qcaFRhEw0WNUDLVZV5xF4VZzcpfRNnRK4Ixty%2F5rcnxXs"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/DANAMON.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0fa4a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

E-WALLET.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/E-WALLET.png
https://www.liteonaward.com/index_files/E-WALLET.png
https://www.whalenet.org/index_files/E-WALLET.png
https://www.worldaviationfestivalblog.com/index_files/E-WALLET.png

7 KB
7 KB

804ms
665ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/E-WALLET.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04af934fd242729aa0d6470f7c3a574ca3cb54b49109341e5d415210e9a49d3e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9kfXvwQgOhFFyiLqAqxuWbxpmaWxtfk0UKh73b96CxNi%2FTdelX43Izz5vnvOO2yUgNOvO0prZ48ZJJf%2Fr%2FZXoKoB3MMRTB6eVxT4cGr34MFF2HZ8pOGg3V9IweXSncUtbi%2BvTR%2FII68oPYlpCNjIs4QGjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549efa80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7329
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs6UZxCYYGG6go8xX6KyTJXHr5yQh5MoFzNeXKmeDEhMMkryFCAyZ0PepKXZyK3vIXXnkVC74ufJcVVVla62kFElshGy5qtndKB9iBVE8EWAMS5ENMo6md%2BE2diI866l04wl"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/E-WALLET.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f93a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

TELKOMSEL.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/TELKOMSEL.png
https://www.liteonaward.com/index_files/TELKOMSEL.png
https://www.whalenet.org/index_files/TELKOMSEL.png
https://www.worldaviationfestivalblog.com/index_files/TELKOMSEL.png

5 KB
5 KB

817ms
660ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/TELKOMSEL.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60382658b017bf4edf438d0f8ae771df4632c4c0e4b398d239174d22ec1d8a80

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 05:55:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uV5ZUhf2P%2FI8QZLtBQZYRims8yums2IGLh0uXiPWJ4ZKzXMLtPSvsG0tmSqdE18c187SmqA1H1a%2BkgwxMO35Bxw3xl6g6qnVEtmSutGqwj3tq2mWliAmf9ctG4ghfQmBANLVcplS246Dpc1nIWStFNCdfec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e8a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5110
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Vvp4kCI5PyrKeUk5j%2FSxgq4s2ZqP5pbplBDrcp96AlGFblQs7NushyvrVBugTRods5muQfowJ4jry14M7zIWu7sJM6g%2BC27k2Gv0ttyINVNsoxGSRtPy5bTcCktpaXKm%2FMx"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/TELKOMSEL.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f9fa8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

home-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/home-icon.png
https://www.liteonaward.com/index_files/home-icon.png
https://www.whalenet.org/index_files/home-icon.png
https://www.worldaviationfestivalblog.com/index_files/home-icon.png

20 KB
20 KB

1040ms
880ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/home-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bb5b95c1092e6d8dd3cf451499f4112f391bb5bfcfe1124c2723a3392dd6c3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:22:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gVIlg9iK93G0CXGMbE4S0K6rYWhrT46lglxqsbce32%2FF78P3%2F4t085qIecWYqLNHbvJpMzuRapdnMaR26vfL0qPdukyRtTCR%2F3rQGHKD%2BdW%2Bl20S8yBXY3QPFHJuipqgMkF3OHysstfbmLfWypHucfk5YM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e3a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20515
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhorL0G8mXhzsoCWBKmJyo%2Fzo154XjwyJjSffuohtmiOJDd%2Fxh%2B%2Fs0x7M2u37%2FjTEK2wxv%2Bj8aihCoSMJwoJL1ehSuYgp3K7lQucxb2HU3CIfnhGpyRhUJ7j99ktl0RQSoDx"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/home-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f92a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 register.png
staticimages.b-cdn.net/ 14 KB
14 KB 319ms
317ms Image
image/png 139.99.63.197
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticimages.b-cdn.net/register.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ns5000585.ip-139-99-63.net
Software: BunnyCDN-SG2-744 /
Resource Hash: d5cf6886ca3fac8e3a389d196488bc4d55c446b9761d46a1ee16a9552e68bc67

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:10 GMT
cdn-edgestorageid: 744
cdn-storageserver: SG-76
cdn-cachedat: 06/24/2022 13:37:00
cdn-pullzone: 760787
content-length: 14361
last-modified: Mon, 18 Apr 2022 04:17:19 GMT
server: BunnyCDN-SG2-744
cdn-fileserver: 319
cdn-requestpullcode: 206
cdn-proxyver: 1.02
content-type: image/png
cdn-cache: HIT
cdn-uid: a65d7957-9077-4235-898b-f4cca2b72fe4
cache-control: public, max-age=2592000
cdn-requestid: d4411eaa5c017df7db896f8b91358b45
accept-ranges: bytes
cdn-requestcountrycode: NZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

https://joker123slot.b-cdn.net/index_files/login-icon2.png
https://www.liteonaward.com/index_files/login-icon2.png
https://www.whalenet.org/index_files/login-icon2.png
https://www.worldaviationfestivalblog.com/index_files/login-icon2.png

180 KB
180 KB

1407ms
1120ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/login-icon2.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf4ecc6edbf77ba5624f8976fe7928e433baa471ccf256b0e994d89dfa92a02

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:33:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d10OO7BJHT5LfQGqx6L8lypoRNwPqbDk8SjZCrkSwrITrjH94fdrZ2LU6oD9Dh9GYPMViteOA%2FaPTUsU8hZP%2BJqfT%2F64XtpJHM8saGIsmtnPv8XoaT6bRRltG0o53nvLH3mycqrBQQyq2U2rVk37%2F958sVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468dba80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184119
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BxIfryTfV2Xm2uFSZ6PXUz9iGny7x%2BBtIeeOjxL2k6hb%2F9VHTOxpjvATfh0MFRg%2FLehws90353gD%2FeXAteGCPJY%2FKtaYugNwF7O%2Fc4oxSZWgwGS6SU7u8356%2Fjdc1riEhVW"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/login-icon2.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2ee2a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

promotion-icon.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/promotion-icon.png
https://www.liteonaward.com/index_files/promotion-icon.png
https://www.whalenet.org/index_files/promotion-icon.png
https://www.worldaviationfestivalblog.com/index_files/promotion-icon.png

15 KB
16 KB

1016ms
727ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/promotion-icon.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0549d3d21c90af696c86a712e3e997f6c90d4c12dac2ed985c00f6ce18e6ed3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:28:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kmYrH1CkUMZEu%2FxtgJ7oSxfV9Lz6H8HirMYRrjOA3yv0fZYCVTBxNwSa1q%2Bqn4KLGeATdJ4GtajWIdX7%2BKSUP2ZXLxHdIrCx3ByaYKk8XQkEnIy2KKQ8LJngxMGvLujir2hU8FpZIO6mSSKV4xlQiJNYQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b468daa80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15556
expires: Sun, 13 Nov 2022 22:17:13 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbJvACqCfmCOlj4mxaGEDIeMrlYb82WF%2FloMlsQ3aag3Chld8Zud75a0FTBk9XvCndxqXjcnXHw9GC0FjD7Kn6yy2G3cDU9AZ9t7ooSS5JvxYkhRwo1hHaSlGHE5KcBIe6tC"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/promotion-icon.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132ae2edfa8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

livechat-icon2.png
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/livechat-icon2.png
https://www.liteonaward.com/index_files/livechat-icon2.png
https://www.whalenet.org/index_files/livechat-icon2.png
https://www.worldaviationfestivalblog.com/index_files/livechat-icon2.png

23 KB
23 KB

1005ms
848ms

Image
image/png

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/livechat-icon2.png
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4925e67f82f83866b07c1009536972376bbeae6cb1f757ac2c351e2e833fad3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTplULceJLOqiZNy4a2Pl8uuBDoa1piuyuLSvXXWdCewiFTGYef5ftrOyTLKBL05vg%2BRu2TBu6lPOVL1PnB5uJTLseAIeFuuGJAugloZ3rg%2FUMOnS5u1YnBBh6O1YM3on2MVT%2FVPapmmwHqUBrjUl2DHm%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549e9a80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23400
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4RWBvxVBbD%2FSVnDK86GHnAQACEl1z0vidVVK8aUIxbrTvNyTlao%2BQatbvnaRxuaCXjtFnelhGshX9F0L4t9uCeGkXak4iyyTyclpuPOA%2B8j9NjkbazYvPh7SclJlFOmBcxN"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/livechat-icon2.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0f94a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012210211855000/v0/ 8 KB
3 KB 705ms
235ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210211855000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

eb0ee940fa4feb2f463a553369b5f8c9e0f226c702a2cf5f66648792a9c4ed69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rwfemfest.com/
Origin: https://rwfemfest.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Nov 2022 20:16:34 GMT
age: 439236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2993
x-xss-protection: 0
server: sffe
etag: "4c4f9dfcf3c36789"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Nov 2023 20:16:34 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012210211855000/v0/ 12 KB
4 KB 705ms
247ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210211855000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

945de24b9f67ef6e2a971867bc8c251141c8f36d193f0145f5787e42cd7a7c9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rwfemfest.com/
Origin: https://rwfemfest.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Nov 2022 20:16:34 GMT
age: 439236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3846
x-xss-protection: 0
server: sffe
etag: "dd1527ec8ef4e804"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Nov 2023 20:16:34 GMT

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 jackpot Show response
139.99.28.182/amp/iframe/ Frame 57BB 903 B
2 KB 811ms
337ms Document
text/html 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/amp/iframe/jackpot

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

7e589438db467b351b298dfdfee769793765c923d0ba5bd3c2be25a1a8cec21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

Referer: https://rwfemfest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 766132a11c4d8838-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 22:17:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6LYTQrBSUlJHjbZWSbslNyke4fjcbnWZSJZgZewCXNEDnfncvfv6QMhBC7w9%2BYWWzQB%2Fuqcb2rdHxLvFOPdmlkSaj2DEmsyTUfPzhCnlJJ7Srp7GNBDK74YaAB4gQs%2Bcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding Accept-Encoding

GET
H2 200 amp-animation.gif
nx-cdn.trgwl.com/Images/nexus-alpha/red-white/mobile/jackpot/ 204 KB
205 KB 1008ms
688ms Image
image/gif 172.64.135.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/red-white/mobile/jackpot/amp-animation.gif?v=20220126

Requested by

Host: rwfemfest.com
URL: https://rwfemfest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.135.37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385d392ed395a8b72f438717309495513adeaf01480df34d7833648ad2418dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208465
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 01:48:06 GMT
server: cloudflare
etag: "08f20619931d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xHTsuz3T195DiA4PT%2BsIsuM%2BFykrQFZAOUo7Sltv0jPRRfoUG7uwGTRDOb06NiNXrP%2B%2BSa64XBEebxgKbZ3udugSu2THKtTYustWpP27TwGcxAJ6qPGdUReFLA%2FZDtIlXAb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7661329fd8b617d0-MEL

GET
H2

200

bonusmembe100.jpg
www.worldaviationfestivalblog.com/index_files/
Redirect Chain

https://joker123slot.b-cdn.net/index_files/bonusmembe100.jpg
https://www.liteonaward.com/index_files/bonusmembe100.jpg
https://www.whalenet.org/index_files/bonusmembe100.jpg
https://www.worldaviationfestivalblog.com/index_files/bonusmembe100.jpg

254 KB
255 KB

1245ms
1119ms

Image
image/jpeg

104.21.81.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldaviationfestivalblog.com/index_files/bonusmembe100.jpg
Requested by: Host: rwfemfest.com
URL: https://rwfemfest.com/
Protocol: H2
Server: 104.21.81.127 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d3eebde4987a3b072c5951b974a63e3cac92df106d879f2ae9a41aeead8852

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rwfemfest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 14:06:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb8MAvtquk%2B4jfJlpZFrpQsCjmwL1JjOJRL1MWxDj6VqD8gigz6VRYH7WCPvwl8hQvictumheYjojQHyBwfEpgXnYkW0FJyrT9WHY%2B3PJCAuW1%2B8eibYY7GNnOYJ0SX5BxrbUw%2Fv070zg0uPrCKCokDOVvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 766132b549fba80e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 259996
expires: Sun, 13 Nov 2022 22:17:14 GMT

Redirect headers

date: Sun, 06 Nov 2022 22:17:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehAI%2FD%2FL1qfLSV6sGck%2Fh47WnCN0804L2dtJqYzeAtAo9WdH17zUmMrmxf%2FN9utd5morzoFQVPHKRB9NevTo31ZUuSEMb6HRZ7FQpuqCsWnTaUoY%2F2FtAHW9GV4WZvqBxw3z"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.worldaviationfestivalblog.com/index_files/bonusmembe100.jpg
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 766132af0fa2a8ce-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mobile-css
139.99.28.182/Content/Home/ Frame 57BB 131 KB
22 KB 805ms
569ms Stylesheet
text/css 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/Content/Home/mobile-css?v=kXjX00p8BSQ2pF14oysc_tPYak10-F-JwQGVt2ChZ_I1

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/amp/iframe/jackpot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

da0fa12e5f76b7121850d6d146eb094dfc647ffe574c8fbd8fd8a623dbbfc60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://139.99.28.182/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:11 GMT
strict-transport-security: max-age=15552001; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 06 Nov 2022 22:17:11 GMT
server: nginx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GCmFtwcEFTSzXYgOYCatjlKHEqj3QTukUegnqu8InmICTK35MYriJoHVKxNoftxNnQwE8BR4hKlYoJ5dhIL1%2FlC7CRkGA8EL5kDDnTLHC2hHPO%2BA%2BjOYvF%2FXBBRw5w4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 766132a4ca6891a1-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Nov 2023 22:17:11 GMT

GET
H2 200 mobile-red-white-css
139.99.28.182/Content/Theme/ Frame 57BB 19 KB
5 KB 570ms
334ms Stylesheet
text/css 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/Content/Theme/mobile-red-white-css?v=G9RvJTySILPhKEprtaN7jOyAMzL6B_ln0XKWz4Rxgc81

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/amp/iframe/jackpot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

c3bf01e3f4607d690dc21282211cd216e21fb705426a00a7bc57ae28c8ab2b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://139.99.28.182/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:11 GMT
strict-transport-security: max-age=15552001; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 06 Nov 2022 22:17:11 GMT
server: nginx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq%2BoQVzt%2B6cxoZCKKR1lG9Q6lhsYQUhWjOh2N4GX5cjMYH53XP9pOaQDl3SoZshOBFCT3M11zdu48HiwcPQVNgKpo1PEHmsIbVql8ztmcqmadMNW%2Fd8GwBN4hkNu94JC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 766132a4c9b04c95-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Nov 2023 22:17:11 GMT

GET
H2 200 main-jackpot-js Show response
139.99.28.182/bundles/Amp/ Frame 57BB 102 KB
36 KB 801ms
569ms Script
application/javascript 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/bundles/Amp/main-jackpot-js?v=eEyDVsfp8WRoW-YB5beEoA6bCd37M0sMZilicUPxsa01

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/amp/iframe/jackpot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

2e23d9f9ea1fd550f92fa6ef70b782a097f5535ff70edbb1f9032b7e218abd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://139.99.28.182/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:11 GMT
strict-transport-security: max-age=15552001; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 06 Nov 2022 22:17:11 GMT
server: nginx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25Ne0iMbjpRKNfJ2BZ56y4%2BiuhpNuesNDf7J5qKTIIrUD5VjkkcuAhI4CgeTJ19I3povynKCmcU1bgzWzac7VvuMMyUWAsVwmun7yEuwIaJFnq8psjFKX5Xp9vlCMDeXgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public
cf-ray: 766132a4cab687bd-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Nov 2023 22:17:11 GMT

GET
H3 200 animation.gif
nx-cdn.trgwl.com/Images/nexus-alpha/red-white/mobile/jackpot/ Frame 57BB 69 KB
70 KB 758ms
599ms Image
image/gif 172.64.135.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/red-white/mobile/jackpot/animation.gif?v=220221101-1

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/amp/iframe/jackpot

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.135.37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8165085beb5cc5dbb040f50d393877e88d94b147d1bf493784d30d506785dcba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://139.99.28.182/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70176
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:20 GMT
server: cloudflare
etag: "0d49c6075c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cSv23vbOJv7t3f4twZKL82DXolQOT6Cag2onqi4qjf8OZ1SKriojh5q6agpAvZqZTlMS6knBlTdU3x3ldUq3Oob%2FR2WlIPfW277KLkz%2FiaamyieG1kQYwIho7bjuUJguvTV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 766132a98e1adf81-MEL

GET
H2 200 advanced_dot_digital7.woff2
139.99.28.182/fonts/ Frame 57BB 7 KB
8 KB 330ms
329ms Font
application/font-woff2 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/fonts/advanced_dot_digital7.woff2

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/Content/Home/mobile-css?v=kXjX00p8BSQ2pF14oysc_tPYak10-F-JwQGVt2ChZ_I1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

Referer: https://139.99.28.182/Content/Home/mobile-css?v=kXjX00p8BSQ2pF14oysc_tPYak10-F-JwQGVt2ChZ_I1
Origin: https://139.99.28.182
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:11 GMT
strict-transport-security: max-age=15552001; includeSubDomains
cf-cache-status: BYPASS
last-modified: Wed, 19 Oct 2022 03:45:10 GMT
server: nginx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "0e7c72f6de3d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPdgZtLfQfIee%2BF665Q1n1H%2Bf1opvHI5YXyclT4H8JqGFNs2K2hYhmY8Cu3%2FJrgGoRohaqvf0E5KSpCuPBwff3AstmRHBvzsv%2B%2BWaIH8KpTrwhSyeo6A50zuNu4ek%2BLoCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 766132a8dc35a036-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7348

GET
H2 200 digital_sans_ef_medium.woff2
139.99.28.182/fonts/ Frame 57BB 19 KB
20 KB 335ms
334ms Font
application/font-woff2 139.99.28.182
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://139.99.28.182/fonts/digital_sans_ef_medium.woff2

Requested by

Host: 139.99.28.182
URL: https://139.99.28.182/Content/Home/mobile-css?v=kXjX00p8BSQ2pF14oysc_tPYak10-F-JwQGVt2ChZ_I1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.99.28.182 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip182.ip-139-99-28.net

Software

nginx /

Resource Hash

3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains

Request headers

Referer: https://139.99.28.182/Content/Home/mobile-css?v=kXjX00p8BSQ2pF14oysc_tPYak10-F-JwQGVt2ChZ_I1
Origin: https://139.99.28.182
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 22:17:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains
cf-cache-status: BYPASS
last-modified: Wed, 19 Oct 2022 03:45:10 GMT
server: nginx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "0e7c72f6de3d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mO4dfRWlFnLC%2FLd39gBzor%2BEfvgIzOSO9nSijqdS4WcHYBDtgxsfR7oDj30GE%2FyARBdgV%2F3u2j97%2FIyTeIuGC%2BGGADFzyWP8WuJN%2FKRQqh4xBTTWOc3UlFt%2FkEInA3F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 766132a9dc574d96-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18996

GET
H/1.1 200
OK js Show response
tickers.playtech.com/ Frame 5A19 51 KB
51 KB 2137ms
802ms Script
application/json 213.187.229.56
PTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Requested by: Host: 139.99.28.182
URL: https://139.99.28.182/bundles/Amp/main-jackpot-js?v=eEyDVsfp8WRoW-YB5beEoA6bCd37M0sMZilicUPxsa01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.187.229.56 , Canada, ASN43937 (PTNET, EE),
Reverse DNS
Software: /
Resource Hash: 54c3aa9f13681046fc203fb6cd978a0764e48b8cadd28d47fc025d81e67598da

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://139.99.28.182/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 22:17:13 GMT
Age: 98
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=299
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 52386

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rwfemfest.com/fonts/digital_sans_ef_medium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://rwfemfest.com/fonts/digital_sans_ef_medium.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
joker123slot.b-cdn.net
nx-cdn.trgwl.com
rwfemfest.com
staticimages.b-cdn.net
tickers.playtech.com
www.liteonaward.com
www.whalenet.org
www.worldaviationfestivalblog.com
104.21.31.96
104.21.4.33
104.21.81.127
139.99.28.182
139.99.63.197
139.99.68.6
172.217.194.132
172.64.135.37
172.67.221.41
213.187.229.56
00a23f38606d4a7a9e8f6ee22e038e5f1dea636e4da40cad8e328a81c76e2e11
03b0aa38599191c39c11d7a72b3be55f6591eafc0b114f4c2074712330ecc8fe
04af934fd242729aa0d6470f7c3a574ca3cb54b49109341e5d415210e9a49d3e
09eeffe3661aad698f9525506953a6c334b6ce70c90cd420fc8d6e11501bf1e6
0b2ff7f5d7a9ce992c1bc4f0814432d64be17aa6918895020fb3d0bf321bd5dd
1a55378b51799b207d491a98b149721fd9a6f44522346b26c808be113b2049f0
1d90d59dec759b36537cf1bc1b26b1f3a089ed51e3534239cb614c59192093e7
1e4bd52d1fe338a710ee0ff361d5c2621de619f881172e43516f3e7648e4fddf
29d82533dd9b82e3d52173d77caac6a88ca653ed4e22627d0c86fdcadb0bfeba
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2bf6b7da432c0e08032b94b75584294cfd04ad93244821dcdd2e286bc7eda759
2e23d9f9ea1fd550f92fa6ef70b782a097f5535ff70edbb1f9032b7e218abd2c
2fa0573850512ff810d96a034c2b199fc696cf2946ec91e013505a2b56bf6bd1
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
385d392ed395a8b72f438717309495513adeaf01480df34d7833648ad2418dde
3cf4ecc6edbf77ba5624f8976fe7928e433baa471ccf256b0e994d89dfa92a02
40d3eebde4987a3b072c5951b974a63e3cac92df106d879f2ae9a41aeead8852
4db4e93d4fa83a55a4fbc394bf2d88b7f06d108b45b06c26a177b2f1cb3681a5
54c3aa9f13681046fc203fb6cd978a0764e48b8cadd28d47fc025d81e67598da
60382658b017bf4edf438d0f8ae771df4632c4c0e4b398d239174d22ec1d8a80
67445fe829dabdb3f7165696da86d20df432e0407bbd28a74783d2517f66d7d0
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
6a62c4900c7dbeaab975c8ffb50827066f3cfa5129bb6f268645e31b22e25650
7ac25b6ef1e18dda6b4e576a6d7733c7a162cd82fc3abb97f207c1e76680bef8
7e589438db467b351b298dfdfee769793765c923d0ba5bd3c2be25a1a8cec21f
8165085beb5cc5dbb040f50d393877e88d94b147d1bf493784d30d506785dcba
81efc5737113aba5be204965e256499d1e6ae134438b9b170a66ce2d005b8fa7
873590343c34be6a11c63393447d8ca8494263eadc650e6f5f46e5b1541c1207
8d238d74735073d849fa23031af2d72f694a8729324bf80904e40dd7a3926157
90942abf4eaffa2e93dec3b65152c96001b0f190fa7d655ec3a61bee3d4e99da
945de24b9f67ef6e2a971867bc8c251141c8f36d193f0145f5787e42cd7a7c9c
981f512aefddb90d78906ed696e27ae2934085ed0a55e2bc637d8dd41271a5b7
a14cac7ed9fb93238a1028e7f2c2a9d4c0725817f28163ad9ec5aa3385fcf8ef
af01f23413b5533c1b5a1c400e3076726312db3cb2fe0a48d3dbdb5f2b4cd231
b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea
b91939414e7fe2a648e761f627ab98001a0c62e6c276451eada617e0a8e76b94
c3bf01e3f4607d690dc21282211cd216e21fb705426a00a7bc57ae28c8ab2b46
cd22ecd75139cd463b414cee5118665973997d447a110bf57d782725c421d047
d0549d3d21c90af696c86a712e3e997f6c90d4c12dac2ed985c00f6ce18e6ed3
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
d4925e67f82f83866b07c1009536972376bbeae6cb1f757ac2c351e2e833fad3
d5cf6886ca3fac8e3a389d196488bc4d55c446b9761d46a1ee16a9552e68bc67
da0fa12e5f76b7121850d6d146eb094dfc647ffe574c8fbd8fd8a623dbbfc60c
e1af1faceda57d4f29334660a94570de1345ef966ef8e55dcaa1e722d20bf260
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
eb0ee940fa4feb2f463a553369b5f8c9e0f226c702a2cf5f66648792a9c4ed69
ee3282050ab4c94adb4fe464a93543dd87d6d4e3a7227798e2276dabd9328ebc
f27a082ca0ac19ae0e005cd6f9bfb698beca0d3c12de160b7dec172730cf950f
f3bb5b95c1092e6d8dd3cf451499f4112f391bb5bfcfe1124c2723a3392dd6c3
f511af7e2f925134327c0c3cf1ecdfb7cb4d0ebd12ec8d36225188c49e9bfc1c
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fe58f3514ca2bc2bf91e32748dbf5bf7c4654a7e625bc9f32c7f0378db9fd61c
fea0aeb11f05f045bf4ac8efe2acc339df68f3133cacc4c64a82a60decbd6076

rwfemfest.com Open in urlscan Pro 104.21.31.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

47 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

8 IPs

4 Countries

2447 kBTransfer

3044 kBSize

0 Cookies

7 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

rwfemfest.com Open in urlscan Pro
104.21.31.96 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

47 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

2447 kB
Transfer

3044 kB
Size

0
Cookies

49 HTTP transactions
6 data transactions