urlscan.io logo urlscan.io
SecurityTrails logo

ro89.com Open in urlscan Pro
94.75.199.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21
Effective URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Submission: On June 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 94.75.199.80, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is ro89.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 16th 2020. Valid for: 3 months.
This is the only time ro89.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 32 94.75.199.80 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 185.94.236.126 42567 (MOJHOST-EU)
37 6
32    94.75.199.80 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ro89.com
analytics.iwatchfactory.com
2    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:336b (United States)

ASN13335 (CLOUDFLARENET, US)
tsyndicate.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    185.94.236.126 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
adserver.juicyads.com
Domain Requested by
31 ro89.com 2 redirects ro89.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
ro89.com
2 www.googletagmanager.com ro89.com
1 adserver.juicyads.com ro89.com
1 a.realsrv.com ro89.com
1 tsyndicate.com ro89.com
1 analytics.iwatchfactory.com ro89.com
37 7
Subject Issuer Validity Valid
ro89.com
Let's Encrypt Authority X3		 2020-04-16 -
2020-07-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
iwatchfactory.com
Let's Encrypt Authority X3		 2020-04-28 -
2020-07-27		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
realsrv.com
Let's Encrypt Authority X3		 2020-06-01 -
2020-08-30		 3 months crt.sh
*.juicyads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-20 -
2022-04-23		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Frame ID: 9D0A2988C3CFE84E03C81A10CB91303C
Requests: 34 HTTP requests in this frame

Frame: https://tsyndicate.com/iframes2/3d0f5b665c5c46a4a463f9bc21d532df.html
Frame ID: 1BC6C5BE0923A58939A34448E67F6911
Requests: 1 HTTP requests in this frame

Frame: https://a.realsrv.com/iframe.php?idzone=3887966&size=300x250
Frame ID: 2F0A8C9D8311923398ACD07C4F7B2329
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=850861
Frame ID: 63755256CDC147431A2ECD88A05F98C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21 HTTP 301
    https://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21 HTTP 301
    https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

37
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

278 kB
Transfer

524 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21 HTTP 301
    https://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21 HTTP 301
    https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 13-yo-preteen-underage-teen-sex-pthc-2-21
ro89.com/q/
Redirect Chain
  • http://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21
  • https://ro89.com/q/related:13_yo_preteen_underage_teen_sex_pthc_2_21
  • https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
c93fe4397c75832f251548e35290bfe188a7dd631d75e4b5f6a770d532fe28a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

:method
GET
:authority
ro89.com
:scheme
https
:path
/q/13-yo-preteen-underage-teen-sex-pthc-2-21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__v=5772c4a8ff55795dd2d6b5ee10bc1462
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
server
nginx
date
Fri, 12 Jun 2020 22:23:28 GMT
content-type
text/html; charset=UTF-8
expires
Fri, 12 Jun 2020 22:33:28 GMT
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload;

Redirect headers

status
301
server
nginx
date
Fri, 12 Jun 2020 22:23:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__v=5772c4a8ff55795dd2d6b5ee10bc1462; expires=Sat, 13-Jun-2020 22:23:28 GMT; Max-Age=86400; path=/; domain=ro89.com; Secure
expires
Fri, 12 Jun 2020 22:33:28 GMT
location
https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload;
c4.css
ro89.com/css/ 		32 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro89.com/css/c4.css
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
437e5f39ed3a8237687ac52c15362be87d7f59cf06c96cea39c489ebda046f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:28 GMT
content-encoding
gzip
last-modified
Wed, 31 Jul 2019 12:34:35 GMT
server
nginx
etag
W/"5d418adb-7eb3"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
text/css
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:28 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-735188-3
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57ba6a52c19681f6a363dc80917580cc550d64e0816c0b198375a168edb9163e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:28 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33216
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jun 2020 22:23:28 GMT
ra.js
analytics.iwatchfactory.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.iwatchfactory.com/ra.js?v=30
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
logoSMALL-global.gif
ro89.com/ro89/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/ro89/logoSMALL-global.gif
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2095d5077e151b8861ec8d8a1a19d5721f5ef19f06905196f8d07b35aec3730f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:06 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f2-c9e"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/gif
status
200
cache-control
max-age=31536000
content-length
3230
expires
Sat, 12 Jun 2021 22:23:29 GMT
a.php
ro89.com/ 		655 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/a.php?a=textlinks&l=&g=0
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f1d707c5dd963d1ad3dc95d5b4e2464a7e55ef2d07d55e381e4b2a691c369318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
text/html; charset=UTF-8
error.png
ro89.com/ro89/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/ro89/error.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
804446bc8dc34f244c1759ee41a21777a5e1da332dad15ff45f556ad18744563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:06 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f2-18bc9"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
101321
expires
Sat, 12 Jun 2021 22:23:29 GMT
a.php
ro89.com/ 		933 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/a.php?a=content&l=&g=0
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
10dcc457c9fa27a9d7d2987260877d83c9a630e43c570e435b4f469e2e5bff38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
text/html; charset=UTF-8
rta.jpg
ro89.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/rta.jpg
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b2bdfd2bf0b07d200095e3823df319a8a7fc1b878dd338c8eaead436075acf98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-433"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/jpeg
status
200
cache-control
max-age=31536000
content-length
1075
expires
Sat, 12 Jun 2021 22:23:29 GMT
b25.js
ro89.com/javascript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/b25.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ad5a11ce2322040b29128b097068095c6654185c869e102d63bd0c142ead7f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-b47"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
jquery.min.js
ro89.com/javascript/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/jquery.min.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-1787d"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
a.js
ro89.com/javascript/ 		140 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/a.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e1198fdf793397003c4b656cc6c43534ec855ae6dcaa3073e4dd081bb342b104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-8c"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
easing.js
ro89.com/javascript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/easing.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0538cd4eca0bf3683a1605957ef5808274b44ef189093d4a1a1abb29846b6da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-d7e"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
jquery.cookie.js
ro89.com/javascript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/jquery.cookie.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f45b1289d5456fe8130e93da89ab13e33a724c8b8209dabd69bf91fc68160c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-6ca"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
jquery.storageapi.min.js
ro89.com/javascript/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/jquery.storageapi.min.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
43a2f6cb007e0e22734c9af295fad2495e93754491cb82e684edf6f85d60ada0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-1908"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
jquery.ui.totop.js
ro89.com/javascript/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/jquery.ui.totop.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
70ce3ed2af878671e0c2a6486e3fe5bed239315aeb80b5ff7384225c1c2a2164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-4b9"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
typeahead.bundle.min.js
ro89.com/javascript/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/typeahead.bundle.min.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1566e01d794e3a50d5ef529b84d780943cd4323cbed0d7bd8fb8cd3e37445b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-6fe5"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
layout.js
ro89.com/javascript/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/layout.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
52eb15ca8b9e681887897b65f6f5a0d1e3fa895283d29cc7fa8019327cfbb6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-17ac"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
lang.js
ro89.com/javascript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/lang.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0e82caa1a1dc27e0b54e9da9819f569c253c0eff8b542ba948b148cb81295c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-6e3"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
style.css
ro89.com/css/basic/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro89.com/css/basic/style.css
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
91c48598960eda38bb47f481b45e97650b3e03da4a75faf9015ecd38f00b8a7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:01 GMT
server
nginx
etag
W/"5a1eb8ed-b0e"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
text/css
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
jquery.jeegoopopup.js
ro89.com/javascript/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/jquery.jeegoopopup.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1da1a5c7fe01bfee1b270050a9e230c5ea7c3f5c2a337ccc8d7a274996693e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-2c75"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
adm.js
ro89.com/javascript/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro89.com/javascript/adm.js
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
32456b37900d622a113e9b555d7aa318cf2fbbc41858e1722137d1a0165d1028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
etag
W/"5a1eb8f1-76c"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Sat, 12 Jun 2021 22:23:29 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-735188-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6231
date
Fri, 12 Jun 2020 20:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 12 Jun 2020 22:39:38 GMT
gtm.js
www.googletagmanager.com/ 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBXLBWL
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
772554b5ed95af3ebfef056772b42f6d8339b6941e93ac9f7e13e7bcdbcd04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26987
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jun 2020 22:23:29 GMT
top-back.png
ro89.com/ro89/ 		122 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/ro89/top-back.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1e8d707f0195cae56f40cfc350164c2929414d9b34e9081ad66928185b3eed8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:06 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f2-7a"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
122
expires
Sat, 12 Jun 2021 22:23:29 GMT
flags.png
ro89.com/ro89/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/ro89/flags.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
56ddc6c8fa6f813b827301effa4a1540bd6104869bf4ee9f945e97674ab1726f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:06 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f2-1748"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
5960
expires
Sat, 12 Jun 2021 22:23:29 GMT
dices.jpg
ro89.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/dices.jpg
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9a73ca82834682b731596c44fc905fb48852d331f38d3bb0e52209ab66681db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-61b"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/jpeg
status
200
cache-control
max-age=31536000
content-length
1563
expires
Sat, 12 Jun 2021 22:23:29 GMT
div.jpg
ro89.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/div.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd961efecf38f0dbe96083c80efd52b3b0f68a6569fad9e90cd94ef4884c8469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-856"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/jpeg
status
200
cache-control
max-age=31536000
content-length
2134
expires
Sat, 12 Jun 2021 22:23:29 GMT
div_rotated.jpg
ro89.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/div_rotated.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d901e1ad3194aaa3f35490c4860793bfda942721ddeb7d75ecd369729264dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-810"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/jpeg
status
200
cache-control
max-age=31536000
content-length
2064
expires
Sat, 12 Jun 2021 22:23:29 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=550707226&t=pageview&_s=1&dl=https%3A%2F%2Fro89.com%2Fq%2F13-yo-preteen-underage-teen-sex-pthc-2-21&ul=en-us&de=UTF-8&dt=Sorry%20-%20Your%20Search%20Did%20Not%20Match%20Any%20Documents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2009981709&gjid=1713252705&cid=1885105045.1592000609&tid=UA-735188-3&_gid=1574666356.1592000609&_r=1&gtm=2ou640&z=43800241
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ro89.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jun 2020 22:23:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
3d0f5b665c5c46a4a463f9bc21d532df.html
tsyndicate.com/iframes2/ Frame 1BC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tsyndicate.com/iframes2/3d0f5b665c5c46a4a463f9bc21d532df.html?
Requested by
Host: ro89.com
URL: https://ro89.com/a.php?a=content&l=&g=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:336b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
tsyndicate.com
:scheme
https
:path
/iframes2/3d0f5b665c5c46a4a463f9bc21d532df.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ro89.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ro89.com/

Response headers

status
200
date
Fri, 12 Jun 2020 22:23:29 GMT
content-type
text/html; charset=utf-8
content-length
5325
set-cookie
__cfduid=d76c82cd776c75113fb0e2cb68ceef51a1592000609; expires=Sun, 12-Jul-20 22:23:29 GMT; path=/; domain=.tsyndicate.com; HttpOnly; SameSite=Lax bfq=e0SIEaFjSwwcN3LAwCGjCwsRYwoefCiizMQYNXLIYHgDBowcXfoo; expires=Sat, 13 Jun 2020 22:23:29 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None ts_uid=da21f167-0152-4da9-be80-8f347c42ab01; expires=Wed, 12 Jun 2030 22:23:29 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None ts_s=a22b070f-77c5-4b15-9e99-f9dd162a7690; expires=Fri, 12 Jun 2020 22:23:29 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
vary
*
link
<https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id
5a26f9fefe500eb3-FRA
x-robots-tag
none noindex, nofollow
cf-cache-status
DYNAMIC
cf-request-id
034c3a935b00000eb3c7bb6200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a26f9fefe500eb3-FRA
iframe.php
a.realsrv.com/ Frame 2F0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/iframe.php?idzone=3887966&size=300x250
Requested by
Host: ro89.com
URL: https://ro89.com/a.php?a=content&l=&g=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
a.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ro89.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ro89.com/

Response headers

Date
Fri, 12 Jun 2020 22:23:29 GMT
Connection
Keep-Alive
Cache-Control
max-age=10800
Content-Encoding
gzip
Content-Length
1105
Content-Type
text/html; charset=UTF-8
Accept-Ranges
bytes
X-HW
1592000609.dop052.fr8.t,1592000609.cds055.fr8.shn,1592000609.dop052.fr8.t,1592000609.cds140.fr8.c
Cookie set adshow.php
adserver.juicyads.com/ Frame 6375 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adserver.juicyads.com/adshow.php?adzone=850861
Requested by
Host: ro89.com
URL: https://ro89.com/a.php?a=content&l=&g=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.126 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.4.20
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ro89.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ro89.com/

Response headers

Server
nginx
Date
Fri, 12 Jun 2020 22:23:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.4.20
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=634cd5b31ddde349a1be52b5cd02a48e; expires=Sat, 12-Jun-2021 22:23:29 GMT; path=/; domain=.juicyads.com imps78=1; expires=Sat, 13-Jun-2020 22:23:29 GMT; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjU4MDcxMjtpOjE1OTIyNTk4MDk7fQ%3D%3D; expires=Mon, 15-Jun-2020 22:23:29 GMT; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 15-Jun-2020 22:23:29 GMT; domain=juicyads.com
Content-Encoding
gzip
footer.png
ro89.com/img/ 		230 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/footer.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
bfaedc5e6863cab8dd180077487f448a68a64e269b003daa0583ff631c6dd59f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-e6"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
230
expires
Sat, 12 Jun 2021 22:23:29 GMT
footer-header.png
ro89.com/img/ 		283 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/footer-header.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
afc9e710bc494d0ffb0a321befd0643d11c8aa5e9451c8f843e581d0f5cf2ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-11b"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
283
expires
Sat, 12 Jun 2021 22:23:29 GMT
footer-divider.png
ro89.com/img/ 		232 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/footer-divider.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
284bab55ae18c7853f91275b78150b53307f06ffa9c4035560e78ace8961bb16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-e8"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
232
expires
Sat, 12 Jun 2021 22:23:29 GMT
footer-underline.png
ro89.com/img/ 		167 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro89.com/img/footer-underline.png
Requested by
Host: ro89.com
URL: https://ro89.com/q/13-yo-preteen-underage-teen-sex-pthc-2-21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.75.199.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6566ac896ff6673fbe6039c08adf252814295f361b2b9b8d97fdbbb85f7b6f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Referer
https://ro89.com/css/c4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 22:23:29 GMT
last-modified
Wed, 29 Nov 2017 13:41:05 GMT
server
nginx
accept-language
bytes
etag
"5a1eb8f1-a7"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
image/png
status
200
cache-control
max-age=31536000
content-length
167
expires
Sat, 12 Jun 2021 22:23:29 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| ra object| raData object| gaplugins object| gaGlobal object| gaData boolean| user_typed_something function| getValue function| myKeyDown function| myIndexKeyDown function| doSearch function| doFilter function| doGenre function| doIndexSearch object| extMouseOn object| extThumb object| extStatic function| extRotatethumb function| extLoadthumb function| extStart function| extEnd string| vwd_txt function| formatDateDiff function| $ function| jQuery object| cookieStorage function| Bloodhound function| alignThumbs function| updateTime object| r number| now object| jQuery111008617505653351736

12 Cookies

Domain/Path Name / Value
.juicyads.com/ Name: juicy_data
Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
.juicyads.com/ Name: juicy_data_1
Value: YToxOntpOjU4MDcxMjtpOjE1OTIyNTk4MDk7fQ%3D%3D
.realsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225ee400613fb9f7.180310291634595894%22%3B%7D
.tsyndicate.com/ Name: ts_uid
Value: da21f167-0152-4da9-be80-8f347c42ab01
.juicyads.com/ Name: surferid
Value: 634cd5b31ddde349a1be52b5cd02a48e
ro89.com/ Name: layout
Value: null
.ro89.com/ Name: _gat_gtag_UA_735188_3
Value: 1
.ro89.com/ Name: _gid
Value: GA1.2.1574666356.1592000609
.tsyndicate.com/ Name: bfq
Value: e0SIEaFjSwwcN3LAwCGjCwsRYwoefCiizMQYNXLIYHgDBowcXfoo
.ro89.com/ Name: _ga
Value: GA1.2.1885105045.1592000609
.juicyads.com/ Name: imps78
Value: 1
.ro89.com/ Name: __v
Value: 5772c4a8ff55795dd2d6b5ee10bc1462

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
adserver.juicyads.com
analytics.iwatchfactory.com
ro89.com
tsyndicate.com
www.google-analytics.com
www.googletagmanager.com
185.94.236.126
2001:4de0:ac19::1:b:2a
2606:4700::6811:336b
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2008
94.75.199.80
0538cd4eca0bf3683a1605957ef5808274b44ef189093d4a1a1abb29846b6da2
0d901e1ad3194aaa3f35490c4860793bfda942721ddeb7d75ecd369729264dc9
10dcc457c9fa27a9d7d2987260877d83c9a630e43c570e435b4f469e2e5bff38
1566e01d794e3a50d5ef529b84d780943cd4323cbed0d7bd8fb8cd3e37445b16
1da1a5c7fe01bfee1b270050a9e230c5ea7c3f5c2a337ccc8d7a274996693e17
1e8d707f0195cae56f40cfc350164c2929414d9b34e9081ad66928185b3eed8b
2095d5077e151b8861ec8d8a1a19d5721f5ef19f06905196f8d07b35aec3730f
284bab55ae18c7853f91275b78150b53307f06ffa9c4035560e78ace8961bb16
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32456b37900d622a113e9b555d7aa318cf2fbbc41858e1722137d1a0165d1028
437e5f39ed3a8237687ac52c15362be87d7f59cf06c96cea39c489ebda046f81
43a2f6cb007e0e22734c9af295fad2495e93754491cb82e684edf6f85d60ada0
52eb15ca8b9e681887897b65f6f5a0d1e3fa895283d29cc7fa8019327cfbb6ed
56ddc6c8fa6f813b827301effa4a1540bd6104869bf4ee9f945e97674ab1726f
57ba6a52c19681f6a363dc80917580cc550d64e0816c0b198375a168edb9163e
6566ac896ff6673fbe6039c08adf252814295f361b2b9b8d97fdbbb85f7b6f90
70ce3ed2af878671e0c2a6486e3fe5bed239315aeb80b5ff7384225c1c2a2164
772554b5ed95af3ebfef056772b42f6d8339b6941e93ac9f7e13e7bcdbcd04ac
804446bc8dc34f244c1759ee41a21777a5e1da332dad15ff45f556ad18744563
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91c48598960eda38bb47f481b45e97650b3e03da4a75faf9015ecd38f00b8a7c
9a73ca82834682b731596c44fc905fb48852d331f38d3bb0e52209ab66681db0
ad5a11ce2322040b29128b097068095c6654185c869e102d63bd0c142ead7f04
afc9e710bc494d0ffb0a321befd0643d11c8aa5e9451c8f843e581d0f5cf2ff5
b0e82caa1a1dc27e0b54e9da9819f569c253c0eff8b542ba948b148cb81295c8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2bdfd2bf0b07d200095e3823df319a8a7fc1b878dd338c8eaead436075acf98
bfaedc5e6863cab8dd180077487f448a68a64e269b003daa0583ff631c6dd59f
c93fe4397c75832f251548e35290bfe188a7dd631d75e4b5f6a770d532fe28a6
cd961efecf38f0dbe96083c80efd52b3b0f68a6569fad9e90cd94ef4884c8469
e1198fdf793397003c4b656cc6c43534ec855ae6dcaa3073e4dd081bb342b104
f1d707c5dd963d1ad3dc95d5b4e2464a7e55ef2d07d55e381e4b2a691c369318
f45b1289d5456fe8130e93da89ab13e33a724c8b8209dabd69bf91fc68160c15