romadu5.com Open in urlscan Pro
34.144.250.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://romadu5.com/
Submission: On January 05 via api (January 5th 2024, 9:56:50 pm UTC) from US — Scanned from US

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 14 domains to perform 61 HTTP transactions. The main IP is 34.144.250.200, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is romadu5.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.

This is the only time romadu5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	34.144.250.200 34.144.250.200	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::54	15169 (GOOGLE) (GOOGLE)
5	34.36.129.203 34.36.129.203	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:141b:1c0... 2600:141b:1c00:31::1739:5a46	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
8	23.196.3.187 23.196.3.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	18.164.124.6 18.164.124.6	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.164.124.52 18.164.124.52	16509 (AMAZON-02) (AMAZON-02)
61	19

19 34.144.250.200 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 200.250.144.34.bc.googleusercontent.com

romadu5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.36.129.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.129.36.34.bc.googleusercontent.com

gateway.webgoodeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:31::1739:5a46 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.196.3.187 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-187.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.124.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-6.jfk50.r.cloudfront.net

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-52.jfk50.r.cloudfront.net

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	romadu5.com romadu5.com	1 MB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 818	246 KB
5	webgoodeta.com gateway.webgoodeta.com
5	google.com accounts.google.com — Cisco Umbrella Rank: 65 analytics.google.com — Cisco Umbrella Rank: 266 www.google.com — Cisco Umbrella Rank: 6	81 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	279 KB
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 17338	869 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	91 KB
2	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 6735 wa.appsflyer.com — Cisco Umbrella Rank: 12306	10 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	242 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 6672	14 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1326	809 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 2111	625 B
61	14

	Domain	Requested by
19	romadu5.com	romadu5.com
8	analytics.tiktok.com	romadu5.com analytics.tiktok.com
5	gateway.webgoodeta.com	romadu5.com
3	www.google.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.googletagmanager.com	romadu5.com
2	wa.onelink.me	romadu5.com
2	connect.facebook.net	romadu5.com
1	wa.appsflyer.com	romadu5.com
1	www.facebook.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	utt.impactcdn.com	romadu5.com
1	websdk.appsflyer.com	romadu5.com
1	accounts.google.com	romadu5.com
1	unpkg.com	romadu5.com
1	polyfill.io	romadu5.com
61	18

This site contains no links.

Subject Issuer	Validity	Valid
romadu5.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-22` - `2024-01-21`	a month	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
webgoodeta.com R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
utt.impactcdn.com GTS CA 1D4	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.onelink.me Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://romadu5.com/
Frame ID: 2C582A275FC51A6A4ECFA906B034E973
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tango Live

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

61
Requests

90 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

19
IPs

1
Countries

2021 kB
Transfer

5643 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
romadu5.com/ 7 KB
3 KB 458ms
296ms Document
text/html 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3d7f65fc0a0394fddbb2a42ee03b8bb34418aa224f7d40c33fb0b5508d2127c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html
date: Fri, 05 Jan 2024 21:56:43 GMT
etag: W/"6598621a-1c3c"
server: nginx
via: 1.1 google
x-frame-options: SAMEORIGIN

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
625 B 116ms
40ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Promise%2CArray.prototype.flatMap%2CIntersectionObserver%2CMutationObserver%2CPromise.prototype.finally%2CObject.fromEntries

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 21:56:43 GMT
age: 1496575
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 large-small-dynamic-viewport-units-polyfill.min.js Show response
unpkg.com/large-small-dynamic-viewport-units-polyfill@0.1.1/dist/ 1 KB
809 B 128ms
52ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/large-small-dynamic-viewport-units-polyfill@0.1.1/dist/large-small-dynamic-viewport-units-polyfill.min.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81107b43044e9cab3a9f2652598b289ab57abd3e75c777f2074aa89ee4070c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3336576
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGAC1GPXA1F7JHJRYB803SMT-mia
server: cloudflare
etag: W/"4c7-DgKbBozDheqM24HTH/6lsd8iQbQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 840ef90e6c75742e-MIA

GET
H3 200 widgets-8c1658cc28e861f4d5d8.js Show response
romadu5.com/ 192 KB
66 KB 127ms
126ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/widgets-8c1658cc28e861f4d5d8.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e80ef5a162074372dc0a7329d0d6e777c45de332131cdf5f5cab3cf69e8ed83e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-301f6"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 97642-7a57b0147e0b49dfae31.js Show response
romadu5.com/ 24 KB
9 KB 116ms
116ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/97642-7a57b0147e0b49dfae31.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e44b5bf14f7ceb96eac3e83dc00ae55b96a6194763f0f5ecd17aaf3e5edf8efb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-612c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 90678-97b317ddee9a9c25893b.js Show response
romadu5.com/ 186 KB
64 KB 144ms
144ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/90678-97b317ddee9a9c25893b.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cdbedcb0f5e874b5500db0d9430ce8457afe497465973d754af09518dec68689

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 20:10:01 GMT
server: nginx
etag: W/"65986219-2e762"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 46749-bd98cf679124b1391d0d.js Show response
romadu5.com/ 682 KB
228 KB 155ms
154ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/46749-bd98cf679124b1391d0d.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1f1a23b288fe341359f6b7722b559923cce6b77ad5669971fba2ad409c9a2292

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-aa719"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 main-1c4e763101cdaf568c81.js Show response
romadu5.com/ 660 KB
208 KB 199ms
198ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/main-1c4e763101cdaf568c81.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

181e6dfcca30256f3acc46f68511eff4f64f955c93c5413414d888c91199983a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:16 GMT
server: nginx
etag: W/"6598204c-a4e9b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 widgets-da20a442b307773c6373.css
romadu5.com/ 85 KB
21 KB 134ms
133ms Stylesheet
text/css 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/widgets-da20a442b307773c6373.css

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6e5500f7aea40e8eee87d7483455892345cb670d43aeb0f05d148568f9e3ddd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:17 GMT
server: nginx
etag: W/"6598204d-152f7"
x-frame-options: SAMEORIGIN
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main-04db19a7625721129b88.css
romadu5.com/ 14 KB
4 KB 108ms
107ms Stylesheet
text/css 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/main-04db19a7625721129b88.css

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e71c15c91534c46618b27888bd5d0d11ca46f67b4c63983708f7b209798a6333

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:17 GMT
server: nginx
etag: W/"6598204d-386b"
x-frame-options: SAMEORIGIN
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 local.properties Show response
romadu5.com/ 6 KB
3 KB 104ms
104ms Fetch
application/octet-stream 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/local.properties

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4322cd6a6ac9a88d8d533928a2184e94f4e672509d2ca2820f374e2693cb7451

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:38:38 GMT
server: nginx
etag: W/"6596b4de-1658"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 31867-80c8310796e9320476b3.js
romadu5.com/ 3 KB
1 KB 107ms
106ms Other
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/31867-80c8310796e9320476b3.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

98d28fb8dbdfb963a2a68e7e63039bfa2e4315751a77ad2829a91e5e10cc449a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-a2b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 89100-84aa16b9ab29864b9412.js Show response
romadu5.com/ 214 B
232 B 103ms
102ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/89100-84aa16b9ab29864b9412.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9cdfb559b2c362cf544448bc624aaa6dfffee8fb7de3e0702cdb8c9f791cda19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
via: 1.1 google
last-modified: Fri, 05 Jan 2024 20:10:01 GMT
server: nginx
etag: "65986219-d6"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 308 KB
97 KB 232ms
97ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTLP3KV

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3167034f9b9208ff0da489e06d5b06d3a74a24258c9f10c0d92c3428efbc744f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98940
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 21:56:44 GMT

GET
H3 200 41871-b2052193a5583ca42165.js Show response
romadu5.com/ 29 KB
12 KB 106ms
106ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/41871-b2052193a5583ca42165.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f1180cee0b7bac3ddb648dbd988672f1d4058154923523ff45408a99a577853c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:16 GMT
server: nginx
etag: W/"6598204c-730f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 80714-43531b598fd7f1171365.js Show response
romadu5.com/ 6 KB
2 KB 103ms
103ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/80714-43531b598fd7f1171365.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bad2bf9783e6eeac9a190922bd08a21f7802d8669045948697e72a79edbfc688

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-16a5"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 210ms
89ms Script
application/javascript 2607:f8b0:4004:c07::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: romadu5.com
URL: https://romadu5.com/46749-bd98cf679124b1391d0d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efc2a70a50fbc58b7afdbc7129cec17701dd5c031494d72976ca7a78f0a01ed3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-WIbnbD9VB9SSB7JzCLeJqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-WIbnbD9VB9SSB7JzCLeJqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 05 Jan 2024 21:56:45 GMT

OPTIONS
H2 403 config
gateway.webgoodeta.com/proxycador/api/configurator/v1/ 0
0 237ms
102ms Preflight 34.36.129.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.webgoodeta.com/proxycador/api/configurator/v1/config?locale=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.129.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.129.36.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: foreground-id,interaction-id,username
Access-Control-Request-Method: GET
Origin: https://romadu5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 21:56:44 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

OPTIONS
H2 403 getCountry
gateway.webgoodeta.com/proxycador/api/ 0
0 236ms
103ms Preflight 34.36.129.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.webgoodeta.com/proxycador/api/getCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.129.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.129.36.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: foreground-id,interaction-id,username
Access-Control-Request-Method: GET
Origin: https://romadu5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 21:56:45 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 45623-f817db03394484aab5b8.js Show response
romadu5.com/ 15 KB
4 KB 105ms
104ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/45623-f817db03394484aab5b8.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

984af6d433c6dc0b2354706403c5d7743b441349840b41b188b8548c9a3f255e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:16 GMT
server: nginx
etag: W/"6598204c-3de3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET config
gateway.webgoodeta.com/proxycador/api/configurator/v1/ 0
0

GET getCountry
gateway.webgoodeta.com/proxycador/api/ 0
0

GET
H3 200 22441-c39e1c58a2ee323f49bf.js
romadu5.com/ 11 KB
5 KB 109ms
109ms Other
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/22441-c39e1c58a2ee323f49bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

988352aef041eda8fdd168ad6fdb627d696cd0a5eaa771e535998505bfb9acbb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-2be3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 4fbf701547426299143c-lato-Regular.ttf
romadu5.com/fonts/ 646 KB
319 KB 109ms
109ms Font
application/octet-stream 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/fonts/4fbf701547426299143c-lato-Regular.ttf

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-04db19a7625721129b88.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0ad460bd756454f8485609747b25c5644a54d307a65daabbb24c646c112ed541

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://romadu5.com/main-04db19a7625721129b88.css
Origin: https://romadu5.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 15:29:16 GMT
server: nginx
etag: W/"6598204c-a1858"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 403 v1
gateway.webgoodeta.com/proxycador/api/registerGuest/ 0
0 136ms
102ms Preflight 34.36.129.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.webgoodeta.com/proxycador/api/registerGuest/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.129.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.129.36.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,foreground-id,interaction-id,username
Access-Control-Request-Method: POST
Origin: https://romadu5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 21:56:44 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

POST v1
gateway.webgoodeta.com/proxycador/api/registerGuest/ 0
0

GET
H3 200 77018-e31e102e41fd00a9fa43.js Show response
romadu5.com/ 38 KB
14 KB 106ms
105ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/77018-e31e102e41fd00a9fa43.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

475efab065f49abe0ec282885cdd149b0468449700b2f511a2b99721f275eb80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 05 Jan 2024 20:10:01 GMT
server: nginx
etag: W/"65986219-971f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
104 KB 81ms
80ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc8a06444bf8ff4f18006226eb8c1e6a59fb672de0fe9dd079bce2cd1eda5e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 21:56:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 96ms
96ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-24QPJY5WNP&l=dataLayer&cx=c

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e9e050ac6c1fc03761354b86c7d4d832395314b053b15569c43cb0ad82d5d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79977
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 21:56:45 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 256ms
73ms Script
application/javascript 2600:141b:1c00:31::1739:5a46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a46 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 21:56:45 GMT
X-DataStream-Origin-MEX-Latency: 341
Content-Encoding: gzip
X-DataStream-MidMile-RTT: 0
x-amz-request-id: 0YMC690W1Q55SJTR
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: DWspBB22G31MS48FJKy8MMVEI1kPFrg4ONBqcSUpwXKwBwpM24HKXmYEpWcZbh6bluRbRvgWujo=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1263
Accept-Ranges: bytes
X-DataStream-Cache-Status: 3
Expires: Fri, 05 Jan 2024 22:17:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 201ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 21:56:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vSGpBDFIW24LqAOsfJ5HDCKpPnGVvxBji/0nGozWP5Nv0qGCMfqCxWuSTjV91LUii3z9VHJ3kxlIIVK98pf+IQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 241ms
80ms Script
application/javascript 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE905NBC77UDF970RRL0&lib=ttq
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6c11572b71284d40d5cbd885c2de7aa56c5219ca54f4041cb7e98072120957d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 291ba790
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401052156451DE235F0E6560CB8C2F1-68749DB7532D34F3-00
x-cache: TCP_MISS from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=10
content-length: 1614
pragma: no-cache
server: nginx
x-tt-logid: 202401052156451DE235F0E6560CB8C2F1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.196.2.187
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dfe4973e47fa04d59a5ef8b346d61539ba58c15f941956f37f8f18d3b1fbdd4e68828ab99e2ea5c0591e0092a7d6063fc9b828deb7891e96832329eda554cb15671955a0e8dd03e8d033394e3a7452ef9
expires: Fri, 05 Jan 2024 21:56:45 GMT

GET
H2 200 A4935281-3f80-43cf-bfa4-6e4b7ddd3b501.js Show response
utt.impactcdn.com/ 33 KB
14 KB 121ms
39ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4935281-3f80-43cf-bfa4-6e4b7ddd3b501.js
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 488a8a545553104c8ce2cec8c9cc420066641bb6f565fc954b32e44a5a83e513

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:54:49 GMT
content-encoding: gzip
age: 116
x-guploader-uploadid: ABPtcPoN9ILoYoARGgBknoA1F3V1f5qEiDL0Ery7FvNfp8qQB4Mq2cOr77OwBLKg513HUpVdFkeoFgJ_Fw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13391
last-modified: Wed, 03 Jan 2024 09:27:42 GMT
server: UploadServer
etag: "d13f4ad543c89fc1e2515498d6d052e7"
vary: Accept-Encoding
x-goog-generation: 1704274062731498
x-goog-hash: crc32c=O3fkMw==, md5=0T9K1UPIn8HiUVSY1tBS5w==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13391
accept-ranges: bytes
expires: Fri, 05 Jan 2024 21:59:49 GMT

GET
H3 200 a3e5f4a665cca7393ae7-lato-Bold.ttf
romadu5.com/fonts/ 667 KB
326 KB 112ms
111ms Font
application/octet-stream 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/fonts/a3e5f4a665cca7393ae7-lato-Bold.ttf

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-04db19a7625721129b88.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e0b1c4de011de8dd077cf21f97919fc31158eb290ee1176cbae06d500a6304bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://romadu5.com/main-04db19a7625721129b88.css
Origin: https://romadu5.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-a6c6c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 403 tabsConfig
gateway.webgoodeta.com/proxycador/api/live/feeds/v1/ 0
0 104ms
103ms Preflight 34.36.129.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.webgoodeta.com/proxycador/api/live/feeds/v1/tabsConfig?locale=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.129.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.129.36.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: foreground-id,interaction-id,username
Access-Control-Request-Method: GET
Origin: https://romadu5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 21:56:44 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

GET tabsConfig
gateway.webgoodeta.com/proxycador/api/live/feeds/v1/ 0
0

GET
H3 200 41086-73a2a02af587083e86e5.js Show response
romadu5.com/ 5 KB
3 KB 104ms
103ms Script
application/javascript 34.144.250.200
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://romadu5.com/41086-73a2a02af587083e86e5.js

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.144.250.200 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

200.250.144.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3e81ffd80bf59ed526b868546ef455462636d409f7b02e31798d39674a699487

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 04 Jan 2024 13:02:05 GMT
server: nginx
etag: W/"6596ac4d-144d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET guardian
gateway.webgoodeta.com/proxycador/api/v1/translations/ 0
0

OPTIONS
H2 403 guardian
gateway.webgoodeta.com/proxycador/api/v1/translations/ 0
0 102ms
102ms Preflight 34.36.129.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.webgoodeta.com/proxycador/api/v1/translations/guardian
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.129.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.129.36.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: foreground-id,interaction-id,username
Access-Control-Request-Method: GET
Origin: https://romadu5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 21:56:44 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 138ms
53ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-24QPJY5WNP&gtm=45je4130v9172531824z8831318874&_p=1704491804677&gcd=11l1l1l1l1&dma=0&cid=848221234.1704491805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704491805&sct=1&seg=0&dl=https%3A%2F%2Fromadu5.com%2F&dt=Tango%20Live&en=page_view&_fv=1&_nsi=1&_ss=1&ep.real_url=https%3A%2F%2Fromadu5.com%2F&tfd=1940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24QPJY5WNP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://romadu5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/667218388/ 2 KB
1 KB 223ms
84ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/667218388/?random=1704491805334&cv=11&fst=1704491805334&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&hn=www.googleadservices.com&frm=0&tiba=Tango%20Live&auid=760987496.1704491805&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81904169135e5f7a518289f3fe18830c0df6469cb4401aaec96ae9ba23074b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670515745/ 2 KB
1 KB 217ms
86ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670515745/?random=1704491805350&cv=11&fst=1704491805350&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&hn=www.googleadservices.com&frm=0&tiba=Tango%20Live&auid=760987496.1704491805&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26fd3e7c3caeb67dacc5cdd498944d9fbd400ff351403cd23f4d12780610299d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/307964972/ 2 KB
2 KB 208ms
84ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/307964972/?random=1704491805358&cv=11&fst=1704491805358&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&hn=www.googleadservices.com&frm=0&tiba=Tango%20Live&auid=760987496.1704491805&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

741b9bb7a92e3fd058baa8d54fc5cbe24cbba35c6181474e7b8b2e5e31767f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 133ms
49ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S2ECDFJP9V&gtm=45je4130v9102099931z8831318874&_p=1704491804677&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=848221234.1704491805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704491805&sct=1&seg=0&dl=https%3A%2F%2Fromadu5.com%2F&dt=Tango%20Live&en=page_view&_fv=2&_ss=1&tfd=2026
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://romadu5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 188ms
68ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S2ECDFJP9V&cid=848221234.1704491805&gtm=45je4130v9102099931z8831318874&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S2ECDFJP9V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://romadu5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWZkNjY4MmI1MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 376 KB
101 KB 71ms
70ms Script
application/javascript 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 291ba7db
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415160393449D3393B92609CDAF
x-tt-trace-id: 00-24010415160393449D3393B92609CDAF-1D0342E36EAB8159-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012af9cb637b94a6cc010469df1411fcec26ce6659724d270288e69e01a8957b21fd4ca054fe10e44b10d1331c0e747bef0f21dbcbada89117b227e7295c56c18c5b8c8f85cac25c732334d56f1c77c6fe20538e46bae222489f5dbf8d6aa75301
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 103061

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 13 B
363 B 278ms
124ms XHR
application/json 18.164.124.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: romadu5.com
URL: https://romadu5.com/46749-bd98cf679124b1391d0d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-6.jfk50.r.cloudfront.net
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
via: 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://romadu5.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 13
x-amz-cf-id: pIH_1GeLJIUKnnTE4_fWJ8JkOLb6_ExG9YZtdXpHlzFVkZeZWbQ4wQ==

GET
H2 200 496537651147140 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 149ms
148ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/496537651147140?v=2.9.139&r=stable&domain=romadu5.com

Requested by

Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59d6e99339a0707ec956fd3e032e500874d26ab41b09753e8066a156a924bdc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 21:56:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /fS4Lv+7kck8s6zE2XPmj8tbP8f8QP8ZlCvxBIa4sPKgQFJeXH+WvnbF/VNQfMlT19gK6R/kkpvz+2I4jaEhzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/307964972/ 42 B
108 B 221ms
81ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/307964972/?random=1704491805358&cv=11&fst=1704488400000&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&frm=0&tiba=Tango%20Live&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kRrI9LCvEcUF8BxNjv0vRdWTPEz9wQ&random=2067815625&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/667218388/ 42 B
108 B 220ms
82ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/667218388/?random=1704491805334&cv=11&fst=1704488400000&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&frm=0&tiba=Tango%20Live&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_-_yNC4C1VAYvDq6T3UoWWQw_ptdk_w&random=1981230423&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/670515745/ 42 B
455 B 216ms
81ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670515745/?random=1704491805350&cv=11&fst=1704488400000&bg=ffffff&guid=ON&async=1&gtm=45je4130v9102099931z8831318874&u_w=1600&u_h=1200&url=https%3A%2F%2Fromadu5.com%2F&frm=0&tiba=Tango%20Live&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_AeFq1mHAEUBdrtpVaotGbTvygIDVLg&random=2963665480&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 21:56:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 70ms
70ms Script
application/javascript 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 291ba885
date: Fri, 05 Jan 2024 21:56:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415160493449D3393B92609CDC0
x-tt-trace-id: 00-24010415160493449D3393B92609CDC0-5C168411581918E0-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012af9cb637b94a6cc010469df1411fcec26ce6659724d270288e69e01a8957b21fd4ca054fe10e44b10d1331c0e747bef961752ddc5b04fcf54d266047bb6ab3045979df464e8d6c9473064f7708bcd02579ecec3746ef46e06b1755a4c90391c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 36867

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 116ms
116ms Ping
text/plain 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://romadu5.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 291ba8a3
date: Fri, 05 Jan 2024 21:56:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240105215645DA82194B936A7FB9EEA7-680FD44B10B69C2C-00
x-cache: TCP_MISS from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=6, origin; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240105215645DA82194B936A7FB9EEA7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.196.2.187
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dfe4973e47fa04d59a5ef8b346d61539be2b7b234ecb5fd3f79b1c361bc78575ddbf52c315dff1573d05cf772f4d235236b704f46a461225434f7a462fcfc51c0d393c85b72e73121488e667a4920c943
access-control-allow-headers: Authorization,*
expires: Fri, 05 Jan 2024 21:56:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 202ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=496537651147140&ev=PageView&dl=https%3A%2F%2Fromadu5.com%2F&rl=&if=false&ts=1704491805686&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704491805683.416781215&cs_est=true&ler=empty&it=1704491805468&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 21:56:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
wa.appsflyer.com/ 75 B
528 B 274ms
124ms XHR
application/json 18.164.124.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=90ab79ba-dbb1-48a6-aeca-e19a9a9a84f6
Requested by: Host: romadu5.com
URL: https://romadu5.com/46749-bd98cf679124b1391d0d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-52.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0f645ca25304a895d1d8b108af36b7252ae12a174ca93b5ef5bd84bf6dd23b12

Request headers

Referer: https://romadu5.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 05 Jan 2024 21:56:45 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://romadu5.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 75
x-amz-cf-id: 3q4v3RzfmZe3NkUTvWZJskuKTvw34FKXNDh7yikG_WUv3jMK26oapA==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 111ms
111ms Ping
text/plain 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://romadu5.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 291ba930
date: Fri, 05 Jan 2024 21:56:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240105215645DA82194B936A7FB9EEAF-680FD44B10B69D5C-00
x-cache: TCP_MISS from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=28, cdn-cache; desc=MISS, edge; dur=7, origin; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240105215645DA82194B936A7FB9EEAF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.196.2.187
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dfe4973e47fa04d59a5ef8b346d61539be2b7b234ecb5fd3f79b1c361bc78575ddbf52c315dff1573d05cf772f4d23523eff7fa892de0b26d77f9181cc40d1fbefdf87516d9f85af7f8398e5bedd8ce26
access-control-allow-headers: Authorization,*
expires: Fri, 05 Jan 2024 21:56:45 GMT

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 51 B
506 B 123ms
123ms XHR
application/json 18.164.124.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=3d8ce75b-4630-4158-ace2-d3d12045964f-p
Requested by: Host: romadu5.com
URL: https://romadu5.com/46749-bd98cf679124b1391d0d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-6.jfk50.r.cloudfront.net
Software: /
Resource Hash: 07e378c29f8e717fb57b0b830686d10d8d58f7b9d7b7a5484c217f9e0efbd804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:56:46 GMT
via: 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://romadu5.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 51
x-amz-cf-id: MdE23a1RFhq4h7IMmgvjdVPGxurSYBgDOspjdq3zSEgEcWzi-97rXw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 106ms
106ms Script
application/javascript 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4QDP2HPGM656MIKRBL0&lib=ttq
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6278af21e6019be795ee32bca17ac25127ffb657fa5542d7853c60abc1cf2d90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 6cddf539.291bb510
date: Fri, 05 Jan 2024 21:56:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401052156496A5278C44DACF27D3206-414F1E7C0E770153-00
x-cache: TCP_MISS from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 24,23.196.2.187
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=7, inner; dur=4
content-length: 1524
pragma: no-cache
server: nginx
x-tt-logid: 202401052156496A5278C44DACF27D3206
x-cache-remote: TCP_MISS from a23-48-100-40.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.40
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8d9ba73e5a046e4f5c94c35d1cdb2bbba3ce9035759ea60551b65016c1b8e402a22b8f9c0de3b7408770f3a93947f7180b76a50ebffa0414082fbda6343bd2acf5f7ace47f3d57473ada65558aed3a80828066ace00d63d54f8561e63fd45958c1
expires: Fri, 05 Jan 2024 21:56:49 GMT

GET
H2 200 main.MWZkNjY4MmI1MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 376 KB
101 KB 70ms
70ms Script
application/javascript 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Requested by: Host: romadu5.com
URL: https://romadu5.com/main-1c4e763101cdaf568c81.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956

Request headers

accept-language: en-US,en;q=0.9
Referer: https://romadu5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 291bb57b
date: Fri, 05 Jan 2024 21:56:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415160393449D3393B92609CDAF
x-tt-trace-id: 00-24010415160393449D3393B92609CDAF-1D0342E36EAB8159-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012af9cb637b94a6cc010469df1411fcec26ce6659724d270288e69e01a8957b21fd4ca054fe10e44b10d1331c0e747bef0f21dbcbada89117b227e7295c56c18c5b8c8f85cac25c732334d56f1c77c6fe20538e46bae222489f5dbf8d6aa75301
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
content-length: 103061

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 124ms
123ms Ping
text/plain 23.196.3.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.187 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://romadu5.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6cde8354.291bb614
date: Fri, 05 Jan 2024 21:56:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401052156501B8A9CA25BC322AA5076-7E13449643E40D9C-00
x-cache: TCP_MISS from a23-196-2-187.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 48,23.196.2.187
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=41, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401052156501B8A9CA25BC322AA5076
x-cache-remote: TCP_MISS from a23-48-100-40.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.48.100.40
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8d9ba73e5a046e4f5c94c35d1cdb2bbba3ce9035759ea60551b65016c1b8e402a2b40a94c5a469ff2d1cb4ac3cc5d0f80fe6a7be58441753596566e74bfeefe89468b151fa978fbce1b1b493173b7ad1e8ffcee08e2166bd9dd7bc4f71399aab48
access-control-allow-headers: Authorization,*
expires: Fri, 05 Jan 2024 21:56:50 GMT

POST act
analytics.tiktok.com/api/v2/pixel/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gateway.webgoodeta.com
URL: https://gateway.webgoodeta.com/proxycador/api/configurator/v1/config?locale=en

Domain: gateway.webgoodeta.com
URL: https://gateway.webgoodeta.com/proxycador/api/getCountry

Domain: gateway.webgoodeta.com
URL: https://gateway.webgoodeta.com/proxycador/api/registerGuest/v1

Domain: gateway.webgoodeta.com
URL: https://gateway.webgoodeta.com/proxycador/api/live/feeds/v1/tabsConfig?locale=en_US

Domain: gateway.webgoodeta.com
URL: https://gateway.webgoodeta.com/proxycador/api/v1/translations/guardian

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/api/v2/pixel/act

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.romadu5.com/	1970-01-20 19:37:47	Name: _gcl_au Value: 1.1.760987496.1704491805
.romadu5.com/	1970-01-21 03:04:11	Name: _ga_24QPJY5WNP Value: GS1.1.1704491805.1.0.1704491805.0.0.0
.romadu5.com/	1970-01-21 03:04:11	Name: _ga Value: GA1.1.848221234.1704491805
.tiktok.com/	1970-01-21 02:49:47	Name: _ttp Value: 2aYNyLmbyZeTOKwoH3GIB5dS1tY
.romadu5.com/	1970-01-21 03:04:11	Name: _ga_S2ECDFJP9V Value: GS1.1.1704491805.1.0.1704491805.60.0.0
.doubleclick.net/	1970-01-20 17:28:12	Name: test_cookie Value: CheckForPermission
.romadu5.com/	1970-01-21 02:49:47	Name: _tt_enable_cookie Value: 1
.romadu5.com/	1970-01-21 02:49:47	Name: _ttp Value: glAq8WboG-_7Jy2rNVZVCOiKVaK
.romadu5.com/	1970-01-20 19:37:47	Name: _fbp Value: fb.1.1704491805683.416781215
.appsflyer.com/	1970-01-21 02:56:59	Name: af_id Value: 3d8ce75b-4630-4158-ace2-d3d12045964f-p
.romadu5.com/	1970-01-21 03:04:11	Name: afUserId Value: 3d8ce75b-4630-4158-ace2-d3d12045964f-p
.onelink.me/	1970-01-21 03:04:11	Name: af_id Value: 3d8ce75b-4630-4158-ace2-d3d12045964f-p
.romadu5.com/	1970-01-20 17:38:16	Name: AF_SYNC Value: 1704491806089
romadu5.com/	1970-01-20 17:28:12	Name: _dd_s Value: logs=1&id=7b12e67b-051d-4ab8-be16-4a9e81766cf2&created=1704491804681&expire=1704492704681

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://romadu5.com/ Message: Access to fetch at 'https://gateway.webgoodeta.com/proxycador/api/registerGuest/v1' from origin 'https://romadu5.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gateway.webgoodeta.com/proxycador/api/registerGuest/v1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://romadu5.com/ Message: Access to fetch at 'https://gateway.webgoodeta.com/proxycador/api/configurator/v1/config?locale=en' from origin 'https://romadu5.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gateway.webgoodeta.com/proxycador/api/configurator/v1/config?locale=en Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://romadu5.com/ Message: Access to fetch at 'https://gateway.webgoodeta.com/proxycador/api/getCountry' from origin 'https://romadu5.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gateway.webgoodeta.com/proxycador/api/getCountry Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://romadu5.com/ Message: Access to fetch at 'https://gateway.webgoodeta.com/proxycador/api/live/feeds/v1/tabsConfig?locale=en_US' from origin 'https://romadu5.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gateway.webgoodeta.com/proxycador/api/live/feeds/v1/tabsConfig?locale=en_US Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://romadu5.com/ Message: Access to fetch at 'https://gateway.webgoodeta.com/proxycador/api/v1/translations/guardian' from origin 'https://romadu5.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://gateway.webgoodeta.com/proxycador/api/v1/translations/guardian Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
analytics.tiktok.com
connect.facebook.net
gateway.webgoodeta.com
googleads.g.doubleclick.net
polyfill.io
romadu5.com
stats.g.doubleclick.net
unpkg.com
utt.impactcdn.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
analytics.tiktok.com
gateway.webgoodeta.com
18.164.124.52
18.164.124.6
2001:4860:4802:34::178
2001:4860:4802:36::181
23.196.3.187
2600:141b:1c00:31::1739:5a46
2606:4700::6810:7caf
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::54
2607:f8b0:4006:809::2004
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:c00::282
34.144.250.200
34.36.129.203
35.186.249.72
07e378c29f8e717fb57b0b830686d10d8d58f7b9d7b7a5484c217f9e0efbd804
0ad460bd756454f8485609747b25c5644a54d307a65daabbb24c646c112ed541
0f645ca25304a895d1d8b108af36b7252ae12a174ca93b5ef5bd84bf6dd23b12
181e6dfcca30256f3acc46f68511eff4f64f955c93c5413414d888c91199983a
1f1a23b288fe341359f6b7722b559923cce6b77ad5669971fba2ad409c9a2292
26fd3e7c3caeb67dacc5cdd498944d9fbd400ff351403cd23f4d12780610299d
3167034f9b9208ff0da489e06d5b06d3a74a24258c9f10c0d92c3428efbc744f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3d7f65fc0a0394fddbb2a42ee03b8bb34418aa224f7d40c33fb0b5508d2127c8
3e81ffd80bf59ed526b868546ef455462636d409f7b02e31798d39674a699487
4322cd6a6ac9a88d8d533928a2184e94f4e672509d2ca2820f374e2693cb7451
475efab065f49abe0ec282885cdd149b0468449700b2f511a2b99721f275eb80
488a8a545553104c8ce2cec8c9cc420066641bb6f565fc954b32e44a5a83e513
4e9e050ac6c1fc03761354b86c7d4d832395314b053b15569c43cb0ad82d5d37
59d6e99339a0707ec956fd3e032e500874d26ab41b09753e8066a156a924bdc8
6278af21e6019be795ee32bca17ac25127ffb657fa5542d7853c60abc1cf2d90
6c11572b71284d40d5cbd885c2de7aa56c5219ca54f4041cb7e98072120957d2
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e5500f7aea40e8eee87d7483455892345cb670d43aeb0f05d148568f9e3ddd4
741b9bb7a92e3fd058baa8d54fc5cbe24cbba35c6181474e7b8b2e5e31767f69
7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81107b43044e9cab3a9f2652598b289ab57abd3e75c777f2074aa89ee4070c71
81904169135e5f7a518289f3fe18830c0df6469cb4401aaec96ae9ba23074b6e
984af6d433c6dc0b2354706403c5d7743b441349840b41b188b8548c9a3f255e
988352aef041eda8fdd168ad6fdb627d696cd0a5eaa771e535998505bfb9acbb
98d28fb8dbdfb963a2a68e7e63039bfa2e4315751a77ad2829a91e5e10cc449a
9cdfb559b2c362cf544448bc624aaa6dfffee8fb7de3e0702cdb8c9f791cda19
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
bad2bf9783e6eeac9a190922bd08a21f7802d8669045948697e72a79edbfc688
bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956
bc8a06444bf8ff4f18006226eb8c1e6a59fb672de0fe9dd079bce2cd1eda5e95
cdbedcb0f5e874b5500db0d9430ce8457afe497465973d754af09518dec68689
e0b1c4de011de8dd077cf21f97919fc31158eb290ee1176cbae06d500a6304bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44b5bf14f7ceb96eac3e83dc00ae55b96a6194763f0f5ecd17aaf3e5edf8efb
e71c15c91534c46618b27888bd5d0d11ca46f67b4c63983708f7b209798a6333
e80ef5a162074372dc0a7329d0d6e777c45de332131cdf5f5cab3cf69e8ed83e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2a70a50fbc58b7afdbc7129cec17701dd5c031494d72976ca7a78f0a01ed3
f1180cee0b7bac3ddb648dbd988672f1d4058154923523ff45408a99a577853c
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

romadu5.com Open in urlscan Pro 34.144.250.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

90 %HTTPS

67 %IPv6

14 Domains

18 Subdomains

19 IPs

1 Countries

2021 kBTransfer

5643 kBSize

14 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

romadu5.com Open in urlscan Pro
34.144.250.200 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

90 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

19
IPs

1
Countries

2021 kB
Transfer

5643 kB
Size

14
Cookies

61 HTTP transactions
2 data transactions