roanoke.com Open in urlscan Pro
192.104.183.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-...
Effective URL:
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11...
Submission Tags: falconsandbox
Submission: On August 01 via api (August 1st 2022, 3:20:55 am UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 73 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is roanoke.com. The Cisco Umbrella rank of the primary domain is 169223.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on July 13th 2022. Valid for: 3 months.

This is the only time roanoke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
18	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:4c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	18.64.79.128 18.64.79.128	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.144 18.66.123.144	16509 (AMAZON-02) (AMAZON-02)
1 2	54.173.162.145 54.173.162.145	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80e::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80a::200e	15169 (GOOGLE) (GOOGLE)
2	34.102.205.239 34.102.205.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	99.86.246.220 99.86.246.220	16509 (AMAZON-02) (AMAZON-02)
1 2	63.34.67.128 63.34.67.128	16509 (AMAZON-02) (AMAZON-02)
73	19

7 192.104.183.209 (United States) 2 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.roanoke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roanoke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:4c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.79.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-128.txl50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.162.145 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-162-145.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80e::2010 (Ireland)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.205.102.34.bc.googleusercontent.com

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.246.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-246-220.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.67.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 13596 bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 17076	246 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	559 KB
7	roanoke.com 2 redirects www.roanoke.com — Cisco Umbrella Rank: 359530 roanoke.com — Cisco Umbrella Rank: 169223	64 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1355	37 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1777	68 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1361 bcp.crwdcntrl.net — Cisco Umbrella Rank: 841	12 KB
2	leetemplates.com a.leetemplates.com — Cisco Umbrella Rank: 34033	19 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	21 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 1966	1 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 616	408 B
2	gstatic.com www.gstatic.com	13 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 7475	92 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 47106	458 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 1665	529 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 446	27 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
73	16

	Domain	Requested by
18	bloximages.newyork1.vip.townnews.com	roanoke.com
8	www.googletagmanager.com	roanoke.com cmp.osano.com
6	roanoke.com	1 redirects roanoke.com
5	cdn.segment.com	cmp.osano.com cdn.segment.com
3	tagan.adlightning.com	roanoke.com cmp.osano.com
2	bcp.crwdcntrl.net	1 redirects cmp.osano.com
2	a.leetemplates.com	storage.googleapis.com
2	www.google-analytics.com	cmp.osano.com
2	trkn.us	1 redirects roanoke.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	www.gstatic.com	roanoke.com
2	cmp.osano.com	roanoke.com cmp.osano.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	storage.googleapis.com	cmp.osano.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	bloximages.chicago2.vip.townnews.com	roanoke.com
1	tags.crwdcntrl.net	roanoke.com
1	www.roanoke.com	1 redirects
73	19

This site contains links to these domains. Also see Links.

Domain
subscriberservicesdsi.lee.net
www.stringr.com
us59.dayforcehcm.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
roanoke.com ZeroSSL ECC Domain Secure Site CA	`2022-07-13` - `2022-10-11`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2022-07-30` - `2022-10-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Frame ID: 0608DF5681A44438D548C9BDA7142E56
Requests: 68 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: D29A464DF36D2A045B3110A1F0EB7F02
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 7C35AB8713D297E5A471ECEEC4C593B1
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
Frame ID: C5EE19FD207C4C518026A954E6FA13AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Events | roanoke.com

Page URL History Show full URLs

https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/... HTTP 301
https://roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/... HTTP 301
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/ev... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

75 %
HTTPS

39 %
IPv6

16
Domains

19
Subdomains

19
IPs

4
Countries

1141 kB
Transfer

3713 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=roanoke.com&SubscriberLevel=DOP&Return=https%3A%2F%2Froanoke.com%2Fevents%2Ffree-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey%2Fevent_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html#tracking-source=header&ir=true
Title: Subscribe $1 for 6 months

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlPGmfoqTON
Title: Share video

Search URL Search Domain Scan URL

URL: https://subscriberservicesdsi.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=roanoke.com
Title: My Membership

Search URL Search Domain Scan URL

URL: https://us59.dayforcehcm.com/CandidatePortal/en-US/leeenterprises/SITE/CANDIDATEPORTAL
Title: Join our Team

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html HTTP 301
https://roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html HTTP 301
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 39

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629 HTTP 302
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629&ip=81.95.5.38&cuidchk=1

Request Chain 71

https://bcp.crwdcntrl.net/5/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html Show response
roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/
Redirect Chain

https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
https://roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

88 KB
21 KB

382ms
381ms

Document
text/html

192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

4430ef0e71e3a7c1a70c69d4d88cc797907e7cc0cf1b89f64389aea23b10bdce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 19580
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 03:20:49 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.62.3; app19; 0.17s; 3.5M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 1856
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 03:20:49 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: /events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.62.3; app17; 0.02s; 1.2M
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 197ms
23ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16225477
cf-ray: 733b70b1af169034-FRA
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:21 GMT

GET
H2 200 user.js Show response
roanoke.com/shared-content/art/tncms/user/ 12 KB
4 KB 86ms
84ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:19:37 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 18:24:18 GMT
age: 72
etag: W/"62e425d2-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 194ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3335649
cf-ray: 733b70b1af1b9034-FRA
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 25 May 2023 06:05:31 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 190ms
23ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3340615
cf-ray: 733b70b1af1d9034-FRA
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 11 May 2023 19:01:19 GMT

GET
H2 200 tnt.f3739bd4d04bcee9e077d20b4f31f29c.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 21 KB
6 KB 170ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3347454
cf-ray: 733b70b1af199034-FRA
last-modified: Fri, 28 Jan 2022 22:01:23 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61f467b3-5572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 01 Mar 2023 20:01:12 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 169ms
23ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3347454
cf-ray: 733b70b1af179034-FRA
last-modified: Tue, 10 May 2022 15:14:18 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a814a-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 24 May 2023 10:38:24 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
981 B 167ms
21ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16225477
cf-ray: 733b70b1af149034-FRA
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:09 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 160ms
14ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16225477
cf-ray: 733b70b1af0f9034-FRA
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: HIT
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:20 GMT

GET
H2 200 layout.112f7ff365cd43379f336b81d31a7128.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 160ms
15ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.112f7ff365cd43379f336b81d31a7128.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1057691
cf-ray: 733b70b1af119034-FRA
last-modified: Fri, 15 Jul 2022 14:14:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d17632-268ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 19 Jul 2023 19:01:12 GMT

GET
H2 200 lee.ds.css
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 95 KB
17 KB 161ms
16ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1659074421

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849295b7bef2dec6e6f087a071d0012e51e2ceb10b3a0e7d5ad12319867c30de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 247353
cf-ray: 733b70b1af129034-FRA
last-modified: Fri, 29 Jul 2022 06:00:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62e37775-17bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 29 Jul 2023 06:05:28 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 158ms
13ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 908047
cf-ray: 733b70b1af139034-FRA
last-modified: Fri, 01 Apr 2022 13:30:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe83-189c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 01:06:11 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
12 KB 39ms
8ms Script
application/json 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 07:54:58 GMT
content-encoding: gzip
etag: W/"8cd042d9f203fe2e01747c7444f95498"
last-modified: Wed, 23 Feb 2022 22:37:16 GMT
server: AmazonS3
age: 69953
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 0WwiFHebGIB6OA3A9HztZYQfIVA9NyuWnPwxmpvHElARTsXaGlGACg==

GET
H2 200 access.js Show response
roanoke.com/shared-content/art/tncms/api/ 86 KB
34 KB 84ms
84ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/api/access.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Origin: https://roanoke.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:19:46 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 14:39:53 GMT
age: 64
etag: W/"628656b9-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 402 KB
91 KB 40ms
10ms Script
application/javascript 2600:9000:223c:4c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca3fda4964ae8d619fc4ea84c7034a7b1453064e0af308b7a99aec4a8e61ca33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
age: 22551
x-cache: Hit from cloudfront
content-length: 92622
x-xss-protection: mode=block
last-modified: Thu, 28 Jul 2022 20:52:32 GMT
server: CloudFront
date: Sun, 31 Jul 2022 21:04:59 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
etag: "ede32d00ec5c74dc291f29114aa45d42"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: kRLFIeLLU7XMelh6m0ScI7EEpamGIfl6_PNrHLVmUG86ZTvAPkg6Wg==

GET
H2 200 roanoke.com.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 6 KB
2 KB 249ms
116ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/roanoke.com.js?_dc=073123

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f0ed90f3a2e9ef4b11fcf8ef7497d0256ef016d09ee840329dcdfb1d4e2e47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 733b70b19cdf9be6-FRA
last-modified: Sun, 31 Jul 2022 05:04:07 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62e60d47-1685"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 01 Aug 2023 03:00:14 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 16ms
13ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3347452
cf-ray: 733b70b2bf8f9034-FRA
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:09 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 17ms
14ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5297496
cf-ray: 733b70b2bf909034-FRA
last-modified: Mon, 23 May 2022 19:54:05 GMT
x-vcache: HIT
server: cloudflare
etag: W/"628be65d-1ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 May 2023 19:01:19 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:31:02 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 23:31:02 GMT

GET
H2 200 messaging.js Show response
roanoke.com/shared-content/art/tncms/api/ 4 KB
1 KB 87ms
85ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:18:51 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 18:24:18 GMT
age: 119
etag: W/"62e425d2-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
276 B 167ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3330531
cf-ray: 733b70b1af1a9034-FRA
last-modified: Tue, 10 May 2022 15:15:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8184-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 25 May 2023 06:05:31 GMT

GET
H2 200 tracking.js Show response
roanoke.com/shared-content/art/tncms/ 3 KB
1 KB 85ms
84ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/tracking.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:18:58 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 18:24:18 GMT
age: 111
etag: W/"62e425d2-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 165ms
22ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1659074421

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 247353
cf-ray: 733b70b1af159034-FRA
last-modified: Fri, 29 Jul 2022 06:00:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62e37775-231f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 29 Jul 2023 06:05:28 GMT

GET
H2 200 fontawesome.46a248d75dc687aa8d928092f6b77fc7.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 254 KB
91 KB 23ms
21ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.46a248d75dc687aa8d928092f6b77fc7.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3347452
cf-ray: 733b70b2bf919034-FRA
last-modified: Fri, 01 Apr 2022 13:29:52 GMT
x-vcache: HIT
server: cloudflare
etag: W/"6246fe50-3f9ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 05 Apr 2023 19:01:17 GMT

GET
H2 200 7865cd82-57c8-11ec-b63a-27f596243789.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ 10 KB
10 KB 16ms
15ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/7865cd82-57c8-11ec-b63a-27f596243789.png

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bc9423a6c988faaed8ddede3463425766c0c4ef5fcd48b63e7d46a3d41e8425

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
vary: Accept
cf-cache-status: HIT
age: 3330531
cf-polished: origFmt=png, origSize=22148
last-modified: Wed, 08 Dec 2021 01:45:06 GMT
content-disposition: inline; filename="7865cd82-57c8-11ec-b63a-27f596243789.webp"
content-length: 10340
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "61b00e22-5684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 16 Jun 2023 23:17:53 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 733b70b2bf929034-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 15ms
14ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
vary: Accept
cf-cache-status: HIT
age: 3347452
cf-polished: origFmt=png, origSize=3610
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "551dba72-e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 11 Apr 2023 05:40:11 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 733b70b2bf939034-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 logo-tagline.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 17ms
15ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1659074421

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
vary: Accept
cf-cache-status: HIT
age: 247351
cf-polished: origFmt=png, origSize=10949
last-modified: Fri, 29 Jul 2022 06:00:21 GMT
content-disposition: inline; filename="logo-tagline.webp"
content-length: 5302
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "62e37775-2ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 29 Jul 2023 06:05:29 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 733b70b2bf959034-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 48 KB
20 KB 79ms
15ms Script
application/javascript 18.64.79.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 967175cc30e511bd54d9b2956b03c92222491ee29a27b28b718296b9bd6d35f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: hwQWHxR_GrlsYBwaidY45YsEbv609xNF
content-encoding: gzip
etag: "24898d8c0d5221231de96162faf79094"
age: 1281
x-cache: Hit from cloudfront
content-length: 19594
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 26 Jul 2022 23:32:11 GMT
server: AmazonS3
date: Mon, 01 Aug 2022 03:03:16 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4257eeab27601f991562127463de27ee.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: rnhZmonSoog72m_k9zeVrDBh8d3ErvLLlCsM2ECyGlad0Ksk_y7Hwg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
67 KB 43ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cae1be3a826c5161af68a012ca809275744695c95ea8886fa29ac4998600119f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68334
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 03:20:50 GMT

GET
BLOB 200
OK 63aed8dd-4437-4697-b184-c5870410a7f1
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/63aed8dd-4437-4697-b184-c5870410a7f1
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 483 KB
113 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c7ede23068b7bf007e9c1a996c09c068ab3d4953af7d3d9060a33f2b0e5bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115243
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 03:20:50 GMT

GET
H2 200 b-92ee7c4-d632c55d.js Show response
tagan.adlightning.com/leeenterprises/ 82 KB
31 KB 13ms
13ms Script
application/javascript 18.64.79.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-92ee7c4-d632c55d.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41a254171524bbdf420ad79c0a1efca9e98f10304881b9f1499cfbd8a42f4d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 02:26:16 GMT
content-encoding: gzip
age: 5100875
x-cache: Hit from cloudfront
content-length: 31556
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
etag: "729d2273379f887ddcf3e0323423796d"
x-amz-version-id: PUWX5irSXNEOdOOWrQccws5_hJJTKmSG
via: 1.1 4257eeab27601f991562127463de27ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lHIHOWmDh5c3LM3yb6lQMovjFwxYtz51vUP0aaWuxhWnIorhQ_peAw==

GET
H2 200 bl-12c5e29-daa2d324.js Show response
tagan.adlightning.com/leeenterprises/ 41 KB
18 KB 15ms
15ms Script
application/javascript 18.64.79.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-12c5e29-daa2d324.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab1f968da755fc10a0db65e7ebea55004451a15f2f398679f43a1e5df1ed26f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:32:25 GMT
content-encoding: gzip
age: 445706
x-cache: Hit from cloudfront
content-length: 17485
x-amz-meta-git_commit: 12c5e29
last-modified: Tue, 26 Jul 2022 23:31:50 GMT
server: AmazonS3
etag: "92768eb786cdba3f1ec163bba2efded3"
x-amz-version-id: UO4AsQ4Ea2IwHKm5bs.6nX31bYKknPwp
via: 1.1 4257eeab27601f991562127463de27ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7560N-2_fSNCfsLWwcInobG7UlyYo5-XlS1vWUmJulYpsEgmVzABJg==

GET
BLOB 200
OK 4f7f826d-526e-4d10-a54c-b3596b9dd466
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/4f7f826d-526e-4d10-a54c-b3596b9dd466
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e5482f9c-2980-43a9-9998-22141edc5d9d
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/e5482f9c-2980-43a9-9998-22141edc5d9d
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3fa67878-da41-4e8f-bb2c-e63da776c45a
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/3fa67878-da41-4e8f-bb2c-e63da776c45a
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 9c42c857-6459-46d5-8c88-95836c6a073f
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/9c42c857-6459-46d5-8c88-95836c6a073f
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
cmp.osano.com/ Frame D29A 4 KB
1 KB 7ms
7ms Document
text/html 2600:9000:223c:4c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roanoke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11380
content-encoding: gzip
content-type: text/html
date: Mon, 01 Aug 2022 00:11:12 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-id: avz1G7LlgLYTxtq3YoQbDp8xE8RTMr8K2C3D9RJTcSYSBDqx4s7Ang==
x-amz-cf-pop: FRA56-P2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 7C35
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

53ms
7ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer: https://roanoke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 70852
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Sun, 31 Jul 2022 07:40:39 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: XPfnKE6FVpfdzwkPb9DihphEa_NkdFmdq9VfaYEF2U4flA2rPuDLww==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 03:20:50 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629
https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629&ip=81.95.5.38&cuidchk=1

42 B
780 B

638ms
638ms

Image
image/gif

54.173.162.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629&ip=81.95.5.38&cuidchk=1

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html

Protocol

HTTP/1.1

Server

54.173.162.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-162-145.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Aug 2022 03:20:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Mon, 01 Aug 2022 03:20:51 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629&ip=81.95.5.38&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
BLOB 200
OK b9a7e93a-2c14-4586-a541-b17a6f6fa9e0
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/b9a7e93a-2c14-4586-a541-b17a6f6fa9e0
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK afb787f0-aa25-4620-a05c-a3eff5b38af4
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/afb787f0-aa25-4620-a05c-a3eff5b38af4
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 34f1e8f5-2970-41c6-8fef-b6688c3b65b2
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/34f1e8f5-2970-41c6-8fef-b6688c3b65b2
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 116ea89a-23fe-42a1-8a74-cd614d01e947
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/116ea89a-23fe-42a1-8a74-cd614d01e947
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 4619865d-b834-4e84-b743-b310d48850a9
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/4619865d-b834-4e84-b743-b310d48850a9
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 33bda852-f7e4-42bc-8aa4-ee4cbf8b6602
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/33bda852-f7e4-42bc-8aa4-ee4cbf8b6602
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 8dece74e-cc1c-4d19-9c7a-b8cfff1bc1eb
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/8dece74e-cc1c-4d19-9c7a-b8cfff1bc1eb
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 7C35 70 B
260 B 33ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 03:20:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
56 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c2f9c182b88af413462b9b9c650605179d6f1eae6f9e31d6dd83972b1f3424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57173
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 03:20:50 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
43 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e552cc000b25beb983a710aaf7dc6a5ad3d9adc1c977f5515ebd7bd5a83e02bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43967
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 03:20:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 893
date: Mon, 01 Aug 2022 03:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 01 Aug 2022 05:05:57 GMT

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 64ms
12ms Script
text/javascript 2a00:1450:4014:80e::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4014:80e::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:16:09 GMT
content-encoding: gzip
age: 282
x-guploader-uploadid: ADPycdu7QwO_GD5L8jzNAS9YfFBzMYz4LZJTaaIxmmEwpQrw_0gZ9aGGjdH85-lQ819DMZ5rAG_EojS7qkHFE7t9U0pw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation: 1613661400000346
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 01 Aug 2023 03:16:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
72 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0a54af5206113ff783f05f8e4583d54eddfa9c8ea4e1d1d0040b8bc3255c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74029
x-xss-protection: 0
expires: Mon, 01 Aug 2022 03:20:50 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
529 B 67ms
29ms XHR
application/json 2a00:1450:4014:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Aug 2022 03:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://roanoke.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
BLOB 200
OK 8682c971-4d96-416a-a28a-587b5f55f1e3
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/8682c971-4d96-416a-a28a-587b5f55f1e3
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 46d8f5a5-0583-4490-b719-a882f9beeda0
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/46d8f5a5-0583-4490-b719-a882f9beeda0
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3a293763-3ba7-413c-b2c8-2d33e7f01088
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/3a293763-3ba7-413c-b2c8-2d33e7f01088
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 01806efa-07e5-404f-b98c-1e4d85ae410e
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/01806efa-07e5-404f-b98c-1e4d85ae410e
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 56618068-1c29-48f7-a72e-5467a0fd3d44
https://roanoke.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://roanoke.com/56618068-1c29-48f7-a72e-5467a0fd3d44
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 523ms
121ms Preflight 34.102.205.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roanoke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://roanoke.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 01 Aug 2022 03:20:50 GMT
server: akka-http
via: 1.1 google

POST
H3 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
19 B 143ms
123ms XHR
text/plain 34.102.205.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.205.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.205.102.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://roanoke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 01 Aug 2022 03:20:50 GMT
via: 1.1 google
server: akka-http
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://roanoke.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
458 B 38ms
15ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Aug 2022 03:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://roanoke.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 95 KB
26 KB 114ms
29ms Script
text/javascript 99.86.246.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.246.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-246-220.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e51aeb489aeb2e69b3f81b3f8219d03606d507bd12080d537861052cb78693c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: lJYPj9uqL6bb7tO_snfE69W.HjdTRv8k
content-encoding: br
etag: W/"c3e4d718a56214d46af3e7be782f56bc"
age: 63
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 06 Jul 2022 18:48:28 GMT
server: AmazonS3
date: Mon, 01 Aug 2022 03:20:51 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: RoTL62EvxP7VMF3DGpAM10HaXxzRNm2acZ7OD4HePiwC5R85x6EaRQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06f2790c7f7bd13534d3817df0a0019afcda3ac72245276abc85675b813867e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69670
x-xss-protection: 0
expires: Mon, 01 Aug 2022 03:20:51 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 201 KB
71 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

554dde865550f9aa301a830d666164be72b5e791b78ca7c0b35392286626558e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72966
x-xss-protection: 0
expires: Mon, 01 Aug 2022 03:20:51 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 26ms
9ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Aug 2022 04:05:39 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e24221b2d93ea7cf05e0250bd8826b1957a0c7ceed6544f1223f8bd8fddb4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 03:20:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69751
x-xss-protection: 0
expires: Mon, 01 Aug 2022 03:20:51 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 861 B
1 KB 41ms
14ms XHR
application/json 99.86.246.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.246.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-246-220.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: R3d5vREO0.o42NBSGRSjGG_yzGv5bHG8
via: 1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
etag: "4779d2a0d5f9ed712a198bbf09e95d09"
age: 3763
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 861
last-modified: Thu, 28 Jul 2022 15:57:55 GMT
server: AmazonS3
date: Mon, 01 Aug 2022 02:23:12 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 8sSjeVd1TJ18O7S-HPMj4pBwhFG27Hm2X_x_lJhCt49jBrwEBncuMA==

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 13ms
12ms Script
application/javascript 99.86.246.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.246.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-246-220.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:53 GMT
content-encoding: br
vary: Accept-Encoding
age: 2761559
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript
x-amz-cf-id: 8JqnYEIHjwwMq2c777p9fc7YplVuGR67ans33Ek2z3bjKgCWsf--wg==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 12ms
12ms Script
application/javascript 99.86.246.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.246.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-246-220.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:53 GMT
content-encoding: br
vary: Accept-Encoding
age: 2761559
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript
x-amz-cf-id: d8YRTdxR7dOw-CIFt0MdJ6EYirhjE43LdM5gfiE9Rprjid7-xnoQJg==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 13ms
12ms Script
application/javascript 99.86.246.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.246.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-246-220.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 2761555
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via: 1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript
x-amz-cf-id: Z1oK42zA7TarO9vxQUspdL-0sFglb8tMajP__YqxVf2ZR_icEXE2iQ==

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site... Frame C5EE
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20S...
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Tota...

163 B
404 B

40ms
40ms

Document
text/html

63.34.67.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.67.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://roanoke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Mon, 01 Aug 2022 03:20:52 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.16.150

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 01 Aug 2022 03:20:51 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.10.169

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.roanoke.com/	1970-01-20 04:55:25	Name: spses.0ad7 Value: *
.roanoke.com/	1970-01-20 04:55:27	Name: AMP_TOKEN Value: %24NOT_FOUND
.trkn.us/	1970-01-20 13:41:00	Name: barometric[cuid] Value: cuid_c6c55323-ed42-4b1e-a7e5-1b6c676faa83
.leetemplates.com/	1970-01-20 13:41:00	Name: sp Value: aa927ce7-ff9a-49d4-875d-a1404c8890cf
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
ampcid.google.com
ampcid.google.de
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
cdn.segment.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
insight.adsrvr.org
roanoke.com
storage.googleapis.com
tagan.adlightning.com
tags.crwdcntrl.net
trkn.us
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.roanoke.com
104.16.132.24
104.16.133.24
18.64.79.128
18.66.123.144
18.66.97.9
192.104.183.209
2600:9000:223c:4c00:3:b7e:8940:93a1
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4014:80a::200e
2a00:1450:4014:80e::2010
34.102.205.239
35.71.131.137
54.173.162.145
63.34.67.128
99.86.246.220
0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0e51aeb489aeb2e69b3f81b3f8219d03606d507bd12080d537861052cb78693c
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
41a254171524bbdf420ad79c0a1efca9e98f10304881b9f1499cfbd8a42f4d81
4430ef0e71e3a7c1a70c69d4d88cc797907e7cc0cf1b89f64389aea23b10bdce
4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
554dde865550f9aa301a830d666164be72b5e791b78ca7c0b35392286626558e
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
849295b7bef2dec6e6f087a071d0012e51e2ceb10b3a0e7d5ad12319867c30de
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0ed90f3a2e9ef4b11fcf8ef7497d0256ef016d09ee840329dcdfb1d4e2e47f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
967175cc30e511bd54d9b2956b03c92222491ee29a27b28b718296b9bd6d35f4
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9bc9423a6c988faaed8ddede3463425766c0c4ef5fcd48b63e7d46a3d41e8425
9e24221b2d93ea7cf05e0250bd8826b1957a0c7ceed6544f1223f8bd8fddb4be
a0a54af5206113ff783f05f8e4583d54eddfa9c8ea4e1d1d0040b8bc3255c4f6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
ab1f968da755fc10a0db65e7ebea55004451a15f2f398679f43a1e5df1ed26f7
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c06f2790c7f7bd13534d3817df0a0019afcda3ac72245276abc85675b813867e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3fda4964ae8d619fc4ea84c7034a7b1453064e0af308b7a99aec4a8e61ca33
cae1be3a826c5161af68a012ca809275744695c95ea8886fa29ac4998600119f
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e4c2f9c182b88af413462b9b9c650605179d6f1eae6f9e31d6dd83972b1f3424
e4c7ede23068b7bf007e9c1a996c09c068ab3d4953af7d3d9060a33f2b0e5bb4
e552cc000b25beb983a710aaf7dc6a5ad3d9adc1c977f5515ebd7bd5a83e02bf
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

roanoke.com Open in urlscan Pro 192.104.183.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

75 %HTTPS

39 %IPv6

16 Domains

19 Subdomains

19 IPs

4 Countries

1141 kBTransfer

3713 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roanoke.com Open in urlscan Pro
192.104.183.209 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

75 %
HTTPS

39 %
IPv6

16
Domains

19
Subdomains

19
IPs

4
Countries

1141 kB
Transfer

3713 kB
Size

5
Cookies

73 HTTP transactions
0 data transactions