ro18y.un974.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ro18y.un974.com/
Submission: On June 09 via api (June 9th 2024, 12:23:12 am UTC) from US — Scanned from NL

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 75 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ro18y.un974.com.
TLS certificate: Issued by E1 on April 21st 2024. Valid for: 3 months.

This is the only time ro18y.un974.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.92.226 163.181.92.226	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	18.172.112.11 18.172.112.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	163.181.92.227 163.181.92.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 3	52.30.232.89 52.30.232.89	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:235... 2600:9000:235a:b400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:5600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.21.72 35.156.21.72	16509 (AMAZON-02) (AMAZON-02)
1	54.171.118.212 54.171.118.212	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
1 1	52.30.166.91 52.30.166.91	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
75	17

48 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ro18y.un974.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.226 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-11.fra60.r.cloudfront.net

tags.benarnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.227 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.232.89 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-232-89.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:b400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.21.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-21-72.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.118.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-118-212.eu-west-1.compute.amazonaws.com

bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssc.benarnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.166.91 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-166-91.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	un974.com ro18y.un974.com	523 KB
6	gstatic.com fonts.gstatic.com	144 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	22 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 250 bbg.demdex.net — Cisco Umbrella Rank: 157188	2 KB
3	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1326	29 KB
2	sharethis.com buttons-config.sharethis.com — Cisco Umbrella Rank: 5759 l.sharethis.com — Cisco Umbrella Rank: 5547	1 KB
2	benarnews.org tags.benarnews.org ssc.benarnews.org	30 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 71507 collect-v6.51.la — Cisco Umbrella Rank: 53775	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	96 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	346 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1363	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 209073	267 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
0	hk88casino.com Failed www.hk88casino.com Failed
75	14

	Domain	Requested by
48	ro18y.un974.com	ro18y.un974.com
6	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	tags.benarnews.org www.google-analytics.com
3	tags.tiqcdn.com	tags.benarnews.org
3	dpm.demdex.net	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	ssc.benarnews.org
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.benarnews.org
1	bbg.demdex.net	tags.benarnews.org
1	l.sharethis.com	ro18y.un974.com
1	buttons-config.sharethis.com	ro18y.un974.com
1	collect-v6.51.la	sdk.51.la
1	fonts.googleapis.com	ro18y.un974.com
1	tags.benarnews.org	ro18y.un974.com
1	sdk.51.la	ro18y.un974.com
0	www.hk88casino.com Failed	ro18y.un974.com
75	19

This site contains no links.

Subject Issuer	Validity	Valid
un974.com E1	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
tags.voatibetan.com Amazon RSA 2048 M03	`2023-12-07` - `2025-01-04`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ssc.benarnews.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-09` - `2025-03-11`	a year	crt.sh

This page contains 2 frames:

Frame: https://www.hk88casino.com/
Frame ID: FFD92B83F8F98084227CE5BA7CCC77C4
Requests: 74 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 678DAEDA31F7B62B52513578B5F2AB6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

75
Requests

96 %
HTTPS

47 %
IPv6

14
Domains

19
Subdomains

17
IPs

5
Countries

862 kB
Transfer

2080 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987

Request Chain 65

https://cm.everesttech.net/cm/dd?d_uuid=18901514316647813623539289989656136979 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmT1zgAAAKijVgOJ

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ro18y.un974.com/ 36 KB
10 KB 9516ms
9462ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61e54b63f15a1240e4b4b249b6dcb2b30de20caf221a01ea45785c7cb23495d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 890cf7880a315d5f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 09 Jun 2024 00:22:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ez9jXWynoUiEMeujQ%2FjSB4TzuPsNAT838%2Bse2TTTq1MQVgdur5M5o1DY0Cw4qOCIP7cavcOSGwDlTW7%2BnKImN1OPStrg0Zhzc%2Fnb70TUaNN86JitxHh7tfBatuVJkzpkkw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 610 KB
202 KB 488ms
487ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/default.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 04:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659ccc3c-98882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GO3snEJLmo8qvFApaZDWHmzvL4jmM%2FSMQUdI%2F8iL6YWBAIUW9hSJwa%2F8rAW3WG%2BbrlBMy%2B6Ha0PNj6YlvGV3yKRJnENRzRucUC8cJrQLqYPFKonv87K3IdhVCRSru2PqFrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339cb5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 default.css
ro18y.un974.com/template/Brasil/a3/css/ 206 KB
44 KB 469ms
468ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/default.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:41:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652778fc-33879"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIR3oyq1PoYZjYaKys5EIx5mpVLQ5MzcAuf8QYEEJBmPC7pw8G12zjxZ%2F8d%2F%2Fdj4KLqjphIrzMRrotbaq56yXUkS09l%2BdryiQoWMtL0fMVtwVnVDH91yZy3%2F7%2B32qZ49diI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339ce5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.css
ro18y.un974.com/template/Brasil/a3/css/ 405 B
657 B 343ms
340ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/custom.css?timestamp=2022-06-24%2018:14:15.614318
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:40:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652778d0-195"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzPh5p3GlTV%2FDHfW4teYcVXz5NGcqKVBdIzkLEvhW2dbVYG8R0Yl4M6BPYa3qQhFuscishDruSaUl22B7wma9hZM6nrn%2FCAi0kUA4UUODeanS1PFV350eWUryT5Yl2N2%2F6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339d15d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tealium.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 1 KB
948 B 325ms
323ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/tealium.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779cc-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJ44Q7ZvPX%2BYmt8NfHJb95RoxuBuBYkv%2FO9FpgVIGdUc4l85OvJdZ6HD6UKdRCOJF3va8%2BE5h4FVXLAruajwBaLirDV9B18BMiozuTSu3al%2F%2Fku5k6b1arRy8e8UlfslJ1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339d35d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 modernizr-2.6.2.min.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 15 KB
7 KB 324ms
322ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/modernizr-2.6.2.min.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779d4-3c2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G27t7pjXxlpEFhjA4m%2BSVWTptw65JIOTwzoMfX9GEMetB0UwTP30WTo7IQfbGBtvb7Uk0rvyHZTVruTmy4oh6BvhAqKounchnizSoeGMhHlPihGKYHTU01Ov6OhkAqiDPTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339d45d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 utag.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 252 B
610 B 346ms
344ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/utag.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779e8-fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rThmzEzcPNRSfxxgzJoPtTsKFM09XO80A6WrjkUvqENLTq%2FKAn5B1BMyo5eteTxhGYOFWjkHQK%2FHJZYP6itW8%2B6d8qoIGLQ3HKWCFvW%2B12a1EqJKFihxgaeTF9nRUpgDlvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339d55d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fancybox.min.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 67 KB
25 KB 507ms
505ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/jquery.fancybox.min.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779f4-10a9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDER7b%2B529YJfcHuAoN2GznQzLXf3tQyy%2FclnYQMylRkISGNLTv41h6B21Y1TJ5QJZJ6rGFvqcluKNStcOs5HffPjzMThH07b7iTGMKlDoDzPE4BRW8caXIZt%2B6Q%2BkO%2F2qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339d85d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sharethis.js
ro18y.un974.com/template/Brasil/a3/js/ 203 KB
54 KB 470ms
469ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/sharethis.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a04-32d37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4Et%2FO8Unk%2Fkx0YSv33n4My0Eehds97QnKLHxpNoF7w5fBXYJcHhilzya%2Fd9avHudhenwR1AJjm65YxC03PGXtk6sOss4MK2tYe6V5AeVnbESlc9quQEycahkplTVGAu%2FQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7e5ddbc5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 trackingdata.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 2 KB
1 KB 326ms
324ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/trackingdata.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a10-733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJ6DtEWqj%2FEwCw2QsDdJPf1Wxw1qB6fBj1R7KfER%2BjEaTsxK3w5vCx5BC3yT6eJ%2FqHqEAyahru%2FzckbN05%2FncazHsdW1ivuDbvtDHdHSsEsslNyQwPYeP%2FiAx3LJR%2B1Ctlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339da5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rfa_responsive.css
ro18y.un974.com/template/Brasil/a3/css/ 42 KB
8 KB 329ms
326ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/rfa_responsive.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277842-a613"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbPIme1ZYtBQtuQFbQ5N42NE5anb1BVg1ciNm68OFVoz85iQDeGAz0%2B%2BpmIKl4fzfgmlR%2BzrzpTR6gb6fNsAWqFMvESps0DIh%2BEqcnV3vuzY7iVCozz57VMqTZneAk3Kjt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339dd5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 jquery.sidr.dark.css
ro18y.un974.com/template/Brasil/a3/css/ 0
0 5538ms
5536ms Stylesheet
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/jquery.sidr.dark.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2Fa2iwiYcyszrxHMz%2BEMquX0qTtWH1CRi6LsgqJQbSfja0MuTakiIV%2F3VrH8hFNujTHw7jofgAnDXevw1aSQAT7Hwl2wSp%2FgZxLToDsoawycspx4ieUOUMWatrxQ8W5SE4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 890cf7c339e05d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sidr.min.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 4 KB
2 KB 327ms
325ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/jquery.sidr.min.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a1c-e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FgmzMq1lt154nLWDzPkF%2Ff17D39I5liodqWxDwnOnd2iM7pADAXsXEmDw%2FPwIcQ1px6qxtGQvZMZvP%2Ba76HJM2J8N0A1%2BhEOfAjErNkj7FVsfHYmNmYYqmPgj8KLptWXR98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339e25d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 benar.css
ro18y.un974.com/template/Brasil/a3/css/ 7 KB
2 KB 347ms
345ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/benar.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277856-1ae8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwXT9wHwcO%2B1cctFJul5tFR4jT9SCAxUywEnJBte6pvILaMAchQkoFX7t%2BjBKztysG6S0NZqr6eZKWS5P5vCSzP%2BADnhQ4jh4funOEzZmAVtsbueSGFXkbAtMAy%2BVvcSbTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339e35d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 service.css
ro18y.un974.com/template/Brasil/a3/css/ 71 B
511 B 348ms
346ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/service.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277862-47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLlxWJX5nDFT%2BTxuTu0j09Jv6gx8vaA2SyQHzAwDl0j5EePlh8GP7Sg7Vpb3RL72OTtjluDLyK%2FmC6naIuNLvLxLZi4CA%2F4ysEqmyDaBRByJTF3RJVWG4azTnka8wUpoA0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339e45d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kplayer.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 5 KB
2 KB 348ms
346ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/kplayer.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a28-14ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fT6BfoY8LJkbNBu%2BzAgFd769Ne8epcIyLY3b5FFeepaTEKyGHqDpFuesyux6gxfQ%2Bvf4SGj31gYPoeR%2F8OxwsU7NeyTlGuEN3SqHiZU6iXzMMLsg34LYimdm1pC5KNKkVns%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7c339e55d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 orsxg5a.script Show response
ro18y.un974.com/js/ 69 B
478 B 5420ms
5418ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/js/orsxg5a.script
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a5e1645a903494ee67716aa35ff8e2e00ba2adc530cdfca0b34dd5ce517e2d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oasXN6pi7EZP3YcPL%2BwQQSPjTRdndB0wrpsLGIhxJfqmIjqDKmxFRpy5uQVLfhf8GKa3ZrVgkZftOrQx4YHJdcPKwMPaKO1weRBjR16cQo3Jtzd8%2B3Qhdtd%2BV2LZE51eiBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 890cf7c339e65d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 slick.css
ro18y.un974.com/template/Brasil/a3/css/ 5 KB
2 KB 348ms
346ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/slick.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:39:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527787c-1352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kJu0EY9kxxpqxIQi92ODJn257%2B7yzDBZWVOJa8dEBgXhccGSW1g0rEGQ%2F2xlw5HdCKoVCpVEt8KMIF7mHx8%2Fn%2FouMcObZPsjDXIhj5PkmzqoWYfEAn9s%2BggQJULguh%2BaGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7c339e75d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
ro18y.un974.com/uploads/images/ 10 KB
10 KB 5540ms
5537ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/logo.png?n=&w=180
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash: 0ce5a9c1701c608219cee0ceb496e1311242be718d84819ab243ad85138ea581

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:37 GMT
cf-cache-status: MISS
last-modified: Sun, 09 Jun 2024 00:22:37 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RtITSyVIjbPw5PHNakNhvdwxrxGpOYLDdSHkMyMAI40GPCqMX9m9vVxsFF753L%2FRrV3dRMohFKb%2BRz98rVruCpsG6lN3zK6DcAUTCbK0wK%2FYwtuR77NGjR%2F7cdBsHWk8Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=14400
cf-ray: 890cf7c339e95d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:37 +0000

GET
H3 200 header_enlink_black.png
ro18y.un974.com/template/Brasil/a3/image/ 8 KB
8 KB 349ms
346ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/header_enlink_black.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277bfa-1f82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZMk3PU0n4fCxt3s2B6sioq9SlJw9BSi09hhZvqcl9DXhUXtyqLqgq2kzr1I6r6rLrWJ42av9Y8mRJCHTMt%2FzuC2gpvZMQQsAZwTe3hUwg8KupAIfj1hPh7t9Y25ac%2BZhn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7c339ea5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_idlink_black.png
ro18y.un974.com/template/Brasil/a3/image/ 11 KB
11 KB 327ms
326ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/header_idlink_black.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c00-2cbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpTAiLNOZFBRotqVBiC7gkwnp0io9PnbaNvBAkaDpNSMHv0t84mMU9eVYKYT9CxwJYLYcHYC%2Ff9uhVh8zSOKuTbQ%2F9hi%2FjkQT60fnesHHjVfMYloEwanzpbVnIYIgUrdClE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7c57b035d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_mslink_black.png
ro18y.un974.com/template/Brasil/a3/image/ 12 KB
12 KB 324ms
324ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/header_mslink_black.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c06-2f8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHD21QYmEqr23Zra5AJJ%2Fa6vhec02MQgZ9kQLHnx0AfGYO%2FRCXSQQjoDNoVmvCEBrcq5NMbW%2BIrRZlax04kjSoMBJluuL3w472zZWeGwzz8vEXC2KfUJoEFDmd%2FK9GhzMhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7c78c635d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_thlink_black.png
ro18y.un974.com/template/Brasil/a3/image/ 7 KB
7 KB 322ms
322ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/header_thlink_black.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c08-1afb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJM3NirSeB%2F%2BZJHT3TXYVxaTZKP3ppjzmCEU0ztBjOFbmzhY%2BM4F7yro3a%2BgrciEUP0vN%2BH0z2vKOk8WDNP%2FYdkHmXjsSqruf7oPhw8zImNAO0Y9T%2F5nXneYfL8UK7cPB0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7c99d665d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_bnlink_black.png
ro18y.un974.com/template/Brasil/a3/image/ 7 KB
7 KB 343ms
342ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/header_bnlink_black.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c0c-1cb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Og013KF2KTPdFSU7qwnIqMG%2FmaR0uwiKi2mslV%2FPW2O%2BR8AgfS8Q2QqMkBATaF%2FJJAgDHf1KNg94fN3mBpAGZBvu3p%2Fwm%2B2weCBCifoXURsOuB1iRumW2U3TV7tQ4I6zeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7e66e135d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Gzwuh69hMlOwj7btqUVk
ro18y.un974.com/uploads/images/ 4 KB
5 KB 5226ms
5226ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/Gzwuh69hMlOwj7btqUVk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:42 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=caBmq8g8wwmnBWR5OEm7OQ7C4UScf2fH6c8tdKOhcDR8MIUHvmfVYhpghabuyDwfXPvRVFLmQ7DrnxCHHSfaOGjgGGD3DdqPru3uRwuiq8dVJsOsgwIzldPRGEbkyjKMk38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e66e145d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:42 +0000

GET
H3 200 D2SmMJ1cpz8tqfBtZD
ro18y.un974.com/uploads/images/ 3 KB
3 KB 5276ms
5274ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/D2SmMJ1cpz8tqfBtZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tq8if8Ckqnyz%2B0bDR6E13DZh0GrhjxyDciqvB%2BJPEWP3QLqH950caj7zqZUpywoKS9HjWPU36gINv0jHz1HfOc1ZUzqzomwd%2FxGm%2BBDuVHLI6OB6iVAtawDhIF0O0HX1vaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e66e155d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 D2SmMJ1cpz8toZBtZD
ro18y.un974.com/uploads/images/ 4 KB
4 KB 5281ms
5278ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/D2SmMJ1cpz8toZBtZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cJcW2nVEr77pO36onBAlDs7rDdwVwZYXTfKbshpGDXnonQts9nOwPDMWK75IEn8RBZIkuSarWx5hVs72DT7TjdS9lZIk0muu3xTzzsK7sb%2FhcxzxX8SW5Z1dIBetddRr14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e165d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 FRkJVSEbo21uplNk
ro18y.un974.com/uploads/images/ 4 KB
4 KB 5308ms
5304ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/FRkJVSEbo21uplNk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxlb%2BocxipQAtXgx5Lz2brL9kaWYCdkB%2FdEWDIWg%2BG%2FYeyp%2BlycWY%2F0Lwbp0GKiCilcVdQW76AMSnqnXnvZj02Pjs5k0b%2BXRaCnhvt%2B0kairMzOeFqPfxp6awW36kOTOYqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e175d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 ERMZVUElLJ8tkWUuh5Hk
ro18y.un974.com/uploads/images/ 4 KB
4 KB 5309ms
5306ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/ERMZVUElLJ8tkWUuh5Hk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1z396mZcRDdmGZP2UmucY9WwLyA8F4%2B3alQjxnK%2FB11Rnj%2BwyHvL9pLG5HbscgnwL1GRDfPqvdIkftsGgh7eVAgd0XWP9du5De%2FN6oJFdfwnfX%2FE0RF%2BjFXkWuqRCGIEmIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e195d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 FRkJVRuupaW5VSVk
ro18y.un974.com/uploads/images/ 5 KB
5 KB 5285ms
5281ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/FRkJVRuupaW5VSVk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9z74F8DW6k7%2BJl5GXNlsbqBEH5a6KGJxWiZBgPVH1RzkT7IIxX8iNSmWAN3hGrPHQ4gP1wK4hjsbhzd9HYwSEoYJegnnLbMOW1P7XvREvpaj%2BslHTJ71XE5O5qV30QhjAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e1b5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 GfBGGxp6VRWlnJqbZD
ro18y.un974.com/uploads/images/ 5 KB
5 KB 5320ms
5317ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/GfBGGxp6VRWlnJqbZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vf6QFYtC3xEs%2FuixvYjLPGmqXD3NhCE%2BcORi5K60ZixWevL6Ei6r%2B6nvsk51Z%2B9jyH9cdUPywygHTY2tm%2F%2B0D8wFjN02sKKl7Gk1NMz%2F1ddjDxC4qIEJNCTNclMG410OS5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e1c5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 DzSlL2RtqTuuoztk
ro18y.un974.com/uploads/images/ 3 KB
4 KB 5326ms
5323ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/DzSlL2RtqTuuoztk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c13V7kVbwOedTwua9Och%2BwPMbbFeDtwQzTFGtoipwd5MkAkz9SuGg2l3byjePo5fMRxHPMBatKbH70L%2Boup7zlg7yQYcf2Zuk2V5XgL17E3efQE1LLN4kNOFWbDBKfsp2lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e1d5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 HKKuhd10VT5aj6ZtkWUuh5xk
ro18y.un974.com/uploads/images/ 3 KB
4 KB 5315ms
5311ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/HKKuhd10VT5aj6ZtkWUuh5xk
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PR65gjC2JS1EfGFptWdootFTsQJocQCtFe%2Fmn3iV8BerVZSX40tGD2CkFbBl%2FA5b%2BSevG5ZbkIhbJ0iJrArYMj4qvpEqgguRdJI9T%2BO3INyw%2BLecV8kSm7zO1Y06ihrkc08%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e1e5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 H0kBDFOkqKauhe90VQR
ro18y.un974.com/uploads/images/ 3 KB
4 KB 5336ms
5333ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/H0kBDFOkqKauhe90VQR
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3NvILwXiqqWEXtm4XLVv7O1N6ZTNGcLWnI1I8w4AwffBX8gB6IwiugODYrjzsUCK36qDz5dypcEHKlYVzfuDFFjsXkqp0%2Fn7iVvp68YRTG1x8bya2PCakb%2B9%2FDovWk%2FW4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e1f5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 GzI5oJSlVT5b4odiLmR
ro18y.un974.com/uploads/images/ 5 KB
6 KB 5309ms
5306ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/GzI5oJSlVT5b4odiLmR
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fgp6SQif8PPJvqDxElmmmSsu332pP7ZtkOHcapFiKEqDKEpk7GySrkPMU78zGR%2F1QXhmOm%2F55oxG0F2tjlPRlEbGqqCFuVOKpuJh57il%2FS5xE8wvqJb1wTOZXW8L2%2Bnp2R4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e215d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 D2uyoUAyLFOhj6WhZD
ro18y.un974.com/uploads/images/ 6 KB
6 KB 5322ms
5318ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/D2uyoUAyLFOhj6WhZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78QgH%2B8fzyR3Uj5NufZSLQkHCOiiPZgB63%2F9G7NyiO91QZGjgnZ4GWVBa0qE9xvmgy9JOSprihBVbGH786AJkZkygGRhKf0T6xPiDfNWM3SwhQRu4B0Vxsl4gH9FUPWCe%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e235d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 IUYuh7SwVUEc4od-pPOPZD
ro18y.un974.com/uploads/images/ 5 KB
5 KB 5359ms
5356ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/IUYuh7SwVUEc4od-pPOPZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcBOGE9F19qbu0XosXMGek1dEdtggmx5dS1fxk1X1WIaGJeTOuP3r1%2FXQ5YjBMevgUlO1Y1O1r2M8wmQUG0jiyFIULPcv9Z3GLibrH%2Fy5l8KOoZdRaFDomVbPhbRtpA05XI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e245d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 FRkJVSoSdFOHnrT6i24k
ro18y.un974.com/uploads/images/ 4 KB
4 KB 5345ms
5342ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/FRkJVSoSdFOHnrT6i24k
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haQG2QIWYGwCuwFDX6unbO9b6ntMihEJlKJhqNlyRc1SZ1Ks5eL85QfiKFRrUqdKMSA%2BOHGeKqUu8q3IfqbUexC%2BSJx2rwvD21eAPZb9qWVDu%2BSss7nI7r0u5TqksuD%2FYUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e255d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 D8FDIvOOqTkyqTywZD
ro18y.un974.com/uploads/images/ 4 KB
4 KB 5346ms
5343ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/D8FDIvOOqTkyqTywZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8dLvJ2i7mMlo2bir1Mrptoi5G73CvMUDlA6bbRDmDzFnAUcEQlyoQJOwrOnrJ7XotaZ2iFmFdSKbmJAUmBLmYYENfTQuYSAxHQ%2F0HasTAQHsy6eiiHW%2FeHU4OX3aW1%2FgIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e265d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 H0kBDFO2plOYnZBuZD
ro18y.un974.com/uploads/images/ 5 KB
5 KB 5369ms
5366ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/H0kBDFO2plOYnZBuZD
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKFXP8f3BZd%2B9fx42YYZBvSKhUWC8iRn42%2FH0RpXghxSQMF7haxX0SWXO1eFk0CWzwhbxx%2FDMg%2F1fHwhZd6o%2F2nvZVtwvfKshTMeMsl3SfBMHII5cp1fkfGqwOUu%2FtVcXvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e285d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 FRkJVSuuqzxtkWUQeGR
ro18y.un974.com/uploads/images/ 5 KB
5 KB 5356ms
5353ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/FRkJVSuuqzxtkWUQeGR
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKDzc%2FASoQOa0fZijW1ClvAQtPppqaBVSmIljGEVTyggLnVVgzFosk6Nvu09sFdUV05fVr4rnmqbs%2B60QVV0CKzFgZ4N66aOgOxpkWZD9WktBT0Ovi%2Fz9RghBS3xRQRb7c8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e295d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 FRkJVSEl4odaovOHnGR
ro18y.un974.com/uploads/images/ 2 KB
2 KB 5354ms
5350ms Image
image/jpg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/uploads/images/FRkJVSEl4odaovOHnGR
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 09 Jun 2024 00:22:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Jun 2024 00:22:43 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "fad6f4e614a212e80c67249a666d2b09"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8beiqwSapzi0lI4N5IPQf8pxsLX%2FZO%2FafW9x6VwJKqiS2BDz49Stg%2B7wNCkTNOqFosUNxmJ2XFlcMRKltkh7nLyYt7Hek7OZYSZnw28AXEO898z%2F7fHBcm%2Buh%2BXjWDrH%2Bxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=3600
cf-ray: 890cf7e67e2b5d5f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 09 Jun 2024 01:22:43 +0000

GET
H3 200 5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
ro18y.un974.com/template/Brasil/a3/image/ 15 KB
15 KB 476ms
473ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/template/Brasil/a3/image/5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 05:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527871e-3bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WW4WrtqYZc5ZK%2Fbq8UuVsU%2BxieyWTEi%2Fg5gF16Kyggvk%2F9TYzYQ1m4Mctc3o757xCy8LvEB2x31RW%2F%2BQpm55UzfjeCy8v2%2BKVar6rVYSt5cVxy1GhD7aRMFdWFtkTjHmee8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 890cf7e67e2c5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
ro18y.un974.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 21ms
20ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro18y.un974.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ro18y.un974.com
URL: https://ro18y.un974.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:30:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665f08f1-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaDu6nTXWt9sUV%2BOSDnPayapUH%2FoWuwOd2R9Httef1f2lceF%2BLPpFs064LWr4V5UHl3Y%2BUoAjv%2FH%2BbfFwsA3pB55KcKzy7Ruqi3ASF0uY3mXV0xd06DIuZcXDzpzHcTPdIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 890cf7cb9e775d5f-FRA
expires: Tue, 11 Jun 2024 00:22:33 GMT

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 109ms
28ms Script
application/javascript 163.181.92.226
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.226 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:36:19 GMT
via: cache15.l2de2[734,733,304-0,H], cache21.l2de2[735,0], ens-cache1.de5[0,0,200-0,H], ens-cache3.de5[1,0]
content-encoding: gzip
x-oss-request-id: 6664B2B3DDD87E393088BE82
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 17174
x-swift-cachetime: 1296000
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth: success
x-swift-savetime: Sat, 08 Jun 2024 19:36:19 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1717875379
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b55c9717178925536392622e
x-oss-server-time: 2

GET
H3 200 juxtapose.min.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 17 KB
6 KB 322ms
322ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/juxtapose.min.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a52-42e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sL55PA7ENiWASZQ5puMJ7Tc19XE6rN8XAigqJed%2FVIHz1X9JEjdr9Fx%2BO14oskUPE03jlk2LNdqlN1u%2BVH0VWDjBpULiG22AdfmiCdGPFFEWf3UfM7W%2FFwStd%2BYGhJwP61E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7cc7ef95d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rwd-display.js Show response
ro18y.un974.com/template/Brasil/a3/js/ 1 KB
937 B 325ms
325ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/js/rwd-display.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:47:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a58-412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Yf6ad2ULN7dunFJYg96vsj1yLNCk3WAhxMJ8GuiqFTiQ6D1Jr2MVdN%2FQgqNl8aQTviz02agbWwIs4VoAouNZZamGl0%2B4NLMqXODD4cpXt8dYeWiVPXYIY9WcP46oDDLJxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 890cf7ce88045d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rfa_print.css
ro18y.un974.com/template/Brasil/a3/css/ 1006 B
931 B 338ms
336ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ro18y.un974.com/template/Brasil/a3/css/rfa_print.css
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:37:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277808-3ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhhJ0Tzpt31yxvm7jWcSEa6CQvmYR%2FIRkExy2XkeUYycrGSfc1dh0VAVH%2FyG2yGai9bYXV%2BkZdjJuGb1L2AMIYRAHyYW%2BPGaGQW6zbYihonZyKZzJIJGAUaxBGzZDcOySXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 890cf7e67e2e5d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 utag.js
tags.benarnews.org/rfa-plone/prod/ 93 KB
30 KB 134ms
29ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/template/Brasil/a3/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FDY.0NJM4HhsKtQOEZuFSgA9LnvuNNd6
content-encoding: br
via: 1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront), 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
date: Sun, 09 Jun 2024 00:21:51 GMT
last-modified: Wed, 01 May 2024 02:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9, FRA60-P8
age: 47
x-amz-server-side-encryption: AES256
etag: W/"7594f64530b372bb014f6e4d25778b91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: cbmROPkUISUnY41dT94j9QCchUMz_PwocXrBeoPuog1xAs869YjDtw==

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 82ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Requested by

Host: ro18y.un974.com
URL: https://ro18y.un974.com/template/Brasil/a3/css/benar.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac575db72ad6eb4f80ce6c8fe1d3c5b37302cedf5ec24ba6e0f4df11bd3a4534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 00:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 00:22:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 00:22:37 GMT

POST
H/1.1 200
OK collect
collect-v6.51.la/v6/ 0
622 B 814ms
199ms XHR
text/plain 163.181.92.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.227 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 00:22:38 GMT
Via: cache15.l2de2[168,168,200-0,M], cache15.l2de2[169,0], ens-cache16.de5[170,170,200-0,M], ens-cache16.de5[172,0]
Server: Tengine
X-Swift-CacheTime: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime: 1717892558
X-Cache: MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin: https://ro18y.un974.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Swift-SaveTime: Sun, 09 Jun 2024 00:22:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
EagleId: a3b55ca417178925584552843e

GET
H3 404 search-icon-white.svg
ro18y.un974.com/++theme++benar/ 13 B
421 B 5372ms
5371ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ro18y.un974.com/++theme++benar/search-icon-white.svg
Requested by: Host: ro18y.un974.com
URL: https://ro18y.un974.com/template/Brasil/a3/css/benar.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/template/Brasil/a3/css/benar.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C01sqJSSS43EpT598%2BXcN99TdKSBJMHebj96v1FlhorvhKXBFbAMJfNjK1MsgQCB7ErRWl6qpfcQ2jxvwvZsLrum%2BWvqoQT6XAP0LzutmQCtUoNq9fPeamN7x%2F64Bh9CZS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 890cf7e68e335d5f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 28 KB
28 KB 93ms
32ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:17:22 GMT
x-content-type-options: nosniff
age: 155115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 05:17:22 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 112ms
52ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:46:28 GMT
x-content-type-options: nosniff
age: 135369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 10:46:28 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 20 KB
20 KB 147ms
86ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:46:07 GMT
x-content-type-options: nosniff
age: 135390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19988
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:52:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 10:46:07 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 7 KB
7 KB 145ms
85ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 22:48:22 GMT
x-content-type-options: nosniff
age: 92055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 22:48:22 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 30 KB
30 KB 126ms
65ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:25:55 GMT
x-content-type-options: nosniff
age: 140202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30860
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 09:25:55 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCIIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 11 KB
12 KB 87ms
27ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCIIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://ro18y.un974.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:53:09 GMT
x-content-type-options: nosniff
age: 145768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11384
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 07:53:09 GMT

GET /
www.hk88casino.com/ 0
0

GET
H2

200

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987

362 B
909 B

33ms
32ms

XHR
application/json

52.30.232.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987

Protocol

Server

52.30.232.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-232-89.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ro18y.un974.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v061-0d40ae434.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 09 Jun 2024 00:22:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: ctQ6roLYRFo=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://ro18y.un974.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 305
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v061-0e703236a.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 09 Jun 2024 00:22:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: jXflBpJ5RMs=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1717892557987
access-control-allow-origin: https://ro18y.un974.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.12.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 76 KB
21 KB 860ms
408ms Script
application/javascript 2600:9000:235a:b400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.12.js?utv=ut4.46.202405010255
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zBCgpP2P6msgVFXBkTUxumeVONNylPwL
content-encoding: br
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
date: Sun, 09 Jun 2024 00:22:39 GMT
last-modified: Wed, 01 May 2024 02:55:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"178dc6f1d29b8d5a166fc4a3dffc1f18"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5KpyqgAxnW7Ehjcaf0e3Jm3XZK0U3jxufxG2OnngcD56wdvfkFTuQA==

GET
H2 200 utag.10.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 27 KB
7 KB 854ms
404ms Script
application/javascript 2600:9000:235a:b400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.10.js?utv=ut4.46.202405010255
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nWu41g9NjJBi_NPE9AJiqJkPpZrCC8wa
content-encoding: gzip
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
date: Sun, 09 Jun 2024 00:22:39 GMT
last-modified: Wed, 01 May 2024 02:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"24a5c9e941438caa2bcd5478cdbcb1ea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SbB7TkdwVF7qnSUa_tRAWZ3FnQX6Cs5mUNpeY0oPxvOduEXMR09m7A==

GET
H2 200 64a839b20f9156001a291819.js
buttons-config.sharethis.com/js/ 601 B
1 KB 508ms
407ms Script
text/javascript 2600:9000:20eb:5600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/64a839b20f9156001a291819.js

Requested by

Host: ro18y.un974.com
URL: https://ro18y.un974.com/template/Brasil/a3/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:39 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 16 Aug 2023 15:47:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
etag: "370bea9f6125866f5613be2d1df7fc31"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 601
x-amz-cf-id: iC4OkjrYyCp7pvmBtmPRcWSYHUHReukpIpSuMTeVs0lSinz9risnEg==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
402 B 139ms
22ms XHR
text/plain 35.156.21.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=ro18y.un974.com&location=%2F&product=sop&url=https%3A%2F%2Fro18y.un974.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%C4%91%E1%BB%93ng%20h%E1%BB%93%20th%C3%B4ng%20minh%20smartwatch%20uwatch%20w88(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&cms=unknown&publisher=64a839b20f9156001a291819&sop=true&version=st_sop.js&lang=en&ua=%22Google%20Chrome%22%3Bv%3D%22125%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22125%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22125.0.6422.141%22%2C%20%22Chromium%22%3Bv%3D%22125.0.6422.141%22%2C%20%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22&ua_platform_version=10.0.0&uuid=97b5cd62-a79b-40ad-a7c6-189a204a532d

Requested by

Host: ro18y.un974.com
URL: https://ro18y.un974.com/template/Brasil/a3/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.21.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-21-72.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 00:22:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ro18y.un974.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 dest5.html
bbg.demdex.net/ Frame 678D 0
0 106ms
32ms Document
text/html 54.171.118.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.171.118.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-118-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ro18y.un974.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 09 Jun 2024 00:22:38 GMT
dcs: dcs-prod-irl1-1-v061-00df4207c.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 11:56:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: s7jXf714Q6I=

GET
H2 200 id
bbg.sc.omtrdc.net/ 2 B
267 B 112ms
36ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=18882125403463492893535739695916364744&ts=1717892558528

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Jun 2024 00:22:38 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://ro18y.un974.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZmT1zgAAAKijVgOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=18901514316647813623539289989656136979
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmT1zgAAAKijVgOJ

42 B
716 B

34ms
33ms

Image
image/gif

52.30.232.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmT1zgAAAKijVgOJ

Protocol

Server

52.30.232.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-232-89.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ro18y.un974.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v061-0accb011a.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 09 Jun 2024 00:22:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 2ZnBImdXR4M=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZmT1zgAAAKijVgOJ
Date: Sun, 09 Jun 2024 00:22:38 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 84ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jun 2024 22:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6810
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 09 Jun 2024 00:29:08 GMT

GET
H2 200 utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 21ms
20ms Script
application/javascript 2600:9000:235a:b400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rfa-plone/202405010255&cb=1717892558879
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 09 Jun 2024 00:19:21 GMT
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: zQorfWiV801YQkX5zu0j4cQC8UZSXdqc-lwm5AJWhM527QUbKnPvSw==

GET
H2 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jun 2024 01:04:37 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
221 B 34ms
33ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=930447796&t=pageview&_s=1&dl=https%3A%2F%2Fro18y.un974.com%2F&ul=nl-nl&de=UTF-8&dt=%C4%91%E1%BB%93ng%20h%E1%BB%93%20th%C3%B4ng%20minh%20smartwatch%20uwatch%20w88(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAiAAjBAAAACAAI~&jid=2037309112&gjid=613646680&cid=1428780468.1717892559&tid=UA-136743351-1&_gid=943561043.1717892559&_slc=1&cd1=https%3A%2F%2Fro18y.un974.com%2F&cd2=ro18y.un974.com&cd3=BenarNews&cd4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&cd5=section&cd6=section&cd7=Home&cd8=062f5af91d2a4b8b801d01bd046c3774&cd9=nglish&cd10=BenarNews&cd11=English&cd12=Benar%20English&cd13=Desktop&cd14=500&cd15=RFA-BN%20English%20Responsive&cd16=prod&cd17=Yes&cd18=english&z=1258351985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 00:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ro18y.un974.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
346 B 75ms
21ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136743351-1&cid=1428780468.1717892559&jid=2037309112&gjid=613646680&_gid=943561043.1717892559&_u=KGBAiAAjBAAAAGAAI~&z=869298652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jun 2024 00:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ro18y.un974.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 277 KB
96 KB 104ms
42ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:22:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jun 2024 00:22:39 GMT

GET
H2 200 s46389028975948
ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa,bbgnewsappstsdk/1/JS-2.23.0/ 43 B
372 B 129ms
34ms Image
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa,bbgnewsappstsdk/1/JS-2.23.0/s46389028975948?AQB=1&ndh=1&pf=1&t=9%2F5%2F2024%202%3A22%3A39%200%20-120&sdid=0809A3A52272427D-512EA98E5651DB6B&mid=18882125403463492893535739695916364744&aamlh=6&ce=UTF-8&ns=bbg&cdp=2&pageName=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&g=https%3A%2F%2Fro18y.un974.com%2F&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=%2F&server=ro18y.un974.com&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fro18y.un974.com%2F&v4=section&v5=home&v6=benarnews&v10=01%2F27%2F2021&v11=15&v13=english&v14=062f5af91d2a4b8b801d01bd046c3774&v15=english&v16=benar%20english&v17=desktop&v20=yes&v21=nglish&v23=18882125403463492893535739695916364744&v24=018ffa602c93000a027815fe32090506f001806700b08&v25=benarnews&v27=RFA-BN%20English%20Responsive&v29=ro18y.un974.com%2F&v30=500&v31=https%3A%2F%2Fro18y.un974.com%2F&v32=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&v38=section&v39=home&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=main_template.pt&v82=view&v100=2024-06-09%3A02.22%3A%2B02.00&v101=europe%2Famsterdam&v102=en-us%3Aen%3Anl-nl&v104=iq&v111=ut4.46.202405010255&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 00:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2024 00:22:39 GMT
server: jag
etag: 3689146180233953280-4618530144276221973
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 00:22:39 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 65ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-03YYQYPPKQ&gtm=45je4650v9125773219za200&_p=1717892559031&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=nl-nl&sr=1600x1200&cid=1428780468.1717892559&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fro18y.un974.com%2F&dt=%C4%91%E1%BB%93ng%20h%E1%BB%93%20th%C3%B4ng%20minh%20smartwatch%20uwatch%20w88(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&sid=1717892559&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=https%3A%2F%2Fro18y.un974.com%2F&ep.ua_dimension_2=ro18y.un974.com&ep.ua_dimension_3=BenarNews&ep.ua_dimension_4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&ep.ua_dimension_5=section&ep.ua_dimension_6=section&ep.ua_dimension_7=Home&ep.ua_dimension_8=062f5af91d2a4b8b801d01bd046c3774&ep.ua_dimension_9=nglish&ep.ua_dimension_10=BenarNews&ep.ua_dimension_11=English&ep.ua_dimension_12=Benar%20English&ep.ua_dimension_13=Desktop&ep.ua_dimension_14=500&ep.ua_dimension_15=RFA-BN%20English%20Responsive&ep.ua_dimension_16=prod&ep.ua_dimension_17=Yes&ep.ua_dimension_18=english&tfd=16571
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ro18y.un974.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 00:22:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ro18y.un974.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.hk88casino.com
URL: https://www.hk88casino.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ro18y.un974.com/	1969-12-31 23:59:59	Name: __vtins__3HxKKpJCWQpulFxW Value: %7B%22sid%22%3A%20%2227cde685-f287-5771-a5a4-6fe778af6748%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201717894357825%2C%20%22ct%22%3A%201717892557825%7D
ro18y.un974.com/	1970-01-21 06:47:32	Name: __51uvsct__3HxKKpJCWQpulFxW Value: 1
ro18y.un974.com/	1970-01-21 06:47:32	Name: __51vcke__3HxKKpJCWQpulFxW Value: 35521ee0-c67c-5c4d-90a5-4434717dcaec
ro18y.un974.com/	1970-01-21 06:47:32	Name: __51vuft__3HxKKpJCWQpulFxW Value: 1717892557827
.un974.com/	1970-01-21 05:57:08	Name: utag_main Value: v_id:018ffa602c93000a027815fe32090506f001806700b08$_sn:1$_se:1$_ss:1$_st:1717894357972$ses_id:1717892557972%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:un974.com
.demdex.net/	1970-01-21 01:30:44	Name: demdex Value: 18901514316647813623539289989656136979
.un974.com/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 05:57:08	Name: everest_g_v2 Value: g_surferid~ZmT1zgAAAKijVgOJ
.dpm.demdex.net/	1970-01-21 01:30:44	Name: dpm Value: 18901514316647813623539289989656136979
.un974.com/	1970-01-21 06:47:32	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19884%7CMCMID%7C18882125403463492893535739695916364744%7CMCAAMLH-1718497358%7C6%7CMCAAMB-1718497358%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1717899758s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19891%7CvVersion%7C5.4.0
.un974.com/	1970-01-21 06:47:32	Name: _ga Value: GA1.2.1428780468.1717892559
.un974.com/	1970-01-20 21:12:58	Name: _gid Value: GA1.2.943561043.1717892559
.un974.com/	1970-01-20 21:11:32	Name: _gat_tealium_0 Value: 1
.un974.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.un974.com/	1970-01-21 06:47:32	Name: _ga_03YYQYPPKQ Value: GS1.2.1717892559.1.0.1717892559.0.0.0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ro18y.un974.com/template/Brasil/a3/css/jquery.sidr.dark.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ro18y.un974.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ro18y.un974.com/++theme++benar/search-icon-white.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
buttons-config.sharethis.com
cm.everesttech.net
collect-v6.51.la
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
region1.google-analytics.com
ro18y.un974.com
sdk.51.la
ssc.benarnews.org
stats.g.doubleclick.net
tags.benarnews.org
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
www.hk88casino.com
www.hk88casino.com
163.181.92.226
163.181.92.227
18.172.112.11
188.114.96.3
2001:4860:4802:34::36
2600:9000:20eb:5600:c:abe:f440:93a1
2600:9000:235a:b400:7:2bfb:7c00:93a1
2a00:1450:4001:81d::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c09::9a
35.156.21.72
52.30.166.91
52.30.232.89
54.171.118.212
63.140.62.27
08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400
0ce5a9c1701c608219cee0ceb496e1311242be718d84819ab243ad85138ea581
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc
2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee
2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a
6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141
8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8
992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a
9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e
ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06
ac575db72ad6eb4f80ce6c8fe1d3c5b37302cedf5ec24ba6e0f4df11bd3a4534
bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644
c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0
d61e54b63f15a1240e4b4b249b6dcb2b30de20caf221a01ea45785c7cb23495d
d6a5e1645a903494ee67716aa35ff8e2e00ba2adc530cdfca0b34dd5ce517e2d
daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec
df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771
df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1
ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab
f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290

ro18y.un974.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

75 Requests

96 %HTTPS

47 %IPv6

14 Domains

19 Subdomains

17 IPs

5 Countries

862 kBTransfer

2080 kBSize

15 Cookies

0 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ro18y.un974.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

96 %
HTTPS

47 %
IPv6

14
Domains

19
Subdomains

17
IPs

5
Countries

862 kB
Transfer

2080 kB
Size

15
Cookies

75 HTTP transactions
0 data transactions