Submitted URL: https://goo.gl/s5GEJk
Effective URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJ...
Submission: On January 27 via manual from US

Summary

This website contacted 7 IPs in 5 countries across 13 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6813:ad83, located in United States and belongs to CLOUDFLARENET, US. The main domain is rondevo.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 12th 2019. Valid for: 6 months.
This is the only time rondevo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2 198.54.115.175 22612 (NAMECHEAP...)
1 1 34.245.243.239 16509 (AMAZON-02)
2 2 63.32.219.160 16509 (AMAZON-02)
1 1 34.232.196.87 14618 (AMAZON-AES)
1 1 52.29.30.140 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 35.204.184.11 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
3 162.247.242.21 23467 (NEWRELIC-...)
17 7
Domain Requested by
5 i.gstatvb.com rondevo.com
3 bam.nr-data.net js-agent.newrelic.com
rondevo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
rondevo.com
3 rondevo.com rondevo.com
2 point2web.go2cloud.org 2 redirects
2 sexxonlineusa.tk 2 redirects
1 js-agent.newrelic.com rondevo.com
1 code.jquery.com rondevo.com
1 www.googletagmanager.com rondevo.com
1 jonally-dishished.com 1 redirects
1 track-victoriadates.com 1 redirects
1 www.cqhhz.com 1 redirects
1 goo.gl 1 redirects
17 13

This site contains links to these domains. Also see Links.

Domain
jonally-dishished.com
Subject Issuer Validity Valid
ssl962979.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-12 -
2020-05-20
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-07 -
2020-03-31
3 months crt.sh
i.gstatvb.com
COMODO RSA Domain Validation Secure Server CA
2017-09-12 -
2020-09-11
3 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-10 -
2020-03-21
a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018
2018-01-11 -
2020-03-17
2 years crt.sh

This page contains 1 frames:

Primary Page: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Frame ID: B945F785F92C97718913E39C288ECFEB
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://goo.gl/s5GEJk HTTP 302
    http://sexxonlineusa.tk/ HTTP 301
    https://sexxonlineusa.tk/ HTTP 302
    http://www.cqhhz.com/SHRxe HTTP 302
    http://point2web.go2cloud.org/aff_c?offer_id=395&aff_id=1090&aff_sub=7205&aff_sub2=1026479550b8a7d85fcb31a... HTTP 302
    http://point2web.go2cloud.org/aff_r?offer_id=395&aff_id=1090&url=https%3A%2F%2Ftrack-victoriadates.com%2F%... HTTP 302
    https://track-victoriadates.com/?a=399&c=3823&m=3&s1=1090&s2=102f8879c5dce886c067eeba99c59e&s3= HTTP 302
    https://jonally-dishished.com/3e2bf65e-985e-497e-997e-edb36dc6591b?partner=399&subid=933-188643819&sub1=10... HTTP 302
    https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKD... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

17
Requests

100 %
HTTPS

38 %
IPv6

13
Domains

13
Subdomains

7
IPs

5
Countries

572 kB
Transfer

784 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://goo.gl/s5GEJk HTTP 302
    http://sexxonlineusa.tk/ HTTP 301
    https://sexxonlineusa.tk/ HTTP 302
    http://www.cqhhz.com/SHRxe HTTP 302
    http://point2web.go2cloud.org/aff_c?offer_id=395&aff_id=1090&aff_sub=7205&aff_sub2=1026479550b8a7d85fcb31ad57eb28 HTTP 302
    http://point2web.go2cloud.org/aff_r?offer_id=395&aff_id=1090&url=https%3A%2F%2Ftrack-victoriadates.com%2F%3Fa%3D399%26c%3D3823%26m%3D3%26s1%3D1090%26s2%3D102f8879c5dce886c067eeba99c59e%26s3%3D&urlauth=590954947520692356519696723210 HTTP 302
    https://track-victoriadates.com/?a=399&c=3823&m=3&s1=1090&s2=102f8879c5dce886c067eeba99c59e&s3= HTTP 302
    https://jonally-dishished.com/3e2bf65e-985e-497e-997e-edb36dc6591b?partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4= HTTP 302
    https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rondevo.com/land/rondevo/p/r/10/
Redirect Chain
  • https://goo.gl/s5GEJk
  • http://sexxonlineusa.tk/
  • https://sexxonlineusa.tk/
  • http://www.cqhhz.com/SHRxe
  • http://point2web.go2cloud.org/aff_c?offer_id=395&aff_id=1090&aff_sub=7205&aff_sub2=1026479550b8a7d85fcb31ad57eb28
  • http://point2web.go2cloud.org/aff_r?offer_id=395&aff_id=1090&url=https%3A%2F%2Ftrack-victoriadates.com%2F%3Fa%3D399%26c%3D3823%26m%3D3%26s1%3D1090%26s2%3D102f8879c5dce886c067eeba99c59e%26s3%3D&urla...
  • https://track-victoriadates.com/?a=399&c=3823&m=3&s1=1090&s2=102f8879c5dce886c067eeba99c59e&s3=
  • https://jonally-dishished.com/3e2bf65e-985e-497e-997e-edb36dc6591b?partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
  • https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujg...
40 KB
15 KB
Document
General
Full URL
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb319b298595c69ecade39e84a4e8ad2a4e64611c0c0be069821e5ec52ec3a4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
rondevo.com
:scheme
https
:path
/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 27 Jan 2020 16:55:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d538a4ab2504dc47914ab14a05bb1072b1580144130; expires=Wed, 26-Feb-20 16:55:30 GMT; path=/; domain=.rondevo.com; HttpOnly; SameSite=Lax; Secure click_time=2020-01-27+16%3A55%3A31; expires=Mon, 27-Jan-2020 17:55:31 GMT; Max-Age=3600; path=/; domain=rondevo.com marketing_get_params=%7B%22cep%22%3A%22xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw%22%2C%22lptoken%22%3A%22158880ea1412597f3036%22%2C%22partner%22%3A%22399%22%2C%22subid%22%3A%22933-188643819%22%2C%22sub1%22%3A%221090%22%2C%22sub2%22%3A%22102f8879c5dce886c067eeba99c59e%22%2C%22sub3%22%3A%22%22%2C%22sub4%22%3A%22%22%7D; expires=Mon, 27-Jan-2020 17:55:31 GMT; Max-Age=3600; path=/; domain=rondevo.com uuid=26a01007-26d8-4cd2-9ed5-ecf82103a39f; expires=Mon, 27-Jan-2020 17:55:31 GMT; Max-Age=3600; path=/; domain=rondevo.com
vary
Accept-Encoding
strict-transport-security
max-age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55bc4130c810dfdf-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Mon, 27 Jan 2020 16:55:30 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Pragma
no-cache
Set-Cookie
3e2bf65e-985e-497e-997e-edb36dc6591b-v4=3e2bf65e-985e-497e-997e-edb36dc6591b;Max-Age=86400;Expires=Tue, 28-Jan-2020 16:55:30 GMT;domain=jonally-dishished.com;path=/;HttpOnly cep-v4=Ka-Bz23OdiV4RhN6deAw1zfF-F3yigrMHf_ks3gyclOdyNBOPUzXdYrYn_I7NfM7NIjgrUsfUt9JDPm-3kFwFmLhpx_VANK-JalNqZLy7WCJ5CPzE2cHA4az6IzIFFTmP2BcmblRn8GyJjAzO_SgzuaJLp-i7PrH1Zgah3TxeEIs-FftnujFBAMFthPM82hALkZeJfJrsR6pl10ZikEDj2-Evc5C9fPL6phVQL8N4OsPrNtGgSR_Atplj5jfX9ixBysfkcs7ptfbFvnA-Zhp0P9J2F33ydnexPETRZP_r98fxgsf-YnsCe4Id0LxtFT6cX18CFMlK-5cskZd4wbRnxoueUp9W44IzViEk03WTbNUep4MpQPo_oOftvWPXYI0famE8I_TUcWB5LuG5evKLJfnwVK0xhFg5JnmDDYUI1E7FjMF08cDKGz6cbaPAS7ccfy2KLbrcDzcfHvYsgZyIw;Max-Age=86400;Expires=Tue, 28-Jan-2020 16:55:30 GMT;domain=jonally-dishished.com;path=/;HttpOnly
styles.css
rondevo.com/land/rondevo/p/r/10/
9 KB
2 KB
Stylesheet
General
Full URL
https://rondevo.com/land/rondevo/p/r/10/styles.css
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13893be0bb2640483a66725b7e8a7d83d762f810bd33cf0d0b2d02fc1ec91d1d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
14762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
strict-transport-security
max-age=0
cf-ray
55bc4134cde7dfdf-FRA
access-control-allow-origin
*
expires
Wed, 26 Feb 2020 16:55:31 GMT
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146356595-13
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdd5d1e5c1f100cfd3761d3cfb4768da9a6c34329e986591e323f79323512314
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28307
x-xss-protection
0
expires
Mon, 27 Jan 2020 16:55:31 GMT
aa6c699be5214e4bb4057b9cbe5ec794.rng.jpg
i.gstatvb.com/
86 KB
86 KB
Image
General
Full URL
https://i.gstatvb.com/aa6c699be5214e4bb4057b9cbe5ec794.rng.jpg
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.184.11 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
11.184.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
530c16ad0d3c88335a4c85f2b3c3d0c796d9b035ebc6ff979d4cf0c178de5678

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
x-cache
HIT
content-type
image/jpg
status
200
cache-control
max-age=315360000
content-length
87800
expires
Thu, 31 Dec 2037 23:55:55 GMT
5d243e49607b14c8a7182a1df5b82b58.rng.jpg
i.gstatvb.com/
88 KB
88 KB
Image
General
Full URL
https://i.gstatvb.com/5d243e49607b14c8a7182a1df5b82b58.rng.jpg
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.184.11 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
11.184.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
239fb4580b345be42bbadc88cbfd14be4feda3e76d996bf041eae1daac7f4467

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
x-cache
HIT
content-type
image/jpg
status
200
cache-control
max-age=315360000
content-length
89991
expires
Thu, 31 Dec 2037 23:55:55 GMT
d14afb48849cbaab483e14cd7ca9e332.rng.jpg
i.gstatvb.com/
87 KB
87 KB
Image
General
Full URL
https://i.gstatvb.com/d14afb48849cbaab483e14cd7ca9e332.rng.jpg
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.184.11 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
11.184.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d318cf022441e4f6c89f5d529e239009c646aa9bc636760a3b945cfe87e7c0e6

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
x-cache
HIT
content-type
image/jpg
status
200
cache-control
max-age=315360000
content-length
89225
expires
Thu, 31 Dec 2037 23:55:55 GMT
74b2e5dcbd6c27b972ea55bb70cacc01.rng.jpg
i.gstatvb.com/
91 KB
92 KB
Image
General
Full URL
https://i.gstatvb.com/74b2e5dcbd6c27b972ea55bb70cacc01.rng.jpg
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.184.11 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
11.184.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
68570a0e9c6bbf28bdb40e3a03cda55d6944d2390c2e4a982b6cd6feada03542

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
x-cache
HIT
content-type
image/jpg
status
200
cache-control
max-age=315360000
content-length
93543
expires
Thu, 31 Dec 2037 23:55:55 GMT
2b28b2e3ebb0f7eafc0c8bc62f043f21.rng.jpg
i.gstatvb.com/
91 KB
91 KB
Image
General
Full URL
https://i.gstatvb.com/2b28b2e3ebb0f7eafc0c8bc62f043f21.rng.jpg
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.184.11 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
11.184.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0dc4bec01a1cea8fa1beda9cbcc82916be7c53215d06745cdc7110bfbf84806

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
x-cache
HIT
content-type
image/jpg
status
200
cache-control
max-age=315360000
content-length
93083
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Origin
https://rondevo.com

Response headers

Date
Mon, 27 Jan 2020 16:55:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1580144131.dop008.fr8.shc,1580144131.dop008.fr8.t,1580144131.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
scripts.js
rondevo.com/land/rondevo/p/r/10/
4 KB
2 KB
Script
General
Full URL
https://rondevo.com/land/rondevo/p/r/10/scripts.js
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451812857ea25a16d4e413ea05f75f923424a9d933824642029eaf8548e519b1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
14761
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=2592000
strict-transport-security
max-age=0
cf-ray
55bc4134feacdfdf-FRA
access-control-allow-origin
*
expires
Wed, 26 Feb 2020 16:55:31 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146356595-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1318
date
Mon, 27 Jan 2020 16:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 27 Jan 2020 18:33:33 GMT
js
www.google-analytics.com/gtm/
60 KB
23 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-532WV78&t=gtag_UA_146356595_13&cid=295442787.1580144131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aaa77bc11f41af2dbb3389be6c3c8b8f24cab9e7831a6d43f5f6ff42e86b3496
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
content-encoding
br
last-modified
Mon, 27 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22795
x-xss-protection
0
expires
Mon, 27 Jan 2020 16:55:31 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=20489837&t=pageview&_s=1&dl=https%3A%2F%2Frondevo.com%2Fland%2Frondevo%2Fp%2Fr%2F10%2F%3Fcep%3DxuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw%26lptoken%3D158880ea1412597f3036%26partner%3D399%26subid%3D933-188643819%26sub1%3D1090%26sub2%3D102f8879c5dce886c067eeba99c59e%26sub3%3D%26sub4%3D&ul=en-us&de=UTF-8&dt=Rondevo%20-%20Online%20dating%20app&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAUADQ~&jid=1683160439&gjid=901322922&cid=295442787.1580144131&tid=UA-146356595-13&_gid=637673215.1580144131&_r=1&gtm=2ou1f1&z=602306502
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jan 2020 16:55:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1158.min.js
js-agent.newrelic.com/
26 KB
10 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1158.min.js
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 16:55:31 GMT
content-encoding
gzip
x-amz-request-id
ACCAA6FC9CC752FB
x-cache
HIT
status
200
content-length
10068
x-amz-id-2
qb8oRyQPV5RWDkM/YaSpwqe1Tk7N9qddW/sEyzaPUyo5r36anYuFHO7Y/HryGZAiK36w5kQo38I=
x-served-by
cache-fra19120-FRA
last-modified
Wed, 18 Dec 2019 00:24:13 GMT
server
AmazonS3
x-timer
S1580144132.682053,VS0,VE0
etag
"0be8452b990e805f60431dce9e0279b2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
10083
aa0f93f53c
bam.nr-data.net/1/
57 B
274 B
Script
General
Full URL
https://bam.nr-data.net/1/aa0f93f53c?a=403618773&v=1158.afc605b&to=b1xQZUYHXUNSVkcPDlYWZ0NdSVtfXlAcEAMXTkVGGwpSXldcXQESF0lHU1gPUB9aW1cDGRZJWkE%3D&rst=16983&ref=https://rondevo.com/land/rondevo/p/r/10/&ap=23&be=16600&fe=16864&dc=16669&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1580144114720,%22n%22:0,%22f%22:15911,%22dn%22:15912,%22dne%22:15931,%22c%22:15931,%22s%22:15936,%22ce%22:15963,%22rq%22:15963,%22rp%22:16593,%22rpe%22:16596,%22dl%22:16596,%22di%22:16668,%22ds%22:16668,%22de%22:16669,%22dc%22:16864,%22l%22:16864,%22le%22:16865%7D,%22navigation%22:%7B%7D%7D&fp=16696&fcp=16696&at=QxtTEw4dTk0%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1158.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aa0f93f53c
bam.nr-data.net/resources/1/
0
154 B
XHR
General
Full URL
https://bam.nr-data.net/resources/1/aa0f93f53c?a=403618773&v=1158.afc605b&to=b1xQZUYHXUNSVkcPDlYWZ0NdSVtfXlAcEAMXTkVGGwpSXldcXQESF0lHU1gPUB9aW1cDGRZJWkE%3D&rst=17416&ref=https://rondevo.com/land/rondevo/p/r/10/&st=1580144114720&at=QxtTEw4dTk0%3D
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Origin
https://rondevo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://rondevo.com
Access-Control-Allow-Credentials
true
Content-Length
0
Content-Type
text/plain
aa0f93f53c
bam.nr-data.net/events/1/
24 B
178 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/aa0f93f53c?a=403618773&v=1158.afc605b&to=b1xQZUYHXUNSVkcPDlYWZ0NdSVtfXlAcEAMXTkVGGwpSXldcXQESF0lHU1gPUB9aW1cDGRZJWkE%3D&rst=26983&ref=https://rondevo.com/land/rondevo/p/r/10/
Requested by
Host: rondevo.com
URL: https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://rondevo.com/land/rondevo/p/r/10/?cep=xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw&lptoken=158880ea1412597f3036&partner=399&subid=933-188643819&sub1=1090&sub2=102f8879c5dce886c067eeba99c59e&sub3=&sub4=
Origin
https://rondevo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://rondevo.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| isMobileDevice function| isPortrait object| btns object| google_optimize

7 Cookies

Domain/Path Name / Value
.rondevo.com/ Name: _gat_gtag_UA_146356595_13
Value: 1
.rondevo.com/ Name: _gid
Value: GA1.2.637673215.1580144131
.rondevo.com/ Name: uuid
Value: 26a01007-26d8-4cd2-9ed5-ecf82103a39f
.rondevo.com/ Name: marketing_get_params
Value: %7B%22cep%22%3A%22xuKJaDJrtNyaqI0VasT2YGU4vRbrNlBI-AgiWy_T_gXV_MoLMKDTCBC-MF0HRKFnsRkssIJTnECmqIobp1XfGNq4bScWmCbIZ8T3wC9-9DEJVXvVPffs3iNzR5G5HpdliAeYmYSN4AxavbKVKGvfRujgRdvoQtbKUWtNH_91DPGuMfRW7GQbKvOmve4YqyTvMQrTvgvW2EFEAhaQMR0ttxfLovl2RZDILb-rd96nGu7VT7gAaSNbOYwXlJybAHcCCASqfCmOvx2kuhmYu_E22rzjwg0qUj1autHL1oAVD2JAeoqgs9v7cuW0njsYpW3gvjTtjhUNlUXZ9A1edMMZe9E1juC6-8y0aNr68jrXL4lwbjI2YI1vitACT-1Tam6M8bbcUpi_uFAfIGghiKqWfmuJnKdtaqC18VgP3zGbEyqbBFQZ4d7MeVp8_5KX88fVbNaetMVUM2BgwO_pSYxZBw%22%2C%22lptoken%22%3A%22158880ea1412597f3036%22%2C%22partner%22%3A%22399%22%2C%22subid%22%3A%22933-188643819%22%2C%22sub1%22%3A%221090%22%2C%22sub2%22%3A%22102f8879c5dce886c067eeba99c59e%22%2C%22sub3%22%3A%22%22%2C%22sub4%22%3A%22%22%7D
.rondevo.com/ Name: _ga
Value: GA1.2.295442787.1580144131
.rondevo.com/ Name: click_time
Value: 2020-01-27+16%3A55%3A31
.rondevo.com/ Name: __cfduid
Value: d538a4ab2504dc47914ab14a05bb1072b1580144130

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
code.jquery.com
goo.gl
i.gstatvb.com
jonally-dishished.com
js-agent.newrelic.com
point2web.go2cloud.org
rondevo.com
sexxonlineusa.tk
track-victoriadates.com
www.cqhhz.com
www.google-analytics.com
www.googletagmanager.com
151.101.14.110
162.247.242.21
198.54.115.175
2001:4de0:ac19::1:b:3a
2606:4700::6813:ad83
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
34.232.196.87
34.245.243.239
35.204.184.11
52.29.30.140
63.32.219.160
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
13893be0bb2640483a66725b7e8a7d83d762f810bd33cf0d0b2d02fc1ec91d1d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
239fb4580b345be42bbadc88cbfd14be4feda3e76d996bf041eae1daac7f4467
451812857ea25a16d4e413ea05f75f923424a9d933824642029eaf8548e519b1
530c16ad0d3c88335a4c85f2b3c3d0c796d9b035ebc6ff979d4cf0c178de5678
68570a0e9c6bbf28bdb40e3a03cda55d6944d2390c2e4a982b6cd6feada03542
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
aaa77bc11f41af2dbb3389be6c3c8b8f24cab9e7831a6d43f5f6ff42e86b3496
bcb319b298595c69ecade39e84a4e8ad2a4e64611c0c0be069821e5ec52ec3a4
cdd5d1e5c1f100cfd3761d3cfb4768da9a6c34329e986591e323f79323512314
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d318cf022441e4f6c89f5d529e239009c646aa9bc636760a3b945cfe87e7c0e6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0dc4bec01a1cea8fa1beda9cbcc82916be7c53215d06745cdc7110bfbf84806
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855