urlscan.io logo urlscan.io
SecurityTrails logo

rdrt.wtf Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://rdrt.wtf/mVmwWM
Submission: On September 16 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdrt.wtf.
TLS certificate: Issued by GTS CA 1P5 on September 10th 2022. Valid for: 3 months.
This is the only time rdrt.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 192.243.59.20 39572 (ADVANCEDH...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.224.31.34 8075 (MICROSOFT...)
27 11
10    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rdrt.wtf
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
inhabitantquestions.com
2    2606:4700:20::ac43:451d (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:1ec:27::cafe:1806 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
api.webp.cloud
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
Apex Domain
Subdomains		 Transfer
10 rdrt.wtf
rdrt.wtf
101 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
c.clarity.ms — Cisco Umbrella Rank: 998
h.clarity.ms — Cisco Umbrella Rank: 5354
26 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
111 KB
2 ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 14342
17 KB
2 inhabitantquestions.com
inhabitantquestions.com
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
556 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2989
333 B
1 webp.cloud
api.webp.cloud
795 B
27 9
Domain Requested by
10 rdrt.wtf rdrt.wtf
3 fonts.googleapis.com rdrt.wtf
2 h.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms rdrt.wtf
www.clarity.ms
2 www.googletagmanager.com rdrt.wtf
www.googletagmanager.com
2 code.ionicframework.com rdrt.wtf
2 inhabitantquestions.com rdrt.wtf
1 c.bing.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 api.webp.cloud rdrt.wtf
27 11

This site contains no links.

Subject Issuer Validity Valid
*.rdrt.wtf
GTS CA 1P5		 2022-09-10 -
2022-12-09		 3 months crt.sh
inhabitantquestions.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
ionicframework.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rdrt.wtf/mVmwWM
Frame ID: C01FD9E586BD0458D58C194A74245370
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

27
Requests

93 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

259 kB
Transfer

721 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&RedC=c.clarity.ms&MXFR=145E88C051BA676C10739AE155BA6962 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&MUID=0DA37DAFCC7164983B7F6F8ECD8465C9

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mVmwWM
rdrt.wtf/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ddea483d2f11cac61f6c0af7e1bf75c429e4618a006b90e4c27c11889b2471fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74b962787a974160-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 11:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWfWLHvTQd%2BxhJNz0vYnTOJrwvDK5ST%2FVQbLNoj26I9JDehfY02ia3S2x3PtIfekfnjK%2FSbwC%2BGtCx03jzJyOUZgUIOTnowH3gz2tNDxE801d5TTeq5p0sTo1a335iD1ai0pRRjJhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express
b98661f7d966c560e9373aa29e7682b1.js
inhabitantquestions.com/b9/86/61/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://inhabitantquestions.com/b9/86/61/b98661f7d966c560e9373aa29e7682b1.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 11:50:28 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
5fb6e316fdeb039925aeb20e49d79969.js
inhabitantquestions.com/5f/b6/e3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://inhabitantquestions.com/5f/b6/e3/5fb6e316fdeb039925aeb20e49d79969.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 11:50:28 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
_default.page.client.ts.1e59e21f.css
rdrt.wtf/assets/src/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/src/_default.page.client.ts.1e59e21f.css
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e09d53fcdee57da28c21b9f574b6e4ca91891da576f32ac1cb96c41e0ebb0b7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/mVmwWM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"42f8-1832db8bde8"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skCSeBdK4f8ZZpdzjzeO48BhTIdAd1MJeuOYZ06hcW5pf6tSOOioKxjG1v6XO3Y7MIE4fvQeXik6HvP%2Fmxz5fWzFv%2FKuzJR6ruOv%2B%2BMSc6PKB38v1syGnFTbvpv6Ayz5C6zWNcYMag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b96278db074160-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
404.d53b7e83.svg
rdrt.wtf/assets/ 		91 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdrt.wtf/assets/404.d53b7e83.svg
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d53b7e83cc55f344625628b07a9d52ad961f2727f627c8a760c6aaf6edc2dd28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/mVmwWM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"16a86-1832db8bdde"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3htPnBaSwQJIEN7vNcGLe%2FMU%2BgqxqCfFrufVnsR4pangYnoUrc2QAQ%2FqCZw54EmoP%2FtTQJkutI%2B1uvB3quEqFRC2vWZk31VChoJbZXEluaqJSQOnzHkkopUB%2BlQ%2BwqwfzX8%2Bz3ZeWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b96278fb284160-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Button.f3884f49.js
rdrt.wtf/assets/ 		940 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/Button.f3884f49.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fb95c2689cfde5ad8a949378986b32ec9fab34773eaec6486f655eccfe19a75d

Request headers

Referer
https://rdrt.wtf/mVmwWM
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"3ac-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHCBfCsZLjjqiVQiFqujyEXdWCy8K8f5anVcuSBHXpLr05aX7kRcA%2BpoOXoisqQmLIQHTBNqEOxzvDtq2tBzTbDOVZd2YQ3f0oJx9hW5EaUlUKAhgs%2BN5Yvx9OQ2e5x4w9l%2FMaCWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b96278db0b4160-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_default.page.client.ts.085a8153.js
rdrt.wtf/assets/src/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/src/_default.page.client.ts.085a8153.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80ae2f92963961a8f9bb20498db13afd6840cf919fd7600cc7e0e0b48a5ab4ca

Request headers

Referer
https://rdrt.wtf/mVmwWM
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"2bcf-1832db8bdd0"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHxSJ8tRRv5GEweKWb%2BKF3EKn73Yi0w56KhSouN3eHdrwya%2Bq73MFZQ8MqQtucR%2BvY1TTgyFp%2F0CwG5i%2FKQs1KHTj4Ra80x9uFyBZD6qYtkaP%2BA6QAWnA%2FzradjvB9LscGCO1fSkZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b96278db0e4160-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.d7f4bc3e.js
rdrt.wtf/assets/ 		148 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/vendor.d7f4bc3e.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f1ebc6e9f108698079d51e7a394f9bf4c40ae09b722b25fa8de67dec604b8860

Request headers

Referer
https://rdrt.wtf/mVmwWM
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"25130-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNbkm4yEtqGUzBMzLJImDHXsiYzuhhti%2FbvQ%2FAOb0g%2BtFt2BXLCWqzDQd7dDc87LLU8HFDvCrfuinCCr3kMpf%2FG96%2FBDtGJlLw%2BFhPg7t%2FpI51DwqP6RxpKQOHyY26fAi%2FpQzLL%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b96278db104160-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
7722c27b9972909b82c89c6eef8c170dc0457967
date
Fri, 16 Sep 2022 11:50:28 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48421
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21025-AMS
last-modified
Tue, 28 Jun 2022 16:06:13 GMT
server
cloudflare
x-github-request-id
39E4:11512:B61142:C47FAC:630D49BA
x-timer
S1663280608.737752,VS0,VE1
etag
W/"62bb26f5-c854"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRKpmllXtsLPF%2FN5lmHlkwOo3d%2B1bzdEJ9gwU559or0h7CdTLKk9uRI4%2FOyLU7dQsYeIFF%2BeMglnXJKMG2BXen2huSkryb5h2HskVaroYGcpeZOD0nEv7egw5%2FA25nqcb5X30VdDzu3gU4tb%2B6mQlBvaO5ru"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
HIT
cf-ray
74b962796a51fa14-AMS
x-origin-cache
HIT
expires
Mon, 29 Aug 2022 23:27:37 GMT
gtm.js
www.googletagmanager.com/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJLVMPD
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27734dbe3e14a474b016fb809a5d6530042c489e8ccba95a6c43c522d205ad44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38006
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 11:50:28 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/src/_default.page.client.ts.1e59e21f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 11:22:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 11:50:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 11:50:28 GMT
css2
fonts.googleapis.com/ 		7 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/src/_default.page.client.ts.1e59e21f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b14ba1676063b6f2620dd1820c768e9cdb990f69519e76aef69cf2ab1e7c6b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 10:29:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 11:50:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 11:50:28 GMT
css
fonts.googleapis.com/ 		1 KB
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Space+Mono
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/src/_default.page.client.ts.1e59e21f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14433012d846abf5e3fa90c6dd42dd2d8054887c93c23f30d9312f01dc995944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 11:50:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 11:50:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 11:50:28 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
574f42554edba90645a8c3e3181c0775b9e97597
date
Fri, 16 Sep 2022 11:50:28 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48418
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21082-AMS
last-modified
Tue, 28 Jun 2022 16:06:13 GMT
server
cloudflare
x-github-request-id
39E4:11512:B61142:C47FAC:630D49BA
x-timer
S1663280611.823160,VS0,VE1
etag
W/"62bb26f5-c854"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiFWak7N5IEHe3EUpOf5h0w8qHmW5lIxejagh8wbBnCc9OGpB8Xs3VBVdeNBYyg1%2BS5V9Zv%2BWFzkkY%2Ffo7As38paDdwa7cAHIEQPCpcThrhGApi4XaeWVLA0aj8PHC84lKCT1ZLs2TtpjPky5hhBAUCuS1o0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
HIT
cf-ray
74b96279de45b87f-AMS
x-origin-cache
HIT
expires
Mon, 29 Aug 2022 23:27:37 GMT
_error.page.53cecf8e.js
rdrt.wtf/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/_error.page.53cecf8e.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/vendor.d7f4bc3e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c377ed52d1c59619988f25852e6e16a7690e03c857246915a3dd16f6cf8be7b

Request headers

Referer
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"483-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zvg2IZubL8ohOpj2GJRvCYYNY3V98oUS8Dlf7k7Ne7BCw4y6j3UzlbTXEpsXdNfwjQpfrmxYyM0sqHwtdPIc9QV536Wh9%2BebSkQTuuAv90wMItpOe%2F6m8KIbUQvfUB7epjHlkse8Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b9627a4cafb7dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dlpxsmpmdg
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dlpxsmpmdg?ref=gtm2
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/mVmwWM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f5b7661528dec204b420f60525096d13ab109cd9754b1a3ae6ef854a01090239

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
x-powered-by
ASP.NET
x-azure-ref
0BGMkYwAAAAA2AjtaXwkRR7iJ6zU95b0rTE9TMzBFREdFMDIxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MP076237JD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJLVMPD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac3684a1e528e69bb42766db1bd218a1127744482e60ac2c02b526eb7049aa09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75374
x-xss-protection
0
expires
Fri, 16 Sep 2022 11:50:28 GMT
pwa.b9aa7440.js
rdrt.wtf/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/pwa.b9aa7440.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/src/_default.page.client.ts.085a8153.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fa8264acbcc75aa1c5996972d6ab2b88e5283503a2dd75fa17440d55fe242c47

Request headers

Referer
https://rdrt.wtf/mVmwWM
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"18aa-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiJnyCceKcvgyjIVJFcKsnH4L9%2Fe0fYlF9dth8u47GWhNEYtXq9fdrJxmuhO0hXBR0iCR8xW3fYKo01hyXupQzeWlsRtbVqNuE%2BPkdtW4ht%2F7%2BjdxmWxEwSUNsMsm%2Fkvtmb479Tw7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b9627abd8cb7dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
visit.page.e22136b0.js
rdrt.wtf/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/visit.page.e22136b0.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/vendor.d7f4bc3e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ce97ce26b8e25764c86bf361d5f10bffac4fb848e42573a41c67596ecbba860c

Request headers

Referer
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"8ed-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faxX8y4kxyn7LgwkX6z%2BiglyHWwWKhFErkJJmgu0LigVuZEkPAHX1oGJ0yweysFPqkxxxpzCp1UEwYs9WI9AZD6EGz2rxq8VklE6N0njCzBrNk1WE%2BE4VMFflsWR5bJ%2Foq3afUB6Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b9627abd8fb7dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.50c16ae5.js
rdrt.wtf/assets/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdrt.wtf/assets/index.50c16ae5.js
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/vendor.d7f4bc3e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d16889ff769d61f67453420226f7bae9fbc0c4417f8662188164005d9f916cbd

Request headers

Referer
Origin
https://rdrt.wtf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"3e01-1832db8bde3"
cf-cache-status
EXPIRED
last-modified
Sun, 11 Sep 2022 18:03:45 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M51XcKmFgZhrn5rys7A4dsQ3I66lxtf8vrySYlxcsuESrILHZiB2VtXNZE8VsJUElJDlASrz%2FVH%2FcjMXpm0eiwy9iKepg5jmKJ2zHhdiybwzGGMZANVGOdb9LYPUbLOBIMH09L%2BNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74b9627abd90b7dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mVmwWM
api.webp.cloud/links/v/ 		176 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.webp.cloud/links/v/mVmwWM
Requested by
Host: rdrt.wtf
URL: https://rdrt.wtf/assets/index.50c16ae5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
78bd6cafc4fcd9b08adca8bbfdb939bf96f4ad9ee3ba15cbbab2296fb5a780ea

Request headers

Accept
application/json, text/plain, */*
Referer
https://rdrt.wtf/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
W/"b0-Jh8dCnWDWaR6nfrqMetyNb/k0Zg"
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT,DELETE,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrfXR%2FyZQ7R595mE4MWRUXmepoMhUIHUW8rTiFK0wfYQBf65wfOsAXPficENBi%2FtOpgBGxVdB8tGvJ2NWzQ0W9M0iXElIIO%2BULpZZnUJD4l2N3hMyAqgUs0IxaQcVY5dr5pcrpav5cWhDZUtbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
74b9627bc9b8b788-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
333 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MP076237JD&gtm=2oe9e0&_p=249224510&cid=843247646.1663329028&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663329028&sct=1&seg=0&dl=https%3A%2F%2Frdrt.wtf%2FmVmwWM&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MP076237JD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 11:50:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rdrt.wtf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus-c/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-c/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dlpxsmpmdg?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:50:28 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0BGMkYwAAAAD50hT4shg9Q7vO0vWKuzyGTE9TMzBFREdFMDIxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&RedC=c.clarity.ms&MXFR=145E88C051BA676C10739AE155BA6962
  • https://c.clarity.ms/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&MUID=0DA37DAFCC7164983B7F6F8ECD8465C9
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&MUID=0DA37DAFCC7164983B7F6F8ECD8465C9
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rdrt.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 11:50:29 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 11:50:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B3B6DA556444324864811550DB5BE9F Ref B: AMBEDGE0715 Ref C: 2022-09-16T11:50:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=D6F4D8E06D984CCA9749F0252D2182AD&MUID=0DA37DAFCC7164983B7F6F8ECD8465C9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
h.clarity.ms/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://rdrt.wtf/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://rdrt.wtf
date
Fri, 16 Sep 2022 11:50:29 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://rdrt.wtf/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://rdrt.wtf
date
Fri, 16 Sep 2022 11:50:30 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
region1.google-analytics.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MP076237JD&gtm=2oe9e0&_p=249224510&cid=843247646.1663329028&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663329028&sct=1&seg=0&dl=https%3A%2F%2Frdrt.wtf%2FmVmwWM&dt=&en=scroll&epn.percent_scrolled=90&_et=5

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| google_tag_manager object| google_tag_data function| clarity boolean| __VUE__ function| onYouTubeIframeAPIReady object| gaGlobal function| gtag

9 Cookies

Domain/Path Name / Value
.rdrt.wtf/ Name: _ga_MP076237JD
Value: GS1.1.1663329028.1.0.1663329028.0.0.0
.rdrt.wtf/ Name: _ga
Value: GA1.1.843247646.1663329028
www.clarity.ms/ Name: CLID
Value: ef07053fd71a454796150a3f7afb4cb5.20220916.20230916
.rdrt.wtf/ Name: _clck
Value: 1l7evec|1|f4x|0
.c.bing.com/ Name: SRM_B
Value: 0DA37DAFCC7164983B7F6F8ECD8465C9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0DA37DAFCC7164983B7F6F8ECD8465C9
.c.clarity.ms/ Name: ANONCHK
Value: 0
.rdrt.wtf/ Name: _clsk
Value: syf2o1|1663329029567|1|1|h.clarity.ms/collect

3 Console Messages

Source Level URL
Text
network error URL: https://rdrt.wtf/mVmwWM
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://inhabitantquestions.com/b9/86/61/b98661f7d966c560e9373aa29e7682b1.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://inhabitantquestions.com/5f/b6/e3/5fb6e316fdeb039925aeb20e49d79969.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.webp.cloud
c.bing.com
c.clarity.ms
code.ionicframework.com
fonts.googleapis.com
h.clarity.ms
inhabitantquestions.com
rdrt.wtf
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
region1.google-analytics.com
192.243.59.20
20.234.93.27
2001:4860:4802:34::36
2606:4700:20::ac43:451d
2620:1ec:27::cafe:1806
2620:1ec:c11::200
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2008
2a06:98c1:3120::3
2a06:98c1:3121::3
52.224.31.34
14433012d846abf5e3fa90c6dd42dd2d8054887c93c23f30d9312f01dc995944
27734dbe3e14a474b016fb809a5d6530042c489e8ccba95a6c43c522d205ad44
2b14ba1676063b6f2620dd1820c768e9cdb990f69519e76aef69cf2ab1e7c6b7
3c377ed52d1c59619988f25852e6e16a7690e03c857246915a3dd16f6cf8be7b
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
78bd6cafc4fcd9b08adca8bbfdb939bf96f4ad9ee3ba15cbbab2296fb5a780ea
80ae2f92963961a8f9bb20498db13afd6840cf919fd7600cc7e0e0b48a5ab4ca
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ac3684a1e528e69bb42766db1bd218a1127744482e60ac2c02b526eb7049aa09
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
ce97ce26b8e25764c86bf361d5f10bffac4fb848e42573a41c67596ecbba860c
d16889ff769d61f67453420226f7bae9fbc0c4417f8662188164005d9f916cbd
d53b7e83cc55f344625628b07a9d52ad961f2727f627c8a760c6aaf6edc2dd28
ddea483d2f11cac61f6c0af7e1bf75c429e4618a006b90e4c27c11889b2471fd
e09d53fcdee57da28c21b9f574b6e4ca91891da576f32ac1cb96c41e0ebb0b7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ebc6e9f108698079d51e7a394f9bf4c40ae09b722b25fa8de67dec604b8860
f5b7661528dec204b420f60525096d13ab109cd9754b1a3ae6ef854a01090239
fa8264acbcc75aa1c5996972d6ab2b88e5283503a2dd75fa17440d55fe242c47
fb95c2689cfde5ad8a949378986b32ec9fab34773eaec6486f655eccfe19a75d