Submitted URL: http://rojadirectaa.org/
Effective URL: https://rojadirectaa.org/
Submission: On April 10 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 27 HTTP transactions. The main IP is 91.224.59.128, located in Czech Republic and belongs to FIBERTEL-AS # upstreams, CZ. The main domain is rojadirectaa.org.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.
This is the only time rojadirectaa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 rojadirectaa.org
rojadirectaa.org
130 KB
7 google.com
apis.google.com — Cisco Umbrella Rank: 279
developers.google.com — Cisco Umbrella Rank: 18161
accounts.google.com — Cisco Umbrella Rank: 63
111 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1784
syndication.twitter.com — Cisco Umbrella Rank: 2204
31 KB
2 tumblebit.org
tumblebit.org — Cisco Umbrella Rank: 477047
34 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
ajax.googleapis.com — Cisco Umbrella Rank: 746
34 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1879
254 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 licensebuttons.net
licensebuttons.net — Cisco Umbrella Rank: 41637
2 KB
1 creativecommons.org
i.creativecommons.org — Cisco Umbrella Rank: 45808
234 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
98 KB
27 10
Domain Requested by
9 rojadirectaa.org rojadirectaa.org
4 platform.twitter.com rojadirectaa.org
platform.twitter.com
4 apis.google.com 1 redirects rojadirectaa.org
apis.google.com
2 developers.google.com 1 redirects apis.google.com
2 tumblebit.org rojadirectaa.org
1 syndication.twitter.com rojadirectaa.org
1 region1.google-analytics.com www.googletagmanager.com
1 accounts.google.com apis.google.com
1 www.facebook.com rojadirectaa.org
1 licensebuttons.net rojadirectaa.org
1 i.creativecommons.org 1 redirects
1 www.googletagmanager.com rojadirectaa.org
1 ajax.googleapis.com rojadirectaa.org
1 fonts.googleapis.com rojadirectaa.org
27 14
Subject Issuer Validity Valid
rojadirectaa.org
R3
2024-02-07 -
2024-05-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
tumblebit.org
E1
2024-02-18 -
2024-05-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-19 -
2024-04-18
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
accounts.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
syndication.twitter.com
R3
2024-04-07 -
2024-07-06
3 months crt.sh

This page contains 6 frames:

Primary Page: https://rojadirectaa.org/
Frame ID: 68358AC33D63E7F7B3D8888D7DB23A13
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rojadirectaa.org%2F&width=150&height=65&colorscheme=light&layout=box_count&action=like&show_faces=false&send=false
Frame ID: 9B08547F2CAEAC63A4C67A9105D32F06
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Frojadirectaa.org
Frame ID: DA46272A87DADF726010EDD9DB0BF37F
Requests: 1 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 39338DA08A1228C57EE492F2FD1BA9C9
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frojadirectaa.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.PT2LYyxL5zI.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q%2Fm%3D__features__
Frame ID: 009AB0F5C28394EB0CA9E7140BBF2279
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 31F71FF88AF288CA2531CAD0C873BD82
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ROJADIRECTA TV: Live Sports Streaming by Roja Directa

Page URL History Show full URLs

  1. http://rojadirectaa.org/ HTTP 307
    https://rojadirectaa.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Basket

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

440 kB
Transfer

1024 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rojadirectaa.org/ HTTP 307
    https://rojadirectaa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png HTTP 301
  • https://licensebuttons.net/l/by-nc-nd/3.0/88x31.png
Request Chain 19
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=https%3A%2F%2Frojadirectaa.org&url=https%3A%2F%2Frojadirectaa.org%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.PT2LYyxL5zI.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q%2Fm%3D__features__ HTTP 301
  • http://developers.google.com/ HTTP 301
  • https://developers.google.com/

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rojadirectaa.org/
Redirect Chain
  • http://rojadirectaa.org/
  • https://rojadirectaa.org/
17 KB
5 KB
Document
General
Full URL
https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
790b1d2524410e22545c5203e9354acd7c8fb7bda5ab22eecee60a05d94a851f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Apr 2024 17:08:26 GMT
Front-End-Https
on
Server
nginx/1.18.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
DENY

Redirect headers

Location
https://rojadirectaa.org/
Non-Authoritative-Reason
HttpsUpgrades
style.css
rojadirectaa.org/style/
6 KB
6 KB
Stylesheet
General
Full URL
https://rojadirectaa.org/style/style.css
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
b9eaeea1d661cf7e917bc3647d6f09e86c689308aec3912b7344a9b6f5004a31

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:50 GMT
Server
nginx/1.18.0
ETag
"18ac-602e83ed3cc80"
Vary
Accept-Encoding
Front-End-Https
on
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6316
css
fonts.googleapis.com/
399 B
717 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poller+One
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00fbeaf0fbd9272f22576487e348d7d960b4eb8fe33aeee6da25426db12626fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Apr 2024 17:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 17:08:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Apr 2024 17:08:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 04:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 04:51:10 GMT
plusone.js
apis.google.com/js/
55 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
721317d8a9adb17ce1f9aa50a65bcd4e3e6b81acf4d95d6f56f5e6dd9e20a51b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2024 17:08:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d3e94f9844e37bab"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 17:08:26 GMT
functions.js
rojadirectaa.org/js/
927 B
1 KB
Script
General
Full URL
https://rojadirectaa.org/js/functions.js
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
d1be67b1e8d3e142752406bd5d83a164d20a15c3f238520859a0a0347205954d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:50 GMT
Server
nginx/1.18.0
ETag
"39f-602e83ed3cc80"
Vary
Accept-Encoding
Front-End-Https
on
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
927
switchmenu.js
rojadirectaa.org/js/
2 KB
3 KB
Script
General
Full URL
https://rojadirectaa.org/js/switchmenu.js
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
d05b53e2a7bbe160d54c210b58372f9fbc1e29b6662c6432aaab0abab4be65b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:50 GMT
Server
nginx/1.18.0
ETag
"9c8-602e83ed3cc80"
Vary
Accept-Encoding
Front-End-Https
on
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2504
script.packed.js
tumblebit.org/
69 KB
28 KB
Script
General
Full URL
https://tumblebit.org/script.packed.js?v=12112804
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339a7a44b9d1a118be0314bfc876cb9c4d6e9c4298e7ab8c66bedd55bd6d8049

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 17:08:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 23:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6205
etag
W/"11372-603b3880b08a9"
vary
Accept-Encoding
front-end-https
on
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVmdjT%2BU2wafrFis4kuiFprWlWcnHeUoEvcJC%2BflXNKBo0MKO%2FOzKmNp%2BZDqCe19rjwP%2FDyE4oZvp4HwcaIThDwoBZntuYBVFzrtlzsg7yf%2FGM9nJTePJUC6QICUxtywpiHruVldOrsee2Lq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
872456c19f76037c-FRA
alt-svc
h3=":443"; ma=86400
license.packed.js
tumblebit.org/
19 KB
7 KB
Script
General
Full URL
https://tumblebit.org/license.packed.js?v=12112804
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329cf24b96d830a5868797e0e18fa06004a20f343691b593c87e1aed717e63ce

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 17:08:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Aug 2023 03:01:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6205
etag
W/"4b28-603b68e8efb2d"
vary
Accept-Encoding
front-end-https
on
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJ7DtP5OXB%2B2AOH%2F345RF%2F8ciEhiLtZcEWNCidzjqM%2FQh5G%2FDd1bHRqgc1wpgBPi6aNDlXrNNNzwQsF3hxDU7y3sYYH73nlJYU8EYZqkFuCugFpKtvBQmpszhm9dTKcBtoFSHHBpyNCatx6w"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
872456c19f78037c-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
293 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-24782B7L0R
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77bfbb7488f930ce2b7f9a97932f8bc3eadd69612f3409fef7d418e19992cdc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 17:08:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100117
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Apr 2024 17:08:26 GMT
rojaboy.jpg
rojadirectaa.org/img/
51 KB
52 KB
Image
General
Full URL
https://rojadirectaa.org/img/rojaboy.jpg
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
f212887cbe167350ee09abbf4eac6629b7211f95010da2757deffb8aa0152a69

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:49 GMT
Server
nginx/1.18.0
ETag
"cd0c-602e83ec48a40"
Front-End-Https
on
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52492
rojaboym.jpg
rojadirectaa.org/img/
37 KB
38 KB
Image
General
Full URL
https://rojadirectaa.org/img/rojaboym.jpg
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
eeac0a40eafb72bb0c5b662b51d5c4e6804d6380d79bce309304b9407b9a9861

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:49 GMT
Server
nginx/1.18.0
ETag
"9516-602e83ec48a40"
Front-End-Https
on
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38166
rojalogo.gif
rojadirectaa.org/img/
13 KB
13 KB
Image
General
Full URL
https://rojadirectaa.org/img/rojalogo.gif
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
c2cfcc49952c8b67736f73ae70c94d3285b71c7e20b228efab4e1869f4d36dd0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:49 GMT
Server
nginx/1.18.0
ETag
"3374-602e83ec48a40"
Front-End-Https
on
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
rojalogom.gif
rojadirectaa.org/img/
8 KB
9 KB
Image
General
Full URL
https://rojadirectaa.org/img/rojalogom.gif
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
375e049eef83db2edcf539cc24b56c27e99085da284729dfa0fdd227fcd3c086

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:49 GMT
Server
nginx/1.18.0
ETag
"2148-602e83ec48a40"
Front-End-Https
on
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8520
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
HTTP/1.1
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7A) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Content-Encoding
gzip
Age
524
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6B7A)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
88x31.png
licensebuttons.net/l/by-nc-nd/3.0/
Redirect Chain
  • https://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png
  • https://licensebuttons.net/l/by-nc-nd/3.0/88x31.png
1 KB
2 KB
Image
General
Full URL
https://licensebuttons.net/l/by-nc-nd/3.0/88x31.png
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Server
2606:4700:10::ac43:73f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2485868f73dbed3d5ea3350e36e478e835c064bb5d4c2b20b1fa14c845d0e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rojadirectaa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 17:08:26 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1308
cf-polished
origSize=5281
content-length
1525
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
etag
"5eab4a31-14a1"
x-frame-options
deny
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
872456c25e3b913a-FRA

Redirect headers

date
Wed, 10 Apr 2024 17:08:26 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
535
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html
location
https://licensebuttons.net/l/by-nc-nd/3.0/88x31.png
cf-ray
872456c20c8f9948-FRA
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.PT2LYyxL5zI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q/
157 KB
55 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.PT2LYyxL5zI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f39b50178049c1c98694c76d6221cd6d035f9f4902153d445e3f5698dd61c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 18:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55825
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 19:06:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Apr 2025 18:20:15 GMT
like.php
www.facebook.com/plugins/ Frame 9B08
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rojadirectaa.org%2F&width=150&height=65&colorscheme=light&layout=box_count&action=like&show_faces=false&send=false
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rojadirectaa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Wed, 10 Apr 2024 17:08:26 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2765, tp=-1, tpl=-1, uplat=29, ullat=0
x-fb-debug
DpdET+fraBnFfyw4Dgh7057i/brgm1bxzLqa1ETZ+P9q72fuQbaKjc5x58D3v7oFdn4973r+MPUqlQJ6ERUG3w==
x-xss-protection
0
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame DA46
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Frojadirectaa.org
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash

Request headers

Referer
https://rojadirectaa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1436698
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2024 17:08:26 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.PT2LYyxL5zI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q/
100 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.PT2LYyxL5zI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5960ef8b6f636b3ac484de9d795d819026ca03c562bcaf6cf4d53cfa56565ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 18:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35271
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 19:06:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Apr 2025 18:20:15 GMT
/
developers.google.com/ Frame 3933
Redirect Chain
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=https%3A%2F%2Frojadirectaa.org&url=https%3A%2F%2Frojadirectaa.org%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fj...
  • http://developers.google.com/
  • https://developers.google.com/
0
0
Document
General
Full URL
https://developers.google.com/
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-dX3FRJnK7piDhFLlbWE3BSJol9Lkmd' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
31272
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-dX3FRJnK7piDhFLlbWE3BSJol9Lkmd' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 17:08:28 GMT
expires
0
last-modified
Tue, 26 Mar 2024 21:14:11 GMT
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Cookie Accept-Encoding
x-cloud-trace-context
17dab4903811ae8e885ef921a1fe132b
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Wed, 10 Apr 2024 17:08:26 GMT
Location
https://developers.google.com/
Server
Google Frontend
X-Cloud-Trace-Context
b94ade8f9c1b1b4d4341cbbe0893d01c
postmessageRelay
accounts.google.com/o/oauth2/ Frame 009A
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frojadirectaa.org&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.PT2LYyxL5zI.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.PT2LYyxL5zI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9MCqrKrBCpgxaD63EGW8M-xbIC-Q/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o5QCvK46KqWlWcBGZ9BNqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rojadirectaa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-o5QCvK46KqWlWcBGZ9BNqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Wed, 10 Apr 2024 17:08:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-24782B7L0R&gtm=45je4480v9138406733za200&_p=1712768906531&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=602474833.1712768907&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712768906&sct=1&seg=0&dl=https%3A%2F%2Frojadirectaa.org%2F&dt=ROJADIRECTA%20TV%3A%20Live%20Sports%20Streaming%20by%20Roja%20Directa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=918
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24782B7L0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 17:08:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rojadirectaa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA2) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:26 GMT
Content-Encoding
gzip
Age
1436669
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (amb/6BA2)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 31F7
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B73) /
Resource Hash

Request headers

Referer
https://rojadirectaa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1436688
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2024 17:08:26 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B73)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
294 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Frojadirectaa.org%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1712768906900%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3b3999859dc8beb068b3b611c9ea7bd67aeeacc0
Requested by
Host: rojadirectaa.org
URL: https://rojadirectaa.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
109
date
Wed, 10 Apr 2024 17:08:26 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 10 Apr 2024 17:08:27 GMT
server
tsa_f
vary
Origin
content-type
image/gif
x-transaction-id
01d1d299c798990b
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
3642c78176f5e1b715763e223d919bd36ef3ec84683132ad97b411551feb9c77
content-length
43
favicon.ico
rojadirectaa.org/
3 KB
3 KB
Other
General
Full URL
https://rojadirectaa.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.224.59.128 , Czech Republic, ASN50833 (FIBERTEL-AS # upstreams, CZ),
Reverse DNS
ip-91-224-58-128.fibtel.net
Software
nginx/1.18.0 /
Resource Hash
7fbfb5319fa8d2b900e1d5b4d8ffe6fa02e7e04f3e9757e421f4261b0d1c34b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rojadirectaa.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 17:08:28 GMT
Last-Modified
Mon, 14 Aug 2023 20:52:40 GMT
Server
nginx/1.18.0
ETag
"cbe-602e83e3b3600"
Front-End-Https
on
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3262

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| $ function| jQuery object| gapi object| ___jsl function| randomFromInterval function| getCookie function| setCookie function| checkCookie string| persistmenu string| persisttype function| SwitchMenu function| get_cookie function| onloadfunction function| savemenustate function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 string| popns function| N4kk object| BetterJsPop number| Q68H0J function| W$fKE$ function| L4QO$ function| t5Cbq function| gtag object| dataLayer object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __twttrll object| twttr object| __twttr object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| offset

6 Cookies

Domain/Path Name / Value
rojadirectaa.org/ Name: id_reklam
Value: 9581
rojadirectaa.org/ Name: cas_zobrazeni
Value: 1712769086
rojadirectaa.org/ Name: expirace
Value: 1713068906
rojadirectaa.org/ Name: mametss
Value: not+important
.rojadirectaa.org/ Name: _ga
Value: GA1.1.602474833.1712768907
.rojadirectaa.org/ Name: _ga_24782B7L0R
Value: GS1.1.1712768906.1.0.1712768906.0.0.0

4 Console Messages

Source Level URL
Text
security warning URL: https://rojadirectaa.org/
Message:
Mixed Content: The page at 'https://rojadirectaa.org/' was loaded over HTTPS, but requested an insecure element 'http://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://rojadirectaa.org/
Message:
Mixed Content: The page at 'https://rojadirectaa.org/' was loaded over HTTPS, but requested an insecure script 'http://platform.twitter.com/widgets.js'. This content should also be served over HTTPS.
security warning URL: https://rojadirectaa.org/(Line 186)
Message:
Mixed Content: The page at 'https://rojadirectaa.org/' was loaded over HTTPS, but requested an insecure element 'http://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://apis.google.com/js/plusone.js(Line 62)
Message:
Mixed Content: The page at 'https://rojadirectaa.org/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1712768906575&_gfid=I0_1712768906575&parent=https%3A%2F%2Frojadirectaa.org&pfname=&rpctoken=37756695'. This content should also be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
apis.google.com
developers.google.com
fonts.googleapis.com
i.creativecommons.org
licensebuttons.net
platform.twitter.com
region1.google-analytics.com
rojadirectaa.org
syndication.twitter.com
tumblebit.org
www.facebook.com
www.googletagmanager.com
104.244.42.8
2001:4860:4802:32::36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:686
2606:4700:10::ac43:73f
2606:4700:3032::ac43:9bbc
2a00:1450:4001:803::200a
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c09::54
2a03:2880:f177:83:face:b00c:0:25de
91.224.59.128
00fbeaf0fbd9272f22576487e348d7d960b4eb8fe33aeee6da25426db12626fd
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1f2485868f73dbed3d5ea3350e36e478e835c064bb5d4c2b20b1fa14c845d0e4
329cf24b96d830a5868797e0e18fa06004a20f343691b593c87e1aed717e63ce
339a7a44b9d1a118be0314bfc876cb9c4d6e9c4298e7ab8c66bedd55bd6d8049
375e049eef83db2edcf539cc24b56c27e99085da284729dfa0fdd227fcd3c086
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
5f39b50178049c1c98694c76d6221cd6d035f9f4902153d445e3f5698dd61c74
721317d8a9adb17ce1f9aa50a65bcd4e3e6b81acf4d95d6f56f5e6dd9e20a51b
77bfbb7488f930ce2b7f9a97932f8bc3eadd69612f3409fef7d418e19992cdc7
790b1d2524410e22545c5203e9354acd7c8fb7bda5ab22eecee60a05d94a851f
7fbfb5319fa8d2b900e1d5b4d8ffe6fa02e7e04f3e9757e421f4261b0d1c34b6
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b9eaeea1d661cf7e917bc3647d6f09e86c689308aec3912b7344a9b6f5004a31
c2cfcc49952c8b67736f73ae70c94d3285b71c7e20b228efab4e1869f4d36dd0
d05b53e2a7bbe160d54c210b58372f9fbc1e29b6662c6432aaab0abab4be65b8
d1be67b1e8d3e142752406bd5d83a164d20a15c3f238520859a0a0347205954d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5960ef8b6f636b3ac484de9d795d819026ca03c562bcaf6cf4d53cfa56565ea
eeac0a40eafb72bb0c5b662b51d5c4e6804d6380d79bce309304b9407b9a9861
f212887cbe167350ee09abbf4eac6629b7211f95010da2757deffb8aa0152a69