roilunit.loan Open in urlscan Pro
104.21.65.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/ytpmt72e
Effective URL:
https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Submission: On May 30 via manual (May 30th 2024, 5:38:13 pm UTC) from US — Scanned from CA

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 26 HTTP transactions. The main IP is 104.21.65.118, located in and belongs to CLOUDFLARENET, US. The main domain is roilunit.loan.
TLS certificate: Issued by GTS CA 1P5 on April 23rd 2024. Valid for: 3 months.

This is the only time roilunit.loan was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.20.138.65 104.20.138.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.236.116.25 91.236.116.25	42237 (W1N) (W1N)
1 1	194.145.209.68 194.145.209.68	200514 (KNOWNSRV) (KNOWNSRV)
1 8	104.21.65.118 104.21.65.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
1	104.18.40.68 104.18.40.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.67.146 104.21.67.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	10

1 104.20.138.65 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.236.116.25 (Stockholm, Sweden)

ASN42237 (W1N, GB)

tastyfop.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.145.209.68 (Amsterdam, Netherlands) 1 redirects

ASN200514 (KNOWNSRV, GB)

betegnus.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.65.118 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

roilunit.loan	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.40.68 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.67.146 (None, )

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.roilunit.loan	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	roilunit.loan 1 redirects roilunit.loan beacon.roilunit.loan	410 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1866 ka-f.fontawesome.com — Cisco Umbrella Rank: 4530	24 KB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 469518	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 781136	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	betegnus.bid 1 redirects betegnus.bid	613 B
1	tastyfop.win tastyfop.win	387 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17151	812 B
26	9

	Domain	Requested by
8	roilunit.loan	1 redirects tastyfop.win roilunit.loan
4	beacon.roilunit.loan	roilunit.loan
3	virtualpushplatform.com	roilunit.loan virtualpushplatform.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	fonts.googleapis.com	roilunit.loan
2	pushvisit.xyz	virtualpushplatform.com
1	fonts.gstatic.com	fonts.googleapis.com
1	kit.fontawesome.com	roilunit.loan
1	betegnus.bid	1 redirects
1	tastyfop.win
1	tinyurl.com	1 redirects
26	11

This site contains no links.

Subject Issuer	Validity	Valid
tastyfop.win R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
roilunit.loan GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
virtualpushplatform.com Cloudflare Inc ECC CA-3	`2024-01-14` - `2024-12-31`	a year	crt.sh
beacon.roilunit.loan R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Frame ID: 40C2006C7F2F1560F6B2D5B9AC7EA107
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prime

Page URL History Show full URLs

https://tinyurl.com/ytpmt72e HTTP 301
https://tastyfop.win/100835edecb06e56800/17/01/012 Page URL
https://betegnus.bid/r/05f4fc63-2c71-422a-8e26-08dd13fdbcc6/473183/1466277760/17 HTTP 302
https://roilunit.loan/sf/tpl38?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=... HTTP 301
http://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2... HTTP 307
https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

463 kB
Transfer

1767 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/ytpmt72e HTTP 301
https://tastyfop.win/100835edecb06e56800/17/01/012 Page URL
https://betegnus.bid/r/05f4fc63-2c71-422a-8e26-08dd13fdbcc6/473183/1466277760/17 HTTP 302
https://roilunit.loan/sf/tpl38?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760 HTTP 301
http://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760 HTTP 307
https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tinyurl.com/ytpmt72e HTTP 301
https://tastyfop.win/100835edecb06e56800/17/01/012

26 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

012
tastyfop.win/100835edecb06e56800/17/01/
Redirect Chain

https://tinyurl.com/ytpmt72e
https://tastyfop.win/100835edecb06e56800/17/01/012

143 B
387 B

840ms
529ms

Document
text/html

91.236.116.25
W1N

General

Check archive.org

Show headers Download Go to

Full URL: https://tastyfop.win/100835edecb06e56800/17/01/012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.236.116.25 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 143
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 17:38:07 GMT
server: Apache

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status: MISS
cf-ray: 88c07ef65b83abeb-YYZ
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 17:38:06 GMT
location: https://tastyfop.win/100835edecb06e56800/17/01/012
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex
x-tinyurl-redirect: eyJpdiI6Inc4ZzlQNlVMRk8ybG9HUjNONjNwWnc9PSIsInZhbHVlIjoiSW5HMk1ENmZoa0JEcDk0ME04T0ZQa3g5a3RrRUtURmZrUXEwenVzOUw3cEErcU85dGxxdCtvUWFvRXlSUGQvb3g1Q0xScE9vRzVGZ0lXRFRjNkJJYUE9PSIsIm1hYyI6IjgzMWM3YTI3ZWUxZDgzZmViOWNjNGU3NWI1MmVjMDY5NTYwNTgwZDAxMzQyNmQ4ODJhMWFmODdlODBmMzRiMmIiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type: redirect
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request / Show response
roilunit.loan/sf/tpl38/
Redirect Chain

https://betegnus.bid/r/05f4fc63-2c71-422a-8e26-08dd13fdbcc6/473183/1466277760/17
https://roilunit.loan/sf/tpl38?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
http://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

2 KB
1 KB

139ms
138ms

Document
text/html

104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Requested by: Host: tastyfop.win
URL: https://tastyfop.win/100835edecb06e56800/17/01/012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b5df73e5ffce4c7a8d278eaeea04890c195baecc87c332c5a197faa0573562

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://tastyfop.win/100835edecb06e56800/17/01/012
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88c07f02ed61aaad-YYZ
content-encoding: br
content-type: text/html
date: Thu, 30 May 2024 17:38:08 GMT
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppRWNSeLENCVgLVYXfrmDvzETutt68cZfUmSgRozEsD%2FcTjQnmtp%2FVFuJFRhVWvH%2Fp6Zqm6HxNDzru5DGG%2FSyGZJFXXTXm6KZVjfeAuh5UL1o8HQSB5%2BB7xWV6qnFivH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex

Redirect headers

Location: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
2 KB 132ms
53ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

f7b0577d4c989c0389144e4c1e5cfc7e17f197c0b0be822ff7f57aa51d45704f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 May 2024 17:38:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 May 2024 17:38:08 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 12 KB
5 KB 81ms
35ms Script
text/javascript 104.18.40.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/268a7048dd.js
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 50
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 88c07f0428f2ac26-YYZ
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9RT6073eLd1sr4NMnmC

GET css2
fonts.googleapis.com/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 761 B
457 B 133ms
56ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 May 2024 16:51:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 May 2024 17:38:08 GMT

GET
H3 200 bundle.2b536e69a1e9becff050.css
roilunit.loan/sf/tpl38/ 94 KB
18 KB 49ms
48ms Stylesheet
text/css 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roilunit.loan/sf/tpl38/bundle.2b536e69a1e9becff050.css?t=1713882233306
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75277b391e2980966fefa7f81fab76db3d0ea622db5709be81a23b05a78e568e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 447290
etag: W/"6627c4e4-177e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iz2mmXs%2BpLDrAJWcl8nz42tTJZoNBtuqo%2FK2CthClYgzFs4%2BL5USLKUHgU2jiZNIX4uO8bzFkiBiD7o7mQkNTWVJWbUwW%2Bl3F%2BJIuor1RBbp4N7yUvbWaB4aMycIKVkJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88c07f03eb21ac46-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 May 2025 07:39:17 GMT

GET
H3 200 apple_logo.png
roilunit.loan/sf/tpl38/public/ 51 KB
52 KB 30ms
29ms Image
image/png 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roilunit.loan/sf/tpl38/public/apple_logo.png
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed071de25afe945a3c80724a3a6623f28b2092c642102b85a77cdc5fdbd2b5e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 700888
alt-svc: h3=":443"; ma=86400
content-length: 52224
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
server: cloudflare
etag: "6627c4e4-cc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Is7ePy1d%2FR30tGeQiJSFX5Fql%2F0R5BjAf2MQEekla0p7%2BIu%2FciSKsSacjL8xeQFe7%2F%2FuNPNhDrWuIbzHEpmex9VgwLs5HKhltMOzfDXMkbgL5nsRTbJL3cxQYQrmm8xE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c07f03eb23ac46-YYZ
expires: Thu, 22 May 2025 09:12:42 GMT

GET
H3 200 13.d06efd84.chunk.js Show response
roilunit.loan/sf/tpl38/js/ 390 KB
126 KB 70ms
69ms Script
application/javascript 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roilunit.loan/sf/tpl38/js/13.d06efd84.chunk.js
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f20c460c68a7f338d8fb93fe046db12b1946a81cffba266dc4972d3368c99ff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 700888
etag: W/"6627c4e4-61927"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ojM8fJFQKadwZwz%2FlIPkC7GF54hRw%2FpsPJ2Ez%2BrGSggv%2BvODopkgRv0RUDnahtaVM6v15FvZRCbc6s4jIEE9263zdr2eGdgPLJ4Iigq7STMzl6UcW02d%2BO3N9WvD2nV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88c07f03eb25ac46-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 May 2025 09:12:42 GMT

GET
H3 200 app.afa9e4a4.js Show response
roilunit.loan/sf/tpl38/js/ 981 KB
161 KB 90ms
90ms Script
application/javascript 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roilunit.loan/sf/tpl38/js/app.afa9e4a4.js
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881a1d87544888c8c7b9ac24de94eb46b6644c88806c81e7815125ce0e05d503

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/?logo=195p&item=RZ6P&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 447290
etag: W/"6627c4e4-f53a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FmBTU89KG7abXHhXI%2FY%2BqSqZ%2F5gBeQAnP1h8xUSwdeVK3IVAxlmB5oamMhMSw7pU95gS%2F%2FXyVwvtsNYbVv0pvvcO%2F0k5%2Bp7zj4%2BlY44sJYvh3LEGyMU4Qllwd2TlmQU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88c07f03fb43ac46-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 25 May 2025 07:39:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
515 B 80ms
54ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/bundle.2b536e69a1e9becff050.css?t=1713882233306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 May 2024 16:55:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 May 2024 17:38:08 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 58ms
30ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
via: 1.1 757f53a116e3bce1cfc7655bc6b1ae8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: YUL62-C2
age: 447290
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taQgteA2LI7SNcffRZkYmNE%2BB3kOtMRgDavdZfWQIIoB4nnP8uWRzZA0s35zD2kG%2B83b6JFkMTiKD3yh9c4qh9ePF1QtXOnOBgoJ4eUozGwqol9ck4VPrhNyDsANyDWOTQ4OeDhilg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 88c07f049dc3ac42-YYZ
access-control-allow-headers: fa-kit-token
x-amz-cf-id: CaBSd5u_RwbTMPQQGHQGFHx13hV6MY2Hv5X-OruQ-xyn7vfe6Ed-Cg==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 56ms
29ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
via: 1.1 b8fb298b26902ffe0fb5edce098eceee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD56-P6
age: 447290
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkXOYrmJaBbJ0tT1PLUt2uxiHsxv%2F1cTPwgBr5OIk0XiIfsjLQ1rLMaPgbvu22T6bc7JWgmmCn8LFCj6ZPPbl4QloNtEMQxX5hoARZMUQI8ZjHkJQVvf4M9H5tE7C6pkfq%2FF0ROZTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 88c07f049dc1ac42-YYZ
access-control-allow-headers: fa-kit-token
x-amz-cf-id: quE6LdZ3wUVwZ9YrhStvAiv7Jup9sy0VJ9zIe9OXUCZT126oLuF5aA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 75ms
48ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
via: 1.1 71b90b61d58fd2a84fb0ad4ce0fc268c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: YTO50-C3
age: 447290
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOf0y45WJTeMV0adUsynfJBovxXUKb80f%2F5qSRMTApcKATArsEG%2FCrUmdCO5a3gnJl%2BI9TGAfKBX4qSIhIosUedlSGVuEh24f9v1a%2FxyEsC3dsf7FF7IxPuEKvW4DsC%2F6WNj9vEm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 88c07f049dc5ac42-YYZ
access-control-allow-headers: fa-kit-token
x-amz-cf-id: zL_nGd23e5N7W137jUBQ8bh2gL19tU6yo-vUniJ0J3ZdkxKUi-gayw==

GET
H3 200 ace-push.js Show response
virtualpushplatform.com/ 13 KB
5 KB 145ms
109ms Script
text/javascript 104.21.67.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/js/app.afa9e4a4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b817d86aff80a58f7440cbf3f6e24eeab0c41cef66274d6972a465106af99fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 29 May 2024 18:57:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1dab1fa0d10e94b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQUuZ%2B49VVvO9Mp8n6rdhwUSZjAMAS2ObvXFmqexrXd6URad1Z64VCJEAC8VKgXix5kF%2FhOMSDA3lD8GUO8ATfzqPptcqC%2BPDULJVjstgHeULHHK3uRfsFSzwhN8xg2er2ESQYhZeTH72A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 88c07f0569adac81-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 summary Show response
beacon.roilunit.loan/geo/ 118 B
573 B 120ms
41ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roilunit.loan/geo/summary

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/js/13.d06efd84.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6cdea508d04ca8a515d1bb52bd13bd525bd5718ebbb84679f8e424db9e987e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 585003b7-2914-47e2-9c28-c33835dc12f3 Show response
beacon.roilunit.loan/g/ 112 B
585 B 114ms
36ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roilunit.loan/g/585003b7-2914-47e2-9c28-c33835dc12f3?logo=prime&item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/js/13.d06efd84.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

34b2dac60b758991abd0565ef704e22f25ff1eef251d808d527268b24af71f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3 200 prime_logo.png
roilunit.loan/sf/tpl38/public/ 12 KB
12 KB 30ms
30ms Image
image/png 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roilunit.loan/sf/tpl38/public/prime_logo.png
Requested by: Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/bundle.2b536e69a1e9becff050.css?t=1713882233306
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf6ec41f06550c35b0eefaa261fe5cc3d4250a4bd8efb2d2f9abbcb15da59ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/bundle.2b536e69a1e9becff050.css?t=1713882233306
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 700658
alt-svc: h3=":443"; ma=86400
content-length: 12015
last-modified: Tue, 23 Apr 2024 14:25:40 GMT
server: cloudflare
etag: "6627c4e4-2eef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSWAw%2FEAkifU7dNUPBgcLoiOR%2B0UuOlc2p5Q5wNqVA%2F5hzG7%2FSRS8zuptNZWL2nhGn43usId5OSRp%2B6OFvnXx62bs0u5JNw9S38zYdTbY6V7xWpaP2c6NjcjxgJiurX3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88c07f056cffac46-YYZ
expires: Thu, 22 May 2025 09:16:31 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 114ms
37ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://roilunit.loan
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 10:51:36 GMT
x-content-type-options: nosniff
age: 24392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18704
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 May 2025 10:51:36 GMT

GET
H2 200 d5888d93-73ba-4b6e-9441-606f4b68c0a1 Show response
beacon.roilunit.loan/s/ 51 KB
38 KB 50ms
49ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roilunit.loan/s/d5888d93-73ba-4b6e-9441-606f4b68c0a1?requestid=RvWTAPW5tO&destinationid=180688264&item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

Requested by

Host: roilunit.loan
URL: https://roilunit.loan/sf/tpl38/js/13.d06efd84.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fcc25b3efa5280a384ec3c4611e164ac8c954e387031c372b8cc3c3ccc7a40a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://roilunit.loan/
X-Requested-With: /sf/tpl38/?item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:08 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 d5888d93-73ba-4b6e-9441-606f4b68c0a1
beacon.roilunit.loan/s/ 0
0 34ms
33ms Preflight 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roilunit.loan/s/d5888d93-73ba-4b6e-9441-606f4b68c0a1?requestid=RvWTAPW5tO&destinationid=180688264&item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://roilunit.loan
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin: *
content-length: 0
date: Thu, 30 May 2024 17:38:08 GMT
server: Kestrel
strict-transport-security: max-age=2592000

OPTIONS
H2 200 visit
pushvisit.xyz/api/v1/ 0
0 446ms
108ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roilunit.loan
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Thu, 30 May 2024 17:38:09 GMT

POST
H2 200 visit Show response
pushvisit.xyz/api/v1/ 1 KB
2 KB 114ms
113ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 32d992577fba4da65b4cced27c9987abf528dba48663abca17ba5a14e2a4291b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 30 May 2024 17:38:09 GMT
server: Kestrel
content-length: 1483
content-type: application/json; charset=utf-8

GET
H3 404 favicon.ico
roilunit.loan/ 548 B
551 B 29ms
29ms Other
text/html 104.21.65.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roilunit.loan/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.65.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://roilunit.loan/sf/tpl38/?item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:38:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 141
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ctusv2uqALkarEtvsuuFAhgnnY1NPan3%2BB9ESlIWH%2FJS5ote2AWxLMxXBWpJpqXqWbRDLxZnH%2BtizsRy2WjLq9SUvZ6Qtpt5PvyPSAN5zMfN02oSPeDaawmWThJoRz0"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 88c07f067e43ac46-YYZ
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fb84f3908851d212126c7bec5b3894174996f91c403ce1d7807ade5813dd1ba

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 106ms
106ms Fetch 104.21.67.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://roilunit.loan/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 30 May 2024 17:38:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdWN8hvXe6ykxje1P8A4eiKvrwHsCJfv0WORUHY7pxw7zFxHKYDJ5MwUcM9PNzBw%2FqYrzwqhFLtkxyOVQBuXnZOKC6ykZG%2FE2f1qPQfQXsORZeIirQJaHxJOBNk3I34%2B%2F7GePnt8HPqOvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88c07f153d36aa9e-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 132ms
107ms Preflight 104.21.67.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.67.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roilunit.loan
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88c07f148c77aa9e-YYZ
content-length: 0
date: Thu, 30 May 2024 17:38:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JT7NFjSsV0LIZbLy0M%2Fm0eZv1TwfLNnhGwnk%2BdsRmcN8VOQzLnQqksljZVIIrtEoXNYfDBF%2F5bfTjfnOWob1mR7u0F2nX6ddtpkc2b%2BufGRmomZAJyZlePEIT21kym1sdpTxau7bdzllCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@900:wght@400&display=swap

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinyurl.com/	1970-01-20 20:58:12	Name: __cf_bm Value: 1gvxAF7q75HqHvj4633GxWsFlEHsnSeVSnl6UkR7w58-1717090686-1.0.1.1-HdVF_y3cVlkok9iCakpF.NslW0K48vmhpdm8QnldkOPaAJStgPty2RwwHTcpi03MRahOr0u0jCIF8OhSZUcmOA
tastyfop.win/	1970-01-20 21:42:45	Name: uid27313 Value: 1466277760-20240530123807-d588f8077f55b058e90b31f0c0e39f86-5592
.virtualpushplatform.com/	1970-01-20 20:58:14	Name: TiPMix Value: 73.8817035495424
.virtualpushplatform.com/	1970-01-20 20:58:14	Name: x-ms-routing-name Value: self

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://roilunit.loan/sf/tpl38/?item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760#!/hst Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://roilunit.loan/sf/tpl38/?item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760#!/hst Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://roilunit.loan/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://roilunit.loan/sf/tpl38/0?item=RZ6P&logo=195p&sub1=4ede989a-dadc-428c-9b40-041b253db461&sub2=&sub3=1466277760&type=Computer#!/hst Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.roilunit.loan
betegnus.bid
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
pushvisit.xyz
roilunit.loan
tastyfop.win
tinyurl.com
virtualpushplatform.com
fonts.googleapis.com
104.18.40.68
104.20.138.65
104.21.65.118
104.21.67.146
142.251.163.94
172.253.115.95
172.67.139.119
194.145.209.68
20.50.64.3
45.55.126.207
91.236.116.25
1f20c460c68a7f338d8fb93fe046db12b1946a81cffba266dc4972d3368c99ff
2fb84f3908851d212126c7bec5b3894174996f91c403ce1d7807ade5813dd1ba
32d992577fba4da65b4cced27c9987abf528dba48663abca17ba5a14e2a4291b
34b2dac60b758991abd0565ef704e22f25ff1eef251d808d527268b24af71f09
3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5
5b817d86aff80a58f7440cbf3f6e24eeab0c41cef66274d6972a465106af99fc
6cdea508d04ca8a515d1bb52bd13bd525bd5718ebbb84679f8e424db9e987e44
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
75277b391e2980966fefa7f81fab76db3d0ea622db5709be81a23b05a78e568e
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
7ed071de25afe945a3c80724a3a6623f28b2092c642102b85a77cdc5fdbd2b5e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
881a1d87544888c8c7b9ac24de94eb46b6644c88806c81e7815125ce0e05d503
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e
ecf6ec41f06550c35b0eefaa261fe5cc3d4250a4bd8efb2d2f9abbcb15da59ca
f4b5df73e5ffce4c7a8d278eaeea04890c195baecc87c332c5a197faa0573562
f7b0577d4c989c0389144e4c1e5cfc7e17f197c0b0be822ff7f57aa51d45704f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fcc25b3efa5280a384ec3c4611e164ac8c954e387031c372b8cc3c3ccc7a40a2

roilunit.loan Open in urlscan Pro 104.21.65.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

10 IPs

5 Countries

463 kBTransfer

1767 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

roilunit.loan Open in urlscan Pro
104.21.65.118 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

463 kB
Transfer

1767 kB
Size

4
Cookies

26 HTTP transactions
1 data transactions