roanoke.com Open in urlscan Pro
192.104.183.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e5...
Effective URL:
https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a...
Submission Tags: falconsandbox
Submission: On January 30 via api (January 30th 2021, 3:39:58 pm UTC) from US

Summary HTTP 88 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 88 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is roanoke.com.
TLS certificate: Issued by R3 on January 5th 2021. Valid for: 3 months.

This is the only time roanoke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
24	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.93.112 143.204.93.112	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	13.225.80.8 13.225.80.8	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2011	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba8b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:1f18:730... 2600:1f18:730:b130:2c1a:486d:f5df:3ec7	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.73.156 3.213.73.156	14618 (AMAZON-AES) (AMAZON-AES)
1 2	99.80.128.92 99.80.128.92	16509 (AMAZON-02) (AMAZON-02)
1	54.227.229.225 54.227.229.225	14618 (AMAZON-AES) (AMAZON-AES)
88	26

6 192.104.183.209 (United States) 2 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.roanoke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roanoke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.18.131.43 (United States)

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-112.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.80.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-8.fra2.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba8b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:2c1a:486d:f5df:3ec7 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.73.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-73-156.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.128.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.229.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-229-225.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	townnews.com bloximages.newyork1.vip.townnews.com bloximages.chicago2.vip.townnews.com	464 KB
9	google-analytics.com www.google-analytics.com	55 KB
7	doubleclick.net survey.g.doubleclick.net stats.g.doubleclick.net	388 KB
7	google.com contributor.google.com fundingchoicesmessages.google.com ampcid.google.com analytics.google.com www.google.com	46 KB
7	cookielaw.org cdn.cookielaw.org	107 KB
6	roanoke.com 2 redirects www.roanoke.com roanoke.com	36 KB
5	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com	14 KB
5	google.de adservice.google.de ampcid.google.de www.google.de	1 KB
5	googletagmanager.com www.googletagmanager.com	251 KB
3	facebook.com www.facebook.com	637 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adlightning.com tagan.adlightning.com	60 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	13 KB
2	facebook.net connect.facebook.net	94 KB
2	onetrust.com geolocation.onetrust.com	734 B
2	gstatic.com www.gstatic.com	13 KB
88	16

	Domain	Requested by
23	bloximages.newyork1.vip.townnews.com	roanoke.com bloximages.newyork1.vip.townnews.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com roanoke.com
7	cdn.cookielaw.org	roanoke.com cdn.cookielaw.org
5	www.googletagmanager.com	roanoke.com www.googletagmanager.com
5	roanoke.com	1 redirects roanoke.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.facebook.com	connect.facebook.net roanoke.com
3	www.google.de	roanoke.com
3	sb.scorecardresearch.com	1 redirects roanoke.com
3	survey.g.doubleclick.net	roanoke.com survey.g.doubleclick.net
3	tagan.adlightning.com	roanoke.com tagan.adlightning.com
2	bcp.crwdcntrl.net	1 redirects tagan.adlightning.com
2	www.google.com	roanoke.com
2	analytics.google.com	www.googletagmanager.com
2	b-code.liadm.com	www.googletagmanager.com tagan.adlightning.com
2	connect.facebook.net	roanoke.com connect.facebook.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	www.gstatic.com	roanoke.com
1	i.liadm.com	tagan.adlightning.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	ampcid.google.de	www.google-analytics.com
1	adservice.google.de	survey.g.doubleclick.net
1	ampcid.google.com	www.google-analytics.com
1	fundingchoicesmessages.google.com	roanoke.com
1	contributor.google.com	roanoke.com
1	bloximages.chicago2.vip.townnews.com	roanoke.com
1	tags.crwdcntrl.net	roanoke.com
1	www.roanoke.com	1 redirects
88	29

This site contains links to these domains. Also see Links.

Domain
us851.dayforcehcm.com
subscribe3.gatewayva.com
bloxcms.com
townnews.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
roanoke.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust RSA CA 2018	`2020-02-25` - `2021-04-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.liadm.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Frame ID: A4C0AEAFB429FD00262A66A798BD32D5
Requests: 88 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
Frame ID: A5A433FFA126D69C466B0B0F657E1F50
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-058a?s=&cim=&ps=true&ls=true&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNN&
Frame ID: E17804844F88AFBBA5626BB901755876
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator... HTTP 301
https://roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator... HTTP 301
https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-n... Page URL

Page Statistics

88
Requests

100 %
HTTPS

69 %
IPv6

16
Domains

29
Subdomains

26
IPs

6
Countries

1544 kB
Transfer

3708 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://us851.dayforcehcm.com/CandidatePortal/en-US/bhmedia/
Title: Join our Team

Search URL Search Domain Scan URL

URL: https://subscribe3.gatewayva.com/authenticate.htm?p_publication=3400
Title: Carrier Services

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html HTTP 301
https://roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html HTTP 301
https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&c9=&cs_ak_ss=1

Request Chain 83

https://rp.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&se=e30&dtstmp=1612021182904 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&se=e30&dtstmp=1612021182904&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 84

https://bcp.crwdcntrl.net/5/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html Show response
roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/
Redirect Chain

https://www.roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
https://roanoke.com/calendar/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

122 KB
30 KB

341ms
341ms

Document
text/html

192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

6672531b00ade0dcd75d4dd6885b359047d6bbee1352fc3843348dce47f04b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: roanoke.com
:scheme: https
:path: /events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
cache-control: public, max-age=300
x-robots-tag: noarchive
x-ua-compatible: IE=edge
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js>; rel=preload; as=script <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script
x-tncms: 1.55.5; app12; 0.2s; 4.3M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age: 0
x-vcache: MISS
content-length: 28741

Redirect headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
cache-control: public, max-age=300
x-robots-tag: noarchive
location: /events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script
x-tncms: 1.55.5; app11; 0.01s; 1.4M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age: 0
x-vcache: MISS
content-length: 1847

GET
H2 200 jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
33 KB 112ms
58ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2575820
last-modified: Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id: 07f58c45d2000023af878e6000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f59338b-18813"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e85523af-ZRH
expires: Sun, 07 Nov 2021 07:41:38 GMT

GET
H2 200 user.js Show response
roanoke.com/shared-content/art/tncms/user/ 6 KB
2 KB 115ms
112ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4

Request headers

Referer: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:35:07 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 16:48:35 GMT
age: 274
etag: W/"601047e3-1891"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 2304
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
10 KB 166ms
113ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6827983
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id: 07f58c45e9000023afbf200000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c498308b423af-ZRH
expires: Wed, 03 Nov 2021 05:34:40 GMT

GET
H2 200 common.5ee3960b4d37bc106988fa535b393865.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 35 KB
13 KB 143ms
90ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 791728
last-modified: Fri, 23 Oct 2020 13:08:36 GMT
cf-request-id: 07f58c45d2000023afbf1fd000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5d4-8a06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e85323af-ZRH
expires: Thu, 04 Nov 2021 08:37:42 GMT

GET
H2 200 tnt.1477faac295a3745e4796d2263e75f11.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
3 KB 110ms
57ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 791728
last-modified: Thu, 05 Nov 2020 18:39:34 GMT
cf-request-id: 07f58c45d2000023afa30f1000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fa446e6-1bf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e85423af-ZRH
expires: Sun, 07 Nov 2021 05:34:28 GMT

GET
H2 200 application.93d1db0a57d520951552a1dcd8fd9aeb.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 107ms
54ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7550949
last-modified: Fri, 29 May 2020 21:15:25 GMT
cf-request-id: 07f58c45d2000023af92b6c000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5ed17b6d-f5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e85623af-ZRH
expires: Wed, 02 Jun 2021 19:06:12 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 31ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XGEj0K3rTilYfgfnFZGB2g==
age: 1835
vary: Accept-Encoding
content-length: 4211
cf-request-id: 07f58c459a0000dfef76968000000001
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:37:57 GMT
server: cloudflare
etag: 0x8D8C35FA1761C2B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 89c4d4e9-301e-0099-5a55-f55724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c49828cd6dfef-FRA

GET
H2 200 bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
16 KB 169ms
116ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7455613
last-modified: Fri, 23 Oct 2020 13:08:03 GMT
cf-request-id: 07f58c45cf000023af84bc0000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5b3-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e84623af-ZRH
expires: Fri, 05 Nov 2021 04:39:29 GMT

GET
H2 200 layout.2a76ea6b1da821b015c6c6168e530f02.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 129 KB
22 KB 157ms
105ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.2a76ea6b1da821b015c6c6168e530f02.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee82bb96be591e9b53340f17031f92692408e1cd26df408c6bfcc3953f872f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2143136
last-modified: Mon, 28 Dec 2020 21:44:28 GMT
cf-request-id: 07f58c45d2000023af5d9ad000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fea51bc-20588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e84d23af-ZRH
expires: Wed, 05 Jan 2022 20:01:14 GMT

GET
H2 200 lee.ds.css
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ 63 KB
11 KB 152ms
101ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1611090082

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9fab16d26fcd7fe22ce52628916f739d4aa3ca3715de7132324c9ac9c1edcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 921257
last-modified: Tue, 19 Jan 2021 21:01:22 GMT
cf-request-id: 07f58c45d6000023af9b1b0000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"600748a2-fc4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e85223af-ZRH
expires: Wed, 19 Jan 2022 21:06:24 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 107ms
55ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2575820
last-modified: Fri, 23 Oct 2020 13:10:04 GMT
cf-request-id: 07f58c45cf000023afc2bad000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d62c-189c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4982e84b23af-ZRH
expires: Fri, 05 Nov 2021 06:25:39 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6892/ 45 KB
12 KB 93ms
38ms Script
application/json 143.204.93.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6892/cc.js?ns=_cc6892
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d27336bc235ad1db35d729e49a2564d808be39c8b8324516a5d3f61d41c861e

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:46:30 GMT
content-encoding: gzip
etag: W/"1b4ac0472964feff3e84c6449241dc9f"
last-modified: Tue, 10 Nov 2020 15:10:17 GMT
server: AmazonS3
age: 71592
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1UCFiJr_cqWnYPfFSD4pAl_lqfzXaWZkkj-gcnD7S56prIfEVerN7Q==

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 517 B
550 B 36ms
36ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7455614
last-modified: Fri, 23 Oct 2020 13:08:16 GMT
cf-request-id: 07f58c466e000023af5e398000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5c0-205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4983ead923af-ZRH
expires: Wed, 03 Nov 2021 07:03:39 GMT

GET
H2 200 tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 36ms
33ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 789399
last-modified: Fri, 23 Oct 2020 13:08:13 GMT
cf-request-id: 07f58c4677000023af5a852000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5bd-de1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4983faf423af-ZRH
expires: Thu, 04 Nov 2021 08:37:42 GMT

GET
H2 200 tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 6 KB
2 KB 37ms
34ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 789399
last-modified: Thu, 05 Nov 2020 18:39:35 GMT
cf-request-id: 07f58c4677000023afd23e4000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fa446e7-19fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4983faf823af-ZRH
expires: Sat, 06 Nov 2021 04:40:18 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
age: 439513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:29 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 09:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
age: 195578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
expires: Fri, 28 Jan 2022 09:20:04 GMT

GET
H2 200 messaging.js Show response
roanoke.com/shared-content/art/tncms/api/ 4 KB
1 KB 114ms
112ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Referer: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:35:07 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 16:48:35 GMT
age: 274
etag: W/"601047e3-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 198 B
613 B 80ms
79ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 236460
last-modified: Fri, 23 Oct 2020 13:09:55 GMT
cf-request-id: 07f58c45f8000023afd19d6000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d623-c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c498328e823af-ZRH
expires: Wed, 03 Nov 2021 07:03:39 GMT

GET
H2 200 tracking.js Show response
roanoke.com/shared-content/art/tncms/ 3 KB
1 KB 118ms
117ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://roanoke.com/shared-content/art/tncms/tracking.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43

Request headers

Referer: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:36:45 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 16:48:35 GMT
age: 176
etag: W/"601047e3-a4c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1150
service-worker-allowed: /

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 17ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mHlk9fiiqYjvq2V+HtACPg==
age: 1445
vary: Accept-Encoding
cf-request-id: 07f58c466a0000dfef621de000000001
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jul 2020 15:45:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 35967221-501e-000a-11f4-bdc16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 619c4983df86dfef-FRA

GET
H2 200 fontawesome.edd147e4c2830f416874012247117438.js Show response
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 252 KB
89 KB 48ms
45ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 791729
last-modified: Fri, 23 Oct 2020 13:08:53 GMT
cf-request-id: 07f58c4677000023af92b7f000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5e5-3f1a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4983fafe23af-ZRH
expires: Fri, 05 Nov 2021 07:14:50 GMT

GET
H2 200 roanoke.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 22 KB
22 KB 38ms
34ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/roanoke.com.png?_dc=Jan.Sat.2021

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82a204e715225c3a20150132ce8c0fb205ae0a193f01b03194c245764c31ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
cf-cache-status: HIT
age: 36878
last-modified: Mon, 06 Jul 2020 14:17:51 GMT
strict-transport-security: max-age=604800
content-length: 22050
cf-request-id: 07f58c4678000023afc497d000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f03328f-5622"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 619c4983fb0423af-ZRH
expires: Sun, 30 Jan 2022 05:00:06 GMT

GET
H2 200 b0497354-bf9c-11ea-b63a-e3d21a3ddd05.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ 17 KB
17 KB 32ms
29ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/b0497354-bf9c-11ea-b63a-e3d21a3ddd05.png

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78b4ee14a788941683d78fbaa32a35da488dd3591929ef688ac79ee7d5bae78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
cf-cache-status: HIT
age: 789399
last-modified: Mon, 06 Jul 2020 15:23:48 GMT
strict-transport-security: max-age=604800
content-length: 17105
cf-request-id: 07f58c4678000023af9b1c3000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f034204-42d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 619c4983faff23af-ZRH
expires: Sun, 07 Nov 2021 08:52:48 GMT

GET
H2 200 7ddc4d3a-bf9a-11ea-b63a-3f8e178792c1.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ 49 KB
49 KB 40ms
38ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/7ddc4d3a-bf9a-11ea-b63a-3f8e178792c1.png

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc3299190e5b8b763c6213e4749e33d846de9af2cbb6b4ac5b881b791fb51b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
cf-cache-status: HIT
age: 23735
last-modified: Mon, 06 Jul 2020 15:08:04 GMT
strict-transport-security: max-age=604800
content-length: 50021
cf-request-id: 07f58c4678000023af5d1c8000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f033e54-c365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 619c4983fb0123af-ZRH
expires: Sat, 20 Nov 2021 08:55:48 GMT

GET
H2 200 ffd07c70-bf9b-11ea-b63a-df14bdc9a7f2.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ 15 KB
15 KB 33ms
31ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ffd07c70-bf9b-11ea-b63a-df14bdc9a7f2.png?resize=400%2C37

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a552087b0fe668fef8867a91c29783900fbd54acb6d81195c7b0ae6c1ca4f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 625642
last-modified: Mon, 06 Jul 2020 15:18:52 GMT
cf-request-id: 07f58c4678000023af94139000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "1e9255b404d587832956f54f700d1d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c4983fb0223af-ZRH
expires: Sat, 20 Nov 2021 08:42:14 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 37 KB
14 KB 141ms
57ms Script
application/javascript 13.225.80.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c188a2fc586538993680a328bfbb2aef3b22700cc77e3428d87509076dc0f98

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IQxPl8qsfsyANnbH0kx278M1PQ.ebHCc
content-encoding: gzip
etag: "d810450c44e3570a24c5348d8ea824e7"
age: 1876
x-cache: Hit from cloudfront
content-length: 13405
x-amz-meta-git_commit: 9a4f7ce
last-modified: Fri, 29 Jan 2021 18:01:21 GMT
server: AmazonS3
date: Sat, 30 Jan 2021 15:08:27 GMT
content-type: application/javascript
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: HdI733kTi3FhfmTh86ZIeN4bNMKLzWz4xveAvwMrM2YKC8oSV6ZhjQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
49 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4293be8d33e27db86fe90dbf6a1ad2ee18211ed05dc2eeea26e09d800272919f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49929
x-xss-protection: 0
last-modified: Sat, 30 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/b765fd5c002b8ec/ 106 KB
37 KB 167ms
145ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/b765fd5c002b8ec/loader.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c38026660cd10788b09fe593cdbdd9427aa7f351c648d299a287577b20693056

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f7vBgoNLM+N+7YTAyzse/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-f7vBgoNLM+N+7YTAyzse/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-f7vBgoNLM+N+7YTAyzse/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-f7vBgoNLM+N+7YTAyzse/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H2 200 AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ== Show response
fundingchoicesmessages.google.com/f/ 18 KB
8 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c7e905b64390e5e80b053d36eb03af8b1aaa379b839c22a191b0d271f92da2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K/m5I9DD7mhjk3djTle+fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-K/m5I9DD7mhjk3djTle+fQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-K/m5I9DD7mhjk3djTle+fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-K/m5I9DD7mhjk3djTle+fQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c90fbbbe-c35c-478f-a20a-c349468ac8c8.json Show response
cdn.cookielaw.org/consent/c90fbbbe-c35c-478f-a20a-c349468ac8c8/ 3 KB
2 KB 34ms
19ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c90fbbbe-c35c-478f-a20a-c349468ac8c8/c90fbbbe-c35c-478f-a20a-c349468ac8c8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fc46875ced5115fe4cd39df93d22a29f513889d050b6d4f8d7424489974e9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5QF9C9YZCf78DwgX/jnW9Q==
age: 5085
vary: Accept-Encoding
content-length: 1153
cf-request-id: 07f58c467300001f3dfc3e8000000001
x-ms-lease-status: unlocked
last-modified: Thu, 24 Sep 2020 14:24:36 GMT
server: cloudflare
etag: 0x8D860959056F683
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e3431930-b01e-012d-05a7-b11d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c4983ea271f3d-FRA

GET
H2 200 survey Show response
survey.g.doubleclick.net/ 9 KB
4 KB 79ms
57ms Script
text/javascript 2a00:1450:4001:809::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/survey?site=_f25nzspjnqckh2fwzsir2jvvr4&url=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&cid=everything&random=1612021182053

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

18fb9902b991d4b905ab7bfdb46be0341888e5d1eacf00525257cf46cea4ae95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, must-revalidate, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
vary: *
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
513 B 38ms
22ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 619c49841dcb4abc-FRA
cf-request-id: 07f58c468d00004abce4bb9000000001

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
221 B 32ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 619c49841dcf4abc-FRA
cf-request-id: 07f58c468d00004abc05aa5000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1538
date: Sat, 30 Jan 2021 15:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 30 Jan 2021 17:14:04 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
31 KB 56ms
43ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

507d4f7f45d340c5ae7ae084f846026dba90229d3185c72260b3b32543de63dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31376
x-xss-protection: 0
last-modified: Sat, 30 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 26ms
26ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 7638151
vary: Accept-Encoding
content-length: 73082
cf-request-id: 07f58c46b10000dfef6a0fc000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 66e8cb1e-b01e-0029-40a6-b1aea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c49844873dfef-FRA
expires: Sun, 07 Feb 2021 15:39:42 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 14:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:43:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 36ms
15ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://roanoke.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3-Q050 200 prompt_embed_static.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/432680117481406611/ 383 KB
383 KB 34ms
21ms Script
application/javascript 2a00:1450:4001:809::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.g.doubleclick.net/insights/consumersurveys/static/432680117481406611/prompt_embed_static.js
Requested by: Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_f25nzspjnqckh2fwzsir2jvvr4&url=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&cid=everything&random=1612021182053
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cf72b6c515de094089451e1954e8008b384ec15455c093f05f6648fdb86eccfb

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 28 Jan 2021 21:57:10 GMT
last-modified: Thu, 28 Jan 2021 18:17:16 GMT
server: Google Frontend
age: 150152
content-type: application/javascript
x-cloud-trace-context: ef9ace18fa7763b35370e49ea371ec18
cache-control: public, max-age=2592000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 391754

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
176 B 28ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=roanoke.com

Requested by

Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_f25nzspjnqckh2fwzsir2jvvr4&url=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&cid=everything&random=1612021182053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/c90fbbbe-c35c-478f-a20a-c349468ac8c8/75787057-4552-493b-aa72-b303111d8f91/ 14 KB
5 KB 40ms
40ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c90fbbbe-c35c-478f-a20a-c349468ac8c8/75787057-4552-493b-aa72-b303111d8f91/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7e5168ec023efae8c97daedcea417437cb58058bdcec97d29a5bfd928e62de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rtFCDmqWFsTCQiuDmA9XDg==
age: 5084
vary: Accept-Encoding
content-length: 4839
cf-request-id: 07f58c46de00001f3d5099d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 24 Sep 2020 14:24:37 GMT
server: cloudflare
etag: 0x8D86095913067C4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 22b20a4b-201e-00c9-493b-b6482c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c49849baf1f3d-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 34ms
14ms XHR
application/json 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://roanoke.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3-Q050 200 prompt Show response
survey.g.doubleclick.net/gk/ 0
281 B 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/gk/prompt?site=_f25nzspjnqckh2fwzsir2jvvr4&t=1&url=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&cid=everything&random=1612021182137&ref=&token=NT

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Jan 2021 15:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 41ms
16ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-54716522-7&cid=1152273548.1612021182&jid=530701762&gjid=402077252&_gid=1531030888.1612021182&_u=aGBAgUALAAQCAE~&z=1930308598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 30 Jan 2021 15:39:42 GMT
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
190 B 6ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=706207852&t=pageview&_s=1&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&ul=en-us&de=UTF-8&dt=Events%20%7C%20roanoke.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=530701762&gjid=402077252&cid=1152273548.1612021182&tid=UA-54716522-7&_gid=1531030888.1612021182&gtm=2wg1k0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=404&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&cd16=No&cd17=Page%20View&cd20=0e50a482-a8e0-11ea-9a92-5cb9017bff17&cm1=202&z=259250162

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 06:04:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34525
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 9 KB
3 KB 22ms
21ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: qiq5l7qzEHE2l1Y9A93NLw==
age: 7650810
vary: Accept-Encoding
content-length: 2654
cf-request-id: 07f58c471800001f3d17172000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:25 GMT
server: cloudflare
etag: 0x8D85529EE52897D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0865b685-601e-00e7-1a88-b1c8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c4984fc7e1f3d-FRA
expires: Sun, 07 Feb 2021 15:39:42 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 61 KB
15 KB 21ms
19ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C9ZZX5WmmuvxVnmOg+8oDA==
age: 3065538
vary: Accept-Encoding
content-length: 14901
cf-request-id: 07f58c471900001f3dfd064000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:25 GMT
server: cloudflare
etag: 0x8D85529EE46C785
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3a61abc9-701e-0174-4e3c-db18f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 619c4984fc801f3d-FRA
expires: Sun, 07 Feb 2021 15:39:42 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
51 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f596ae49d8e7097185eb1b692f9daa3d4620758defe3beb8b3fd0a1815f8d33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52550
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 307 KB
69 KB 79ms
79ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c642bb3f897881a6f6947239aeacdc7841ec154c39c101c3c43f9322b771934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70377
x-xss-protection: 0
last-modified: Sat, 30 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ 26 KB
26 KB 76ms
30ms Font
application/font-woff2 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1611090082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://roanoke.com
Referer: https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1611090082
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
cf-cache-status: HIT
age: 369297
last-modified: Mon, 02 Nov 2020 19:42:40 GMT
strict-transport-security: max-age=604800
content-length: 26164
cf-request-id: 07f58c47fe000023976bbdd000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5fa06130-6634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 619c498668e12397-ZRH
expires: Thu, 04 Nov 2021 10:15:08 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
119 B 13ms
13ms Other
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe1k0&_p=706207852&sr=1600x1200&ul=en-us&cid=1152273548.1612021182&_s=1&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&dr=&dt=Events%20%7C%20roanoke.com&sid=1612021182&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=202&up.logged_in=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6014cba95eecf.preview-300.jpg
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/eedition/b/29/b296e669-d2aa-5648-b3e2-13fd992da85a/ 46 KB
46 KB 44ms
43ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/eedition/b/29/b296e669-d2aa-5648-b3e2-13fd992da85a/6014cba95eecf.preview-300.jpg?resize=300%2C620

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a58ad136757e89ae2d0ec11ad1bff134b16364668e21da703c7983100815a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 23735
last-modified: Sat, 30 Jan 2021 02:59:54 GMT
cf-bgj: h2pri
cf-request-id: 07f58c4882000023af5f060000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "4fffbb97a1fe358433744ac133214616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c49873a6f23af-ZRH
expires: Sun, 30 Jan 2022 05:03:51 GMT

GET
H2 200 6011c9cf236a0.preview.jpg
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/2/ff/2ff6b4d1-2e71-5bed-8d8e-652db772c352/ 7 KB
7 KB 182ms
181ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/2/ff/2ff6b4d1-2e71-5bed-8d8e-652db772c352/6011c9cf236a0.preview.jpg?crop=720%2C405%2C0%2C37&resize=200%2C113&order=crop%2Cresize

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e352352636b0a8105ce1f93751a6b1d55b85c254bd63d328d5f7bae8fa8a31c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Wed, 27 Jan 2021 20:15:11 GMT
cf-bgj: h2pri
cf-request-id: 07f58c4884000023afb49d4000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "acdb776bdf90f76e43a67b2d243a010b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c49873a7523af-ZRH
expires: Sat, 29 Jan 2022 02:33:35 GMT

GET
H2 200 5ff403f221fc7.image.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/c/be/cbeab0c9-3de8-5550-a1f0-f975927c30a1/ 36 KB
36 KB 181ms
180ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/c/be/cbeab0c9-3de8-5550-a1f0-f975927c30a1/5ff403f221fc7.image.png?crop=588%2C331%2C0%2C15&resize=200%2C113&order=crop%2Cresize

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c43b071a561831eb3fdec7dc65ac389223008ccd3cccc161daf496b50907d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 619c49873a7923af-ZRH
last-modified: Tue, 05 Jan 2021 06:15:15 GMT
cf-request-id: 07f58c4886000023af5d9fd000000001
x-vcache: MISS
server: cloudflare
etag: "9a681bc64b0f40aeed82f6106e323331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 05 Jan 2022 07:20:16 GMT

GET
H2 200 5ff7f8888c616.image.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/3/ca/3caad115-a885-5469-ad2f-ebc3ec479c83/ 36 KB
36 KB 50ms
50ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/3/ca/3caad115-a885-5469-ad2f-ebc3ec479c83/5ff7f8888c616.image.png?crop=1116%2C628%2C41%2C0&resize=200%2C113&order=crop%2Cresize

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d393f808dbca7a6144152bc5eeb1bf7e53fa860971ec52240d403626c0d4b9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
cf-cache-status: HIT
age: 113660
last-modified: Fri, 08 Jan 2021 06:15:37 GMT
strict-transport-security: max-age=604800
content-length: 36370
cf-request-id: 07f58c4884000023af622ed000000001
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "13a3c8c7a58b8faf30bb3390bcd01d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 619c49873a8123af-ZRH
expires: Sat, 08 Jan 2022 06:34:56 GMT

GET
H2 200 6001c69d0c4c9.image.jpg
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/0/57/05762829-2229-568c-9d0e-93b79d2faf31/ 8 KB
8 KB 45ms
45ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/assets/v3/editorial/0/57/05762829-2229-568c-9d0e-93b79d2faf31/6001c69d0c4c9.image.jpg?resize=200%2C113

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a574763f228bb33b2b17dc4a974ea2bf1375ebf60d4ae0b64cfbca66da27938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 23735
last-modified: Fri, 15 Jan 2021 16:45:17 GMT
cf-bgj: h2pri
cf-request-id: 07f58c4884000023afb1943000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "08eba60f3df3d7fc07bfd8935d87c4be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 619c49873a8423af-ZRH
expires: Tue, 18 Jan 2022 15:54:52 GMT

GET
H2 200 b-9a4f7ce-9c3d90b4.js Show response
tagan.adlightning.com/leeenterprises/ 61 KB
21 KB 46ms
46ms Script
application/javascript 13.225.80.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-9a4f7ce-9c3d90b4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 17:46:28 GMT
content-encoding: gzip
age: 14248395
x-cache: Hit from cloudfront
content-length: 20759
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 18 Aug 2020 17:44:56 GMT
server: AmazonS3
etag: "3d023ce325e9d3643a874ad0a66a5e8d"
x-amz-version-id: bIGtI3pWPJE6g_TS3N9o1I1aF28kjQzP
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: XsVAn1Jiz17gK8JZzEwRX5u4_SFTprUJ-9dDJzZlkmz4WgnPvadFBA==

GET
H2 200 bl-c29bca2-ba51bfba.js Show response
tagan.adlightning.com/leeenterprises/ 88 KB
26 KB 46ms
46ms Script
application/javascript 13.225.80.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-c29bca2-ba51bfba.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501ce77a8068ae3825cd5f0d9b98001f7985b6d8a8dd4ccaf11dca188c44b7a6

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 18:02:05 GMT
content-encoding: gzip
age: 77858
x-cache: Hit from cloudfront
content-length: 26178
x-amz-meta-git_commit: c29bca2
last-modified: Fri, 29 Jan 2021 18:01:01 GMT
server: AmazonS3
etag: "bc5437f932215f7653a73d6e417fb967"
x-amz-version-id: c_Hyp7d23UM44BlGZbav0tnnKjr8uB11
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ORFaZrrCz0z5PMyMqSmPYzYOTiSvajHlLv8aPuFZmNsyMfCvK31G6g==

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
51 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f7da8a9067b79210a0459c4f7ebbaa3332da1b892550f02bf17e1c8015bdd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52561
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
938 B 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 14:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3315
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:44:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: +tUOATspwGongB/S1jOT00k/e7jwdrCUfBmxTUqtBqdRU7fHdZN8JdgiW67kBXMdRMj0Iw/ZE6BAa3XHezpQRw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 30 Jan 2021 15:39:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 140ms
51ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 15:39:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 31 Jan 2021 15:39:42 GMT

GET
H2 200 a-058a.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 107ms
53ms Script
application/javascript 2a02:26f0:6c00::210:ba8b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-058a.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba8b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4e9d2a77d140a9399e579cd77a6581da46c9e2e24014b9971a515849afd924e6

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 08:53:30 GMT
etag: "7644b49cb38a870e9d296bca132730c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 9826

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-54716522-2&cid=1152273548.1612021182&jid=574001431&gjid=1734870754&_gid=1531030888.1612021182&_u=aGDAgUArQAQCAE~&z=154137241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 30 Jan 2021 15:39:42 GMT
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
421 B 36ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34219538-1&cid=1152273548.1612021182&jid=1551425927&gjid=2058940526&_gid=1531030888.1612021182&_u=aGDAiUArRAQCAE~&z=2068902586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 30 Jan 2021 15:39:42 GMT
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 88 KB
34 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm33&cid=1152273548.1612021182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83ef8ee942d4c0d1ce238dbc3e77b8c0322a9c2ac87855776ae56212b2050260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34585
x-xss-protection: 0
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=706207852&t=pageview&_s=1&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&ul=en-us&de=UTF-8&dt=Events%20%7C%20roanoke.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUArQAQCAE~&jid=574001431&gjid=1734870754&cid=1152273548.1612021182&tid=UA-54716522-2&_gid=1531030888.1612021182&gtm=2wg1k0TDWDC2&cd1=desktop&cd2=roanoke.com&cd3=editorial&cd4=error&cd6=404&cd14=Undefined&cd17=null&cd20=anonymous&cd23=events&cg3=404&cd21=Roanoke&cd22=flex-editorial&cd30=31&cd31=Partly%20Cloudy&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=5&cd106=Page%20View&cd107=0&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd89=1152273548.1612021182&z=1920372236

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 06:04:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34525
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 06:04:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34525
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 961211893969940 Show response
connect.facebook.net/signals/config/ 244 KB
70 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/961211893969940?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2bd3a28cad3b3253e1d97b9c9d60bdd42705484e6284cb82e14ba71836157ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 71148
x-fb-rlafr: 0
pragma: public
x-fb-debug: 5J00qPlJUhfgW8+oVnJnWQcooOnAUTdB8lzPsl23egl2ZJvHLSRjJaOGASxLGaRTpVxQ+ojukHJ0C2Q3GjnyDg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 30 Jan 2021 15:39:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1107358798
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
161 B 14ms
13ms Other
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G2BL49024K&gtm=2oe1k0&_p=706207852&sr=1600x1200&_gaz=1&ul=en-us&cid=1152273548.1612021182&_s=1&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&dr=&dt=Events%20%7C%20roanoke.com&sid=1612021182&sct=1&seg=0&en=page_view&_fv=2&_ss=1&up.status=anonymous&up.subscription=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
stats.g.doubleclick.net/g/ 0
23 B 15ms
15ms Other
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2BL49024K&cid=1152273548.1612021182&gtm=2oe1k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 50ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2BL49024K&cid=1152273548.1612021182&gtm=2oe1k0&aip=1&z=607778296

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 33ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34219538-1&cid=1152273548.1612021182&jid=1551425927&_u=aGDAiUArRAQCAE~&z=868990820

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34219538-1&cid=1152273548.1612021182&jid=1551425927&_u=aGDAiUArRAQCAE~&z=868990820

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-54716522-2&cid=1152273548.1612021182&jid=574001431&_u=aGDAgUArQAQCAE~&z=291269630

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 41ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-54716522-2&cid=1152273548.1612021182&jid=574001431&_u=aGDAgUArQAQCAE~&z=291269630

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba8b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba8b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 09:48:23 GMT
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-amz-meta-version: 0.2.0
content-type: application/javascript
x-edgeconnect-cache-status: 1
cache-control: max-age=1321
accept-ranges: bytes
content-length: 2374

POST
H2 200 /
www.facebook.com/tr/ 0
81 B 19ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryPHCm6cEBEYJ2g8AC

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 30 Jan 2021 15:39:42 GMT
content-type: text/plain
access-control-allow-origin: https://roanoke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 17ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&rl=&if=false&ts=1612021182810&cd[custom_param]=roanoke.com&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612021182806.139792822&it=1612021182756&coo=false&rqm=GET

Requested by

Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 30 Jan 2021 15:39:42 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited...
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimite...

0
528 B

48ms
48ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&c9=&cs_ak_ss=1
Requested by: Host: roanoke.com
URL: https://roanoke.com/events/garena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey/event_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Jan 2021 15:39:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1612021182823&ns_c=UTF-8&cv=3.5&c8=Events%20%7C%20roanoke.com&c7=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 30 Jan 2021 15:39:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fev...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fe...

13 B
569 B

441ms
131ms

XHR
application/json

3.213.73.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&se=e30&dtstmp=1612021182904&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.73.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-73-156.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:43 GMT
x-pixel-event-id: 732e4cc8-95c3-4663-b10d-8b1dfbb7d7b5
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 5a33fc27785d1d1b

Redirect headers

date: Sat, 30 Jan 2021 15:39:43 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-058a&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&se=e30&dtstmp=1612021182904&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://roanoke.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 4e8f945bcc5d16ba
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Si... Frame A5A4
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%2...
https://bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20To...

0
0

93ms
93ms

Document
text/html

99.80.128.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.128.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roanoke.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://roanoke.com/

Response headers

date: Sat, 30 Jan 2021 15:39:43 GMT
content-type: text/html;charset=UTF-8
content-length: 1353
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.245
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 27-Oct-2021 15:10:00 GMT;SameSite=None;Secure _cc_id=53234782ad37913bebb23356f3a2855c;Path=/;Domain=crwdcntrl.net;Expires=Wed, 27-Oct-2021 15:10:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMDU2MjYxtzBKTDE2tzQ0TkpNSjIyNjY1SzNONLIwNU1mAIIE0dr9DHAg0vDtIDfjG1OG%2F4yMDJs%2BnOWHsSftOwIXv3uyiw%2FGPn%2F3HFzNt3NdgjD2vDt34WqWr0foXf6nEMb8%2B9kSxryweA4LjH32pDqMee7oIWYYe876p3BDLj%2B%2FIwtjH0bSOu3hZxUY%2B9KpR2ww9oeG%2BwJwWzdOgasHAC5fYm4%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 27-Oct-2021 15:10:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIEK3dzwADLAyM66aDGMwau0AU4wYRMLVuPpAEAIQ%2FBfQ%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 27-Oct-2021 15:10:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

date: Sat, 30 Jan 2021 15:39:43 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6892/rand=595945462/pv=y/int=%23OpR%2364504%23BH%20Media%20Group%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364505%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364507%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Site%20Section%20%3A%20events/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2364514%23BH%20Media%20Group%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2364515%23BH%20Media%20Group%20%3A%20roanoke%20%3A%20Article%20Category%20%3A%20roanoke%20times/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.30.0
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=961211893969940&ev=Microdata&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&rl=&if=false&ts=1612021183310&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Events%20%7C%20roanoke.com%22%2C%22meta%3Akeywords%22%3A%22roanoke%20times%22%2C%22meta%3Adescription%22%3A%22This%20page%20no%20longer%20exists%20or%20has%20been%20removed%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Froanoke.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F00f1ee32-f2d0-11e6-9926-f7249dbfe53a.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Atitle%22%3A%22404%20Error%22%2C%22og%3Adescription%22%3A%22This%20page%20no%20longer%20exists%20or%20has%20been%20removed%22%2C%22og%3Asite_name%22%3A%22Roanoke%20Times%22%2C%22og%3Asection%22%3A%22Events%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Froanoketimes%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Froanoke.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Fyoutube%22%5D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Froanoke.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Finstagram%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1612021182806.139792822&it=1612021182756&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 15:39:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 30 Jan 2021 15:39:43 GMT

GET
H/1.1 200
OK Cookie set a-058a
i.liadm.com/s/c/ Frame E178 0
0 499ms
133ms Document
text/html 54.227.229.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-058a?s=&cim=&ps=true&ls=true&duid=f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNN&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.229.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-229-225.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://roanoke.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=138a0e45-ec48-40a5-819c-3d9ae811d9bf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://roanoke.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Jan 2021 15:39:44 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhDPDjIFCAoQzw4yBQh6EM4OMgYIiwEQzw4yBQgLEM8OMgUICxDPDjIFCHkQzg4; Max-Age=2592000; Expires=Mon, 01 Mar 2021 15:39:44 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 646
Connection: keep-alive

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
44 B 13ms
13ms Other
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe1k0&_p=706207852&sr=1600x1200&ul=en-us&cid=1152273548.1612021182&_s=2&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&dr=&dt=Events%20%7C%20roanoke.com&sid=1612021182&sct=1&seg=0&en=scroll&_et=410&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=202&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
analytics.google.com/g/ 0
335 B 47ms
13ms Other
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G2BL49024K&gtm=2oe1k0&_p=706207852&sr=1600x1200&ul=en-us&cid=1152273548.1612021182&_s=2&dl=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&dr=&dt=Events%20%7C%20roanoke.com&sid=1612021182&sct=1&seg=0&en=scroll&_et=170&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roanoke.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Jan 2021 15:39:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roanoke.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.roanoke.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .roanoke.com
.roanoke.com/	1970-01-20 09:18:13	Name: _lc2_fpi Value: f29f414003b2--01ex9z6ca4tvjn1htmwh0dd02x
.roanoke.com/	1970-01-20 09:18:13	Name: _ga_NFTGWT90ER Value: GS1.1.1612021182.1.0.1612021182.0
.roanoke.com/	1970-01-20 00:32:37	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Jan+30+2021+16%3A39%3A42+GMT%2B0100+(Central+European+Standard+Time)&version=6.6.0&hosts=&landingPath=https%3A%2F%2Froanoke.com%2Fevents%2Fgarena-free-fire-hack-2020--unlimited--diamonds-and-coins-generator-no-survey%2Fevent_0e50a482-a8e0-11ea-9a92-5cb9017bff17.html&groups=C0002%3A1%2CC0001%3A1
.roanoke.com/	1970-01-19 15:47:01	Name: _dc_gtm_UA-54716522-2 Value: 1
.roanoke.com/	1970-01-19 15:47:04	Name: AMP_TOKEN Value: %24NOT_FOUND
.roanoke.com/	1970-01-19 17:56:37	Name: _fbp Value: fb.1.1612021182806.139792822
.roanoke.com/	1970-01-20 09:18:13	Name: _ga Value: GA1.1.1152273548.1612021182
.roanoke.com/	1970-01-20 09:18:13	Name: _ga_G2BL49024K Value: GS1.1.1612021182.1.0.1612021182.60
.roanoke.com/	1970-01-19 15:47:01	Name: _dc_gtm_UA-34219538-1 Value: 1
.roanoke.com/	1970-01-19 15:47:44	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1612021182121]]
.roanoke.com/	1970-01-19 15:48:27	Name: _gid Value: GA1.2.1531030888.1612021182
roanoke.com/	1970-01-20 00:32:37	Name: usprivacy Value: 1YNN
.roanoke.com/	1970-01-19 15:47:01	Name: _dc_gtm_UA-54716522-7 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1) Message: Google Survey: script loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.de
ampcid.google.com
ampcid.google.de
analytics.google.com
b-code.liadm.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
cdn.cookielaw.org
connect.facebook.net
contributor.google.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
i.liadm.com
roanoke.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
stats.g.doubleclick.net
survey.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.roanoke.com
104.108.64.33
104.18.131.43
13.225.80.8
143.204.93.112
192.104.183.209
2600:1f18:730:b130:2c1a:486d:f5df:3ec7
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2011
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:81e::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a02:26f0:6c00::210:ba8b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.213.73.156
54.227.229.225
99.80.128.92
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18fb9902b991d4b905ab7bfdb46be0341888e5d1eacf00525257cf46cea4ae95
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
2a552087b0fe668fef8867a91c29783900fbd54acb6d81195c7b0ae6c1ca4f1d
2bc3299190e5b8b763c6213e4749e33d846de9af2cbb6b4ac5b881b791fb51b6
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
3a58ad136757e89ae2d0ec11ad1bff134b16364668e21da703c7983100815a7e
4293be8d33e27db86fe90dbf6a1ad2ee18211ed05dc2eeea26e09d800272919f
4c188a2fc586538993680a328bfbb2aef3b22700cc77e3428d87509076dc0f98
4e9d2a77d140a9399e579cd77a6581da46c9e2e24014b9971a515849afd924e6
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
501ce77a8068ae3825cd5f0d9b98001f7985b6d8a8dd4ccaf11dca188c44b7a6
507d4f7f45d340c5ae7ae084f846026dba90229d3185c72260b3b32543de63dd
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a574763f228bb33b2b17dc4a974ea2bf1375ebf60d4ae0b64cfbca66da27938
5c642bb3f897881a6f6947239aeacdc7841ec154c39c101c3c43f9322b771934
5ee82bb96be591e9b53340f17031f92692408e1cd26df408c6bfcc3953f872f6
5f7da8a9067b79210a0459c4f7ebbaa3332da1b892550f02bf17e1c8015bdd4b
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
6672531b00ade0dcd75d4dd6885b359047d6bbee1352fc3843348dce47f04b8b
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
78b4ee14a788941683d78fbaa32a35da488dd3591929ef688ac79ee7d5bae78a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ef8ee942d4c0d1ce238dbc3e77b8c0322a9c2ac87855776ae56212b2050260
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c43b071a561831eb3fdec7dc65ac389223008ccd3cccc161daf496b50907d20
8d7e5168ec023efae8c97daedcea417437cb58058bdcec97d29a5bfd928e62de
8fc46875ced5115fe4cd39df93d22a29f513889d050b6d4f8d7424489974e9a9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9d27336bc235ad1db35d729e49a2564d808be39c8b8324516a5d3f61d41c861e
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9fab16d26fcd7fe22ce52628916f739d4aa3ca3715de7132324c9ac9c1edcac
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c38026660cd10788b09fe593cdbdd9427aa7f351c648d299a287577b20693056
c3c7e905b64390e5e80b053d36eb03af8b1aaa379b839c22a191b0d271f92da2
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf72b6c515de094089451e1954e8008b384ec15455c093f05f6648fdb86eccfb
d393f808dbca7a6144152bc5eeb1bf7e53fa860971ec52240d403626c0d4b9a2
d82a204e715225c3a20150132ce8c0fb205ae0a193f01b03194c245764c31ee8
d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d
dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e352352636b0a8105ce1f93751a6b1d55b85c254bd63d328d5f7bae8fa8a31c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2bd3a28cad3b3253e1d97b9c9d60bdd42705484e6284cb82e14ba71836157ce
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f596ae49d8e7097185eb1b692f9daa3d4620758defe3beb8b3fd0a1815f8d33a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da

roanoke.com Open in urlscan Pro 192.104.183.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

88 Requests

100 %HTTPS

69 %IPv6

16 Domains

29 Subdomains

26 IPs

6 Countries

1544 kBTransfer

3708 kBSize

14 Cookies

6 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roanoke.com Open in urlscan Pro
192.104.183.209 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

69 %
IPv6

16
Domains

29
Subdomains

26
IPs

6
Countries

1544 kB
Transfer

3708 kB
Size

14
Cookies

88 HTTP transactions
2 data transactions