roatalt.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fax.hilti.at/file.html?cbbbbccczjZKcxKxZcGcHJctc8p8nckzFcbbbbc
Effective URL:
https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Submission: On November 10 via manual (November 10th 2022, 12:42:08 am UTC) from FR — Scanned from DK

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is roatalt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2022. Valid for: a year.

This is the only time roatalt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.217.116.70 199.217.116.70	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	176.223.109.114 176.223.109.114	396362 (LEASEWEB-...) (LEASEWEB-USA-NYC)
1 2	94.23.179.205 94.23.179.205	16276 (OVH) (OVH)
1 18	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:b158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
39	14

1 199.217.116.70 (St Louis, United States) 1 redirects

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: barton-blake.mistrustfuldevastate.org.uk

fax.hilti.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.223.109.114 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
PTR: vps14307.ua-hosting.company

loundee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.179.205 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip205.ip-94-23-179.eu

kngarie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

roatalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

roatalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:b158 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.55.126.207 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.roatalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushserve.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	roatalt.com 3 redirects roatalt.com beacon.roatalt.com	607 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3084 ka-f.fontawesome.com — Cisco Umbrella Rank: 5936	23 KB
2	pushserve.xyz pushserve.xyz — Cisco Umbrella Rank: 227708	2 KB
2	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 497684	5 KB
2	kngarie.com 1 redirects kngarie.com	1 KB
1	google.dk www.google.dk — Cisco Umbrella Rank: 19581	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	439 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	43 KB
1	loundee.com loundee.com	449 B
1	hilti.at 1 redirects fax.hilti.at	262 B
39	12

	Domain	Requested by
19	roatalt.com	2 redirects kngarie.com roatalt.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com roatalt.com
3	beacon.roatalt.com	1 redirects roatalt.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	pushserve.xyz	virtualpushplatform.com
2	virtualpushplatform.com	roatalt.com virtualpushplatform.com
2	kngarie.com	1 redirects loundee.com
1	www.google.dk
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	roatalt.com
1	kit.fontawesome.com	roatalt.com
1	loundee.com
1	fax.hilti.at	1 redirects
39	14

This site contains no links.

Subject Issuer	Validity	Valid
loundee.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-17` - `2023-08-17`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.virtualpushplatform.com E1	`2022-10-19` - `2023-01-17`	3 months	crt.sh
beacon.roatalt.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.dk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Frame ID: E93F81908AAC5F7BCA3B63EC5AEAA161
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Total

Page URL History Show full URLs

http://fax.hilti.at/file.html?cbbbbccczjZKcxKxZcGcHJctc8p8nckzFcbbbbc HTTP 302
https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124 Page URL
http://kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683 Page URL
http://kngarie.com/r2/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683/d... HTTP 302
https://roatalt.com/sf/tpl9?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a... HTTP 301
http://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-... HTTP 301
https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

39
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

701 kB
Transfer

2312 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fax.hilti.at/file.html?cbbbbccczjZKcxKxZcGcHJctc8p8nckzFcbbbbc HTTP 302
https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124 Page URL
http://kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683 Page URL
http://kngarie.com/r2/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683/d0700243-878c-48eb-a807-86a231e44d03/?fctr=0 HTTP 302
https://roatalt.com/sf/tpl9?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03 HTTP 301
http://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03 HTTP 301
https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fax.hilti.at/file.html?cbbbbccczjZKcxKxZcGcHJctc8p8nckzFcbbbbc HTTP 302
https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124

Request Chain 25

https://beacon.roatalt.com/g2/e0caed8f-1761-4470-9a8b-afa091237d91?item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03 HTTP 302
https://beacon.roatalt.com/s/957dd2e9-89fb-4fa9-b683-c42d58cbbde4?&requestid=CFll4H4jHo&destinationid=495645087&item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1_185-236-203-124
loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/
Redirect Chain

http://fax.hilti.at/file.html?cbbbbccczjZKcxKxZcGcHJctc8p8nckzFcbbbbc
https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124

155 B
449 B

859ms
238ms

Document
text/html

176.223.109.114
LEASEWEB-USA-NYC

General

Check archive.org

Show headers Download Go to

Full URL: https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.223.109.114 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS: vps14307.ua-hosting.company
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: da-DK,da;q=0.9

Response headers

Content-Length: 155
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Nov 2022 00:42:01 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Nov 2022 00:42:00 GMT
Location: https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124
Server: Apache

GET
H/1.1 200
OK 35_20002_2634683
kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/ 708 B
863 B 157ms
79ms Document
text/html 94.23.179.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683
Requested by: Host: loundee.com
URL: https://loundee.com/ff07aac7d0d608e000/35_20002_2634683/1909_2831074_4108894_15/1_185-236-203-124
Protocol: HTTP/1.1
Server: 94.23.179.205 , France, ASN16276 (OVH, FR),
Reverse DNS: ip205.ip-94-23-179.eu
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: da-DK,da;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 10 Nov 2022 00:42:02 GMT
Expires: Thu, 10 Nov 2022 00:42:02 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

Primary Request / Show response
roatalt.com/sf/tpl9/
Redirect Chain

http://kngarie.com/r2/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683/d0700243-878c-48eb-a807-86a231e44d03/?fctr=0
https://roatalt.com/sf/tpl9?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
http://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

14 KB
4 KB

94ms
92ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Requested by: Host: kngarie.com
URL: http://kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a07624449d64fd5fc81e2a512d1ff804fc4291362c3b1a42abaf943edba52b32

Request headers

Referer: http://kngarie.com/r/88689171-7af5-4a57-ac68-14935a740c06/470447/1286698826/35_20002_2634683
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: da-DK,da;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767abef75e6c9267-FRA
content-encoding: br
content-type: text/html
date: Thu, 10 Nov 2022 00:42:02 GMT
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=719Xnffm%2Bqhuh%2FMGFs7qUgaS9e8rxyea3FtZO1EVlBEi9oqO5thvlQo%2FVu9Cun7nTDOcKQQj9eJEzTDHUbKORoWwAFqJyA0h3eoY9F2egoK1tCdldoB3quC29SLfW8FzW55Of6KzgB%2BKNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 767abef70fd29b9e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 10 Nov 2022 00:42:02 GMT
Expires: Thu, 10 Nov 2022 01:42:02 GMT
Location: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALGIEoasZ4g4Ebm%2FgPLF%2B3Q%2BM%2Bv%2Bl0uY5CIJeutPxsX0gimaiM1ZYbyJE%2BGG3l%2FDHex8w8kjNKfGAyMwkoiRpr%2Be5wS%2FRmOhodqGg6SMMozFYvVqWVEX%2Bv7QO%2B7ujtR0XVi%2BJGk3pHA4iA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
4 KB 159ms
64ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 767abef89ab0bb95-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fvsu8M01hkStXOLxIyWi

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 224ms
81ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148357412-1

Requested by

Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7dde70c88be224c3f7c9e23b58ca2bd7fa0c344248ba851c2979b564e376cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43639
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:42:03 GMT

GET
H3 200 bundle.7f78845e1b13708eb4e9.css
roatalt.com/sf/tpl9/ 490 KB
63 KB 63ms
63ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roatalt.com/sf/tpl9/bundle.7f78845e1b13708eb4e9.css?t=1666019000505
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8edb60184023ad15f26531585b7d9b19589cab284514767c24cc2e198ae50bb

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 57221
etag: W/"634d6ee6-7a9a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZ2IJ0I1f3I1x4TYTPHy9ynHjjoJZzkrnMxTmbj1ifFPpO2KqvxVkhhce%2F4EFosOZFyFrIB5tI%2FdK%2BPe0eUGFyON9vLjP04OHzJZZKdN9kNCSnKR8rkGphzFwVPydBv8CCIY3PzsJHwK0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 767abef80f3b90ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-3.png
roatalt.com/sf/tpl9/public/ 3 KB
3 KB 256ms
253ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-3.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2891
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-b4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rijECAFM0vURRBEdsheFtoUptTnHE6DUFCUnCxMAhBSggDOUEAiFVBWDE4jCxsjfjpo2kD1sTTR9e5h2qtG0Oi%2BjzATJJ2xnN7Jr%2BuF0aYfIZoMUPx3DC6CXQiCmKk0eGh2bitSLWstjdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4890ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 like.png
roatalt.com/sf/tpl9/public/ 466 B
979 B 257ms
253ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/like.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 466
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-1d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j90Mf4mLFsL0ocISidrkElMs9fCkr8Ujc%2FboCpEGufWvS%2FqLr6ad5p6WlKMiJOcqgi%2FzUsuEsUK93ZBWfXXib8VkGyo5eBuHv9pXKCiFZRUf5WnmPDCi8856AsVq9dbkzWPieYGKj7ls3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4990ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-4.png
roatalt.com/sf/tpl9/public/ 2 KB
3 KB 257ms
254ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-4.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2542
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-9ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW3r4lGpJDk5niQu%2Bg9ZOZgCbNXllSRMeaoOSJZVz9ldepd7u79L5amWN7s5FdpThUtn0zbhJ0%2FnRvB4MA4cE21BIQIjd4K8NBMgzRrzLKYHA8IFR5KeQm00rDqLloOv4KjoawS2OP8SgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4a90ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-5.png
roatalt.com/sf/tpl9/public/ 2 KB
2 KB 257ms
254ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-5.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1691
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-69b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGN%2BwIH%2BbPEdKq2aZcSVGpd6cdq%2FkVtPtArBVSf7shzpcNNGOBdaY0sDM0FOi0I%2FartHQNf%2Fxv%2Bgx3Vjwk8ZQD8WrAvz3HYFg5secEpqXUy0r1UQDF5JIRPJ9A8I11EdukCMjytz4PGgrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4b90ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-6.png
roatalt.com/sf/tpl9/public/ 2 KB
3 KB 257ms
255ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-6.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2491
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-9bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AenSZUVGiITsqli3sDXYlQmFVNnQC6N9di2HJy%2FcohKHkKR2Cq30sccAvQ0%2BOqxDL2ON3%2BRKgLB4TVsrZzk%2BSt9OGsUaI%2BAgDnH20oaeymO5%2FBuBMuq7FXWdccqxxJioRxU7FVQoWNs31w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4c90ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-7.png
roatalt.com/sf/tpl9/public/ 3 KB
3 KB 257ms
255ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-7.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2997
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEStXlj0rT5IX5ZW%2FtFTI5u2abDA4bftZSNqjxVG4VgoM58kyAabh%2FTnJFSK2ooQfYZCkvWD1CEm1e7DBMrUlIWc0JsiUcpKFMKkqFKt%2FWJzURqQ6S%2BovPpEPrMGNV9tjGfBXhyT8%2FHq3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4d90ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-8.png
roatalt.com/sf/tpl9/public/ 4 KB
4 KB 258ms
255ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-8.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3700
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-e74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Phr5lAJQX%2Bjfb%2FxwGwPT805yCsTD1jf6fU28lsZb8AV%2BheR%2FLH2%2FayDqn2DD9iXJ4BrRIBJAm%2FYOgFCkoJZN%2BXvgwQ57kbzkwiZdp9WvVifNbp7tpcJfTbtGLkCUZN1m6mvsoeyk1xQqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f4e90ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-9.png
roatalt.com/sf/tpl9/public/ 3 KB
4 KB 258ms
256ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-9.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3286
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-cd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhh0gkpxsG%2BtYyzIjvvvrRyHCLFmv05F7v0JU2od%2FL4m%2FamAB%2F4GKbPFoFpUv6hmCK3t5tCw89rt%2B204Ztwy1miaCFXFo4%2F8Gqa%2Ffmlrc6GH2YZ66aU0Pq7R7%2BiH78h413QsFQQxhFEVDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f5090ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-10.png
roatalt.com/sf/tpl9/public/ 1 KB
2 KB 258ms
256ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-10.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1292
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-50c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r71LTATV0pXr5%2FY3%2B1AIOPTobkPZodcHcX7wvO5fihpOctGIkDO71Ts88AokPX%2Fgj1LlTlR07pVvxrTVpCgf7lUsk0JRZOGhomloNpA5frxRCwyuh0Syz9cGsU8yswdK5HvZPCfy9KSJJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f5190ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-11.png
roatalt.com/sf/tpl9/public/ 2 KB
3 KB 258ms
256ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-11.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2282
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-8ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVjIuEzFyCCfBdK9K7Huv06iO3EjMk6os2nolVKpPfvLT8GnJw0bJ7shCaAW17Fcy1KxLJOKfKoqsSZSKWkQ8MlHVj1TTS2HntgGmxSBQy3DeBlLdI7ktrn99DDIxakCHONeotNv09iJfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f5290ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 img-12.png
roatalt.com/sf/tpl9/public/ 875 B
1 KB 260ms
258ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/img-12.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 875
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-36b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwIt1ikTmsQ1QNb3rdWtpF7AanYcG0XRxqnUXcTyCiA5S%2BAeXH2BHhsL0C3M4gR4RrAL%2FeleF%2FfujWino1l3wXn1nwfLymQjhYMjYnKqkkT32gtoIZMVIoPwdxMJcLt6ra4JySvzig6fTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abef82f5390ae-FRA
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 8.f2527a54.chunk.js Show response
roatalt.com/sf/tpl9/js/ 327 KB
108 KB 132ms
131ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roatalt.com/sf/tpl9/js/8.f2527a54.chunk.js
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754a17e6b2226214fe74ac6e0d0ee0311e59803b2592af7a83c6c7931767dd17

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 57221
etag: W/"634d6ee6-51cd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBsC6m68y8zMu7JKQID9l1lopeSfDyYIcTWbXxZfmepapKaQx6clTGVbqP0HQFMXwZpE8MQegTKbMJq86kEcFyyTafpOhp0eYm2NNDBrxPx1DoMudz6yztYXiX05Iucq9RjzJEINePH5MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 767abef81f4490ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H3 200 app.f0944f7c.js Show response
roatalt.com/sf/tpl9/js/ 603 KB
112 KB 217ms
213ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roatalt.com/sf/tpl9/js/app.f0944f7c.js
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de71078a09c67bf1b8dd1c8636e6d4dc63099ac947089d4add3db1206154170

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?logo=total&item=ARFC&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 57221
etag: W/"634d6ee6-96cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4TYVzXl0lC1bFTUzYnVlZJk157KFUl7piBX58pu8qy6aLXuoziR%2BkR3QxMlIzzflYw%2F2I5R59QVxpVPmIoFg4pYSm7SJTgHtUGdaycRqHLSpWgOHY2oIXCaksRrQDGXuTAkqG4Ss19Pvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 767abef82f4790ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Nov 2023 08:48:19 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 145ms
50ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 56534
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ56ig0FE0KOhinD8kJ8dnu5Fqw%2BmqbAfGAu25ihTRtCeVtTr3AvlVO76tEoyoQ1L12S6DN6g1bNPsoR5ZF2hwujHeHQ0UMhUox97OvGJUmtTbm4zKzj0kkwkhTFyV%2FhhjfZhzGGloalrK1pZorDKcd9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 767abef9dab29113-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Gnm8EuiNC4gWpeBpbWX_UDvw_RtI-OW9zdbXz-7VZ5fS68dwkLH7VQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 149ms
55ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 56534
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meolBKvGoFUCwM24Fvaa0Fwyfr3yhRzPBUn7kfrDb40M2Z0OSsQcUxyyuBjYLqahqOe1la1pONU66wVzgDDnMX%2FMAJYIwefv74gkJwwtKq3QWfyEEK4iZmyj%2F6NX4jtnKsL65a2Tg7fE%2Frd8k%2FrSr0Hq6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 767abef9dab49113-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: E4t6Gg1LaY0Up_6ZdLusBxvHEbnr-rFr7ul6hps4dQfR4X0xu8Rczw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 142ms
48ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 56534
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKVmW%2B99Y7CEe7q%2F5CzrwQ%2FJ0y%2BSczQyG88xXcq05M2KNc0cCZDPuHsAGjBhNuR5l8j7q4hnKTBagaEEq10f%2B5%2FtfGxzQYboIUKVwifbWp18Jra5PJE3jRygfhEJ%2B4hRXDmGDXP3Y1kwvQpU8bfliPNxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 767abef9dab59113-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: n2uYpxxKnjtdX8WoiadN_pNFkLUHINzWJ7ae5SqggN7IxAGjdV0liA==

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 13 KB
5 KB 302ms
175ms Script
application/javascript 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/js/app.f0944f7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149476ac2535eb87b112c0aaeca8c89dd7f363368b9a8eca3dfe772a79aaa6fe

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 14 Oct 2022 17:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d8dff5d02c99a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDnx95W4wOehQ7yKU6glSts6vUPJBHj3T1YrYR80VfmQkaM1twGDGNsGZoQ2gZl4MyBHhUbvfdXCmKyGP7ovyeXFQ3BiiJnuMSKgSossc5SdVJqPwaYU9z0Nqsg6FPtuvR8ocC3Jd1HdcFn2YOo55VNAVbPdnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 767abefaf9199be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 summary Show response
beacon.roatalt.com/geo/ 129 B
584 B 392ms
128ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roatalt.com/geo/summary

Requested by

Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/js/8.f2527a54.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

32aecc3fac7b5024a4dfef289a2ca8b890167a2fdacff6bf0a887a9c1e3b1ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://roatalt.com/
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:02 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3 200 total.png
roatalt.com/sf/tpl9/public/total/ 55 KB
56 KB 49ms
49ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/total/total.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e12c838f79e572b5d5cf1d6789fb4096c2a0ecd9dabda99c700bba7b3dfde75

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56430
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-dc6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVhuf6gdZBZNCbwdreTPieIbDDSEKmA9GfBVh4G2tKvhhTcRvJu122JTQriU0v%2FPx%2FWksfG0Qsu8iBNOodxhGHs4PD2d1iHWqHBBzxyAWvGPS9BBCVqS81KRnLFQzxmep8YABWoTBiqtWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abefa697d90ae-FRA
expires: Thu, 09 Nov 2023 09:12:06 GMT

GET
H3 200 cart.png
roatalt.com/sf/tpl9/public/total/ 2 KB
2 KB 52ms
51ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roatalt.com/sf/tpl9/public/total/cart.png
Requested by: Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90d74b1fd4ab2e63c48188d1e5b865a6390ac75718aa470f0781ca8f97885312

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1568
last-modified: Mon, 17 Oct 2022 15:04:06 GMT
server: cloudflare
etag: "634d6ee6-620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKeYDTgguOIdhwSH0SwBlF8YyyDJ0NQg686lK60e6oAmqdS6niTucwKXkZKEKE3iWogYE6H%2BFCyFaqWDj3xx8UfNJvOsG1YbJ80zq0fnuYbjvCz58BQz5voQmlGkTd63K5pdj4Ch0IicAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767abefa698290ae-FRA
expires: Thu, 09 Nov 2023 09:12:06 GMT

GET
H2

200

957dd2e9-89fb-4fa9-b683-c42d58cbbde4 Show response
beacon.roatalt.com/s/
Redirect Chain

https://beacon.roatalt.com/g2/e0caed8f-1761-4470-9a8b-afa091237d91?item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
https://beacon.roatalt.com/s/957dd2e9-89fb-4fa9-b683-c42d58cbbde4?&requestid=CFll4H4jHo&destinationid=495645087&item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

302 KB
231 KB

190ms
190ms

XHR
text/plain

45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.roatalt.com/s/957dd2e9-89fb-4fa9-b683-c42d58cbbde4?&requestid=CFll4H4jHo&destinationid=495645087&item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

Requested by

Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

Protocol

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

acbdfa1d8253dd6d097df60b37a5c64653a03f6f4418385a321fb1a6afba5d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Thu, 10 Nov 2022 00:42:03 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date: Thu, 10 Nov 2022 00:42:02 GMT
strict-transport-security: max-age=2592000
server: Kestrel
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
location: https://beacon.roatalt.com/s/957dd2e9-89fb-4fa9-b683-c42d58cbbde4?&requestid=CFll4H4jHo&destinationid=495645087&item=ARFC&logo=total&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 207ms
66ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148357412-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4634
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 01:24:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 210ms
77ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=622756489&t=pageview&_s=1&dl=https%3A%2F%2Froatalt.com%2Fsf%2Ftpl9%2F%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&dr=http%3A%2F%2Fkngarie.com%2F&ul=en-us&de=UTF-8&dt=Total&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1291858154&gjid=1224823618&cid=1922919538.1668040924&tid=UA-148357412-1&_gid=334694228.1668040924&_r=1&gtm=2oub70&z=1759065444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roatalt.com/
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:42:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roatalt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 201ms
69ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=622756489&t=event&_s=2&dl=https%3A%2F%2Froatalt.com%2Fsf%2Ftpl9%2F%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&dr=http%3A%2F%2Fkngarie.com%2F&ul=en-us&de=UTF-8&dt=Total&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=%2Fsf%2Ftpl9&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1922919538.1668040924&tid=UA-148357412-1&_gid=334694228.1668040924&gtm=2oub70&z=243585493

Requested by

Host: roatalt.com
URL: https://roatalt.com/sf/tpl9/?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 19:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19516
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit Show response
pushserve.xyz/api/v1/ 1 KB
2 KB 256ms
255ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushserve.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1b95e45995da85bd1ba2c58965e1d99212ce2136806f3b29a7752eaf6dba07d6

Request headers

Referer: https://roatalt.com/
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 10 Nov 2022 00:42:03 GMT
server: Kestrel
content-length: 1491
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visit
pushserve.xyz/api/v1/ 0
0 219ms
65ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushserve.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roatalt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Thu, 10 Nov 2022 00:42:03 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 204ms
66ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-148357412-1&cid=1922919538.1668040924&jid=1291858154&gjid=1224823618&_gid=334694228.1668040924&_u=YEBAAUAAAAAAACAAI~&z=1755866585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dc7862e88f500d502f5472a4e3b23cd3ae9c1888a7bf4291c1aeb8bc8148dc37

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roatalt.com/
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 00:42:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roatalt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 227ms
78ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-148357412-1&cid=1922919538.1668040924&jid=1291858154&_u=YEBAAUAAAAAAACAAI~&z=1139044036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:42:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.dk/ads/ 42 B
501 B 248ms
80ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.dk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-148357412-1&cid=1922919538.1668040924&jid=1291858154&_u=YEBAAUAAAAAAACAAI~&z=1139044036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:42:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 222 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da5faaf501c546a81abcdce240475f09ea476dda9289c3d75efdd06c7adf35a

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Content-Type: image/png

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 69ms
69ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=622756489&t=event&_s=3&dl=https%3A%2F%2Froatalt.com%2Fsf%2Ftpl9%2F%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&dr=http%3A%2F%2Fkngarie.com%2F&dp=%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&ul=en-us&de=UTF-8&dt=Total&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fr-gender-pl&ea=view&el=%2Fsf%2Ftpl9&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1922919538.1668040924&tid=UA-148357412-1&_gid=334694228.1668040924&gtm=2oub70&z=1286539034

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 19:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19517
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 70ms
69ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=622756489&t=event&_s=4&dl=https%3A%2F%2Froatalt.com%2Fsf%2Ftpl9%2F%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&dr=http%3A%2F%2Fkngarie.com%2F&dp=0%3Fitem%3DARFC%26logo%3Dtotal%26session_id%3D18325fb3-20fb-4b88-bccb-5a83f858d838%26sub1%3D6JQU%26sub2%3D470447%26sub3%3Dd0700243-878c-48eb-a807-86a231e44d03&ul=en-us&de=UTF-8&dt=Total&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20started%20Survey%20Flow&ea=survey-flow-started&el=%2Fsf%2Ftpl9&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1922919538.1668040924&tid=UA-148357412-1&_gid=334694228.1668040924&gtm=2oub70&z=776058028

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://roatalt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 19:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19517
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0

OPTIONS
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 254ms
170ms Preflight 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roatalt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767abf027f3d9201-FRA
content-length: 0
date: Thu, 10 Nov 2022 00:42:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLv3kuJ4q8g%2BuyDBV33Dv0e3NDsWJ2EL4xQ4aqOQKxhA108M6VdtPILMgyljcRVbVISI6MQn3007TrMjhT6PxZwx%2Bn%2BsB6rO8OZT48xieDBBd47bNyuvCHGFPZsNENSoTdV2T6nsaStvw4lvlJetDCYP8gcDdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: virtualpushplatform.com
URL: https://virtualpushplatform.com/api/v1/visit/log-client-error

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
loundee.com/	1970-01-20 07:20:44	Name: uid22124 Value: 1286698826-20221109184201-df4c4c4f049bb0ec639965ed621cacd1-
.kngarie.com/	1970-01-20 07:20:41	Name: 20c0b1dd-30ac-4d22-9719-d9b3ad790930-check Value: d0700243-878c-48eb-a807-86a231e44d03
.virtualpushplatform.com/	1970-01-20 07:20:44	Name: TiPMix Value: 11.976589871691246
.virtualpushplatform.com/	1970-01-20 07:20:44	Name: x-ms-routing-name Value: self
.roatalt.com/	1970-01-20 16:56:40	Name: _ga Value: GA1.2.1922919538.1668040924
.roatalt.com/	1970-01-20 07:22:07	Name: _gid Value: GA1.2.334694228.1668040924
.roatalt.com/	1970-01-20 07:20:40	Name: _gat_gtag_UA_148357412_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://roatalt.com/sf/tpl9/0?item=ARFC&logo=total&session_id=18325fb3-20fb-4b88-bccb-5a83f858d838&sub1=6JQU&sub2=470447&sub3=d0700243-878c-48eb-a807-86a231e44d03 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.roatalt.com
fax.hilti.at
ka-f.fontawesome.com
kit.fontawesome.com
kngarie.com
loundee.com
pushserve.xyz
roatalt.com
stats.g.doubleclick.net
virtualpushplatform.com
www.google-analytics.com
www.google.com
www.google.dk
www.googletagmanager.com
virtualpushplatform.com
176.223.109.114
199.217.116.70
20.50.64.3
2606:4700:3032::ac43:b158
2606:4700::6812:1734
2606:4700:e6::ac40:cb1c
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c08::9b
2a06:98c1:3120::3
2a06:98c1:3121::3
45.55.126.207
94.23.179.205
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
149476ac2535eb87b112c0aaeca8c89dd7f363368b9a8eca3dfe772a79aaa6fe
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
1b95e45995da85bd1ba2c58965e1d99212ce2136806f3b29a7752eaf6dba07d6
1da5faaf501c546a81abcdce240475f09ea476dda9289c3d75efdd06c7adf35a
2de71078a09c67bf1b8dd1c8636e6d4dc63099ac947089d4add3db1206154170
2e17c79e1b4d86ddba5a9d2104902942db44f856a9fd63a137cf5deb35f56366
32aecc3fac7b5024a4dfef289a2ca8b890167a2fdacff6bf0a887a9c1e3b1ccc
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e12c838f79e572b5d5cf1d6789fb4096c2a0ecd9dabda99c700bba7b3dfde75
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
754a17e6b2226214fe74ac6e0d0ee0311e59803b2592af7a83c6c7931767dd17
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
90d74b1fd4ab2e63c48188d1e5b865a6390ac75718aa470f0781ca8f97885312
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
a07624449d64fd5fc81e2a512d1ff804fc4291362c3b1a42abaf943edba52b32
acbdfa1d8253dd6d097df60b37a5c64653a03f6f4418385a321fb1a6afba5d57
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c7dde70c88be224c3f7c9e23b58ca2bd7fa0c344248ba851c2979b564e376cd8
d8edb60184023ad15f26531585b7d9b19589cab284514767c24cc2e198ae50bb
dc7862e88f500d502f5472a4e3b23cd3ae9c1888a7bf4291c1aeb8bc8148dc37
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

roatalt.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

92 %HTTPS

67 %IPv6

12 Domains

14 Subdomains

14 IPs

5 Countries

701 kBTransfer

2312 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

roatalt.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

701 kB
Transfer

2312 kB
Size

7
Cookies

39 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!