Submitted URL: https://bit.ly/37Cj7cj
Effective URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vz...
Submission: On December 09 via manual from ES

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 172.67.131.94, located in United States and belongs to CLOUDFLARENET, US. The main domain is romaneti.vip.
This is the only time romaneti.vip was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 8.208.92.142 45102 (CNNIC-ALI...)
1 1 104.28.14.54 13335 (CLOUDFLAR...)
32 172.67.131.94 13335 (CLOUDFLAR...)
32 1
Apex Domain
Subdomains
Transfer
33 romaneti.vip
go.romaneti.vip
romaneti.vip
2 MB
1 afylod.com
207616.afylod.com
329 B
1 bit.ly
bit.ly
252 B
32 3
Domain Requested by
32 romaneti.vip romaneti.vip
1 go.romaneti.vip 1 redirects
1 207616.afylod.com 1 redirects
1 bit.ly 1 redirects
32 4

This site contains links to these domains. Also see Links.

Domain
nl.bitcoin-now.romaneti.vip
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Frame ID: 68DB62078BF9FEE58D6760900226989C
Requests: 32 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/37Cj7cj HTTP 301
    http://207616.afylod.com/news HTTP 302
    http://go.romaneti.vip/03hq HTTP 302
    http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJv... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

32
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

1
IPs

2
Countries

1544 kB
Transfer

1788 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/37Cj7cj HTTP 301
    http://207616.afylod.com/news HTTP 302
    http://go.romaneti.vip/03hq HTTP 302
    http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
romaneti.vip/
Redirect Chain
  • https://bit.ly/37Cj7cj
  • http://207616.afylod.com/news
  • http://go.romaneti.vip/03hq
  • http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc...
144 KB
29 KB
Document
General
Full URL
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3370c32498340228fb9e9d95451d2fe4aeca27f01802c8f894dc123b9938b9aa

Request headers

Host
romaneti.vip
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d314101099ccadc65f3b9124b8cd76acc1607540755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Vary
Accept-Encoding,User-Agent
CF-Cache-Status
DYNAMIC
cf-request-id
06ea7e62ce0000ce3f41113000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yTDwcVKBKngBhC1YT6gWtY1VbYrg%2BhH8u384ZXTREhHbVcVqgt3w9xW7uSB7x7%2FO2Y0oLysCEk3ncZGFIiSduucHyw9hdRLWnxz3xfI%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5ff10017ae41ce3f-LHR
Content-Encoding
gzip

Redirect headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=d314101099ccadc65f3b9124b8cd76acc1607540755; expires=Fri, 08-Jan-21 19:05:55 GMT; path=/; domain=.romaneti.vip; HttpOnly; SameSite=Lax
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Location
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Vary
User-Agent
CF-Cache-Status
DYNAMIC
cf-request-id
06ea7e625b0000e6181f869000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XHppZgzGV2Z3kJ1FL5sYkFij3X%2Bv%2BDH5588vVBtsqORiBwHoxnxHARkrVTOAKVE4sKOiqOm0fSLuRs%2BGVdA9gBSdElSTzeKoJHxH2s2mD44%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5ff10016f884e618-LHR
style.css
romaneti.vip/prelands/1557/css/
71 KB
13 KB
Stylesheet
General
Full URL
http://romaneti.vip/prelands/1557/css/style.css
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d37977d09770913b5e658d7469824f5a0c30b3463870141397320179864b46

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
12796
cf-request-id
06ea7e633f0000ce3fa4b60000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"11b74-5abb7996b9351-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yqSM2PoBfp67J896UsydIhmcxT3wkKR8K6AN11iQHRU88aaErx9puV2kWBlBl46G4KLliVaERUYukRpcUpeYpWskwHzGcmMHrOdHAcU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff100186fb9ce3f-LHR
new-orest-style.css
romaneti.vip/prelands/1557/css/
2 KB
1 KB
Stylesheet
General
Full URL
http://romaneti.vip/prelands/1557/css/new-orest-style.css
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d448dfa3311a59263f458a0867cf332fff04ff02277d3a7612e117c1367a25

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
671
cf-request-id
06ea7e6348000006663e2f5000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"791-5abb7996b9351-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BBHbrzglt7JhtOWLVNWNN2ULEb5JVzYN18DPUJDWWCcmHRESXcZu43fAB4S6IiXY7Y2leIYkEFW48BdHLLhzZPKodPiP8yyoeY5%2Buts%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff100187e2d0666-LHR
brandpart.css
romaneti.vip/prelands/1557/css/
28 KB
5 KB
Stylesheet
General
Full URL
http://romaneti.vip/prelands/1557/css/brandpart.css
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b4934e50504f14424dbca5c73632ecd2abe36d0cbcc65ad4246c35fa8ab6b4

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
4607
cf-request-id
06ea7e634f0000002ad51db000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"715b-5abb7996b9351-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YZsoshCG8T7fm8XoCHwvBkVBZemfmmS8EqL6YGLAfQ5eRBBuRBFvz9Srh7MyQ7xcJwaiOihgp3JadFWJ1DJjdsaYDUuPhgPUhAeasNs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff100187ae7002a-LHR
brand-logo-dfb68a03e7.svg
romaneti.vip/prelands/1557/images/
4 KB
3 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/brand-logo-dfb68a03e7.svg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c909ee29a0d98bce8178a0c17a5504e33b5d1f63a22dca84f34f83a9f5693a8

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
685
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06ea7e63490000068ac3a65000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
W/"f70-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hmxw2OOKf3fdR0Sg2frFChpR199zBOyYud15pFCIxtxKwgdv7nF6USpCi%2FnLdyxcsEsDLd5fVLk3vO1Ac26hMzwKu9HVGkYYq6ETXjY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
CF-RAY
5ff100187bd3068a-LHR
euronews-vector-logo.png
romaneti.vip/prelands/1557/images/
5 KB
6 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/euronews-vector-logo.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d3ca50e6279d0cff0fca4a3c78d957535ed628759f282c437f065e985a9a38

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
5270
cf-request-id
06ea7e634c0000e6483d2cf000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"1496-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6iB7tCFd1PYDDkeaIv9mwkL0SkJXrvEGw7kxzIoyN5uGHOTwX1TThukv6%2FPR%2FOh%2B9BGOJo2oy1Ne68NRZGeQQnZNudEwvtZoptyEeIs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100187cece648-LHR
The_Guardian.png
romaneti.vip/prelands/1557/images/
11 KB
12 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/The_Guardian.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a0fd6a0331897ee7673460f248677fd8da87f2df23aa831ddfd609de29d68f

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
11693
cf-request-id
06ea7e634c000040774a2f9000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"2dad-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tz5l7SLij27nKMo43AEwR8EDY7zNpCbe%2FHeM3YHUfbOsfhW2zVas%2F9RzWkmNhZmUkrxFMXrqU%2FfdoKso72rMros6iDpsFfCyj%2BepR80%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100187cc44077-LHR
tour.jpeg
romaneti.vip/prelands/1557/images/
12 KB
13 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/tour.jpeg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3642ed6b71160bd8f61d5c6118c58d344fe01983b94a1cdb8f78dd467d09e1

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
507096
Connection
keep-alive
Content-Length
12446
cf-request-id
06ea7e63af0000e64878002000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"309e-5abb7996bd1d1"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CDVZhojgZzaIGnijFixG5AU81F2Ouh9BqUUr1XQ7qTf0RRwbEVV%2Bn%2F6b3XEwBmYtF28R5z9ZbrORoQnKwvwWNXotInWrrnPU99pd6ww%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100191e00e648-LHR
dutchnewslogo.jpg
romaneti.vip/prelands/1557/images/
5 KB
5 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/dutchnewslogo.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d6c4b0160942e04e2ba434f4a5dd8bd61c7dcb6d90465a22631fe30242ce98

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
4769
cf-request-id
06ea7e63b90000002aaa3f4000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"12a1-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I2iuSD496DgNT95r85x2jAB1G1hDdDfl7OlOxmRDszRcNq63sYtZIowA8pB2Pv0M7ub2i6Th0ZvfDL%2FTBy549PUCYVUpZrAD%2B2yqpN0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100192c86002a-LHR
1-im.jpg
romaneti.vip/prelands/1557/images/
54 KB
55 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/1-im.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808b4d61e5ac8cbf96db7287ffc2ae05b011edd7ecf4bc7cb293ea1833a50921

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
474808
Connection
keep-alive
Content-Length
55295
cf-request-id
06ea7e63cd0000068a58375000000001
last-modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
etag
"d7ff-5abb7996bc231"
vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t0I4RJS%2FEk9i2C3YwVbiKL0NTtJfhtlf%2Bzmsd34qgbu7Oil1saJPld5ciVbDRq0cc1oKd%2Bw2Yd1OREQRq0CAYUaFSh4KSCvzvBBrEO8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100194e87068a-LHR
image-2.jpg
romaneti.vip/prelands/1557/images/
178 KB
178 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/image-2.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470f4d25e688e9286ad5fc192d5f547a846d59a79833bc08b147ebec6d55a3bd

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
506815
Connection
keep-alive
Content-Length
181916
cf-request-id
06ea7e63e00000e648823c9000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"2c69c-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bow3gGa445u6xZqm5bU5IxMjT3OZsBh8imCiz%2F26OkqYZ%2Bz9Bs%2B2u%2B8rhrKnei0NWRKqvQ8Y%2Fae7vchI4g36XOlPe2saSNAD5exn7rQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100196ed7e648-LHR
5.jpg
romaneti.vip/prelands/1557/images/
75 KB
76 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/5.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3176aa5afd34b2b18ff787d24d2dec8c4ab46c309756346c650f1c52b15f6bf

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
76893
cf-request-id
06ea7e63ed0000002ac1a18000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"12c5d-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dlLYruwlRHfaeX6X3FqpiXEzVyW%2FllPfERrRqLOkKPlpmUjRAmEIDgryxhcD6Dfkx1ozsym7%2BVQ4odZpWzb3otnffuspuvSA1SVMYMs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100197d2b002a-LHR
image-1u.png
romaneti.vip/prelands/1557/images/
49 KB
49 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/image-1u.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf53e5e1b8756aac1274fce6f023d9d4ab3571261935b5a5011d60cfa50a4a7

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
372259
Connection
keep-alive
Content-Length
49787
cf-request-id
06ea7e63ee0000ce3f71bf8000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"c27b-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1OmRGfLk3o1Ek84%2Bfr2%2FU9pQhkVElqSctOuQoumOcE9Tf5fu6D8YQYVqCCJdqlG572oqJwBsO5HZRZTrxGsipJ1PF3NIwzzS7FJbrzo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001979bace3f-LHR
image-2u.png
romaneti.vip/prelands/1557/images/
46 KB
47 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/image-2u.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83392766f32d34d4bbe8020b15704cbb86b65eb3d8a22b693eaa84cd20a23bc

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
507095
Connection
keep-alive
Content-Length
46938
cf-request-id
06ea7e63f20000066632b60000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"b75a-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WdbC5gX29ykwCWjdUuPN4ezp%2FYlt6B4kfaBf5zj2%2F10Mv8hEERfb8waJj57hwqo5I1qdW2R8RrFK1ge3q5p97TDmM1g6J4fS1iW8Pz8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001988ef0666-LHR
image-3u.png
romaneti.vip/prelands/1557/images/
37 KB
38 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/image-3u.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7caa363020000cdd4ee58c1fe715c68123459d9f43e672bb379454a9e288537b

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1203114
Connection
keep-alive
Content-Length
37989
cf-request-id
06ea7e63f80000407768058000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"9465-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gJxnPxo%2Bsg5qRiKHx13m9IBEiPFqf3BZ4uRoJrl%2FmoU0jsrlwNGpPtgfRFJDbje65qlD9%2Bjyk5%2F8vsJzahXkPITCQ%2FqhiccPdv2%2FlZs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff100198fbb4077-LHR
image-4u.png
romaneti.vip/prelands/1557/images/
49 KB
49 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/image-4u.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b5dd8162e8675cbc2dc1d61781217896d843175ce8aea828ca13acc58c913f

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
507095
Connection
keep-alive
Content-Length
49822
cf-request-id
06ea7e643300004077822a6000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"c29e-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w8ICi00Ot%2FQVVARasHfT04qj0np1tJuqBfojN9U%2BdV1NaVQurIDMW49Y5uFBTEw2B7g7lwyH63%2FXEZ8Eoe93fHtIPqdWLNM1nITimCA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff10019e8b94077-LHR
reg.png
romaneti.vip/prelands/1557/images/
647 KB
647 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/reg.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b5fc1cc264d88a48a1dcf23ed8886e0c7efc6356a119fee2e746954a02f446

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1203139
Connection
keep-alive
Content-Length
662217
cf-request-id
06ea7e643a0000ce3f86bf3000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"a1ac9-5abb7996bd1d1"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kOofDmtDe1UXIX6ROUWEjbb5pYjBGEglA5BRNbUDjKCJbiYGnCaF89MI0ws1YgLw6VVouno4F0tFReZMhO%2BW1dHMeiJl%2BuqHW9MEp3w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff10019faa5ce3f-LHR
dep.png
romaneti.vip/prelands/1557/images/
161 KB
162 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/dep.png
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0591cbf213702885fdded629c53bf0e335daadf4df0b9439ce35a0674dd41b5

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1203114
Connection
keep-alive
Content-Length
164883
cf-request-id
06ea7e6445000006667038f000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"28413-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=35Y2o2o3ZTLLKARLzkE96gNgI978Le9rPuEaeHfW5XTPSDSCIO7GFiaLpIH89CUXm7LT87FkVHzsBTSsRdsde5wYUFNNVM3vrcldugo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a0a3d0666-LHR
2c.jpg
romaneti.vip/prelands/1557/images/
2 KB
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/2c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6864279e8ac5e322b9c9a637602aeb08cd021db87acb0008f0e9b02770c8a72f

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
1823
cf-request-id
06ea7e64590000002a94159000000001
last-modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
etag
"71f-5abb7996bc231"
vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aQwkpZRRzHuyEOYyO988uFQ9EpDEHHQqJpg6n4vR%2BrzSVeV9dGRx7gxh9tqhBBNLnLoWWKFPFARzTHiuE3NNrWXMxmT7qVVXNsO1qv0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a2ea9002a-LHR
1c.jpg
romaneti.vip/prelands/1557/images/
1 KB
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/1c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35459cc6196838927f1c10ebee8d4f93f41db7dc04211c3fb2eb3d8db0a8b4b9

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
372259
Connection
keep-alive
Content-Length
1247
cf-request-id
06ea7e64690000e64876aa3000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"4df-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jFZgMk%2BZh3bIV2%2BsG7SE3SsbJmDH66hA0n%2B%2BkDVXvF5qnxSCXyt%2FugezMKxziOforbHBn%2FEslI9pcOywE%2Fe7zYB4OcepNbt1AlxXrE4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a48bee648-LHR
3c.jpg
romaneti.vip/prelands/1557/images/
910 B
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/3c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c55f3f5f7958387e6f54112863b20f5b908099d19d82e30a910929ea233f93

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
910
cf-request-id
06ea7e6474000040773129e000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"38e-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hzP99LI2P75VHoRYzgj0ueRVKmxZy6hzAMtxY0odmgx%2FbtJ5JVQ2KK1yHQi80ZG8r3mkaAqv%2B8ar%2FfTLCNCZ10K0zswMxgkkAYBp%2Bhc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a59e84077-LHR
5c.jpg
romaneti.vip/prelands/1557/images/
1 KB
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/5c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69942565e2d9ca09f9b260bd6e4a4c4070ef25612bb9d27b3eeffcd137afb9d

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
1328
cf-request-id
06ea7e64790000068aa235a000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"530-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=psV8ZysDs%2BIzDm8gEofxMJoMJN2XFFzvQwyp6FY3PtFIpgRXizuFwzTcD%2B0JS7AqgUtRv%2B0GS5aO%2B9ET0pk%2F7JM%2FszYJpJlaKMxs9sA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a592f068a-LHR
7c.jpg
romaneti.vip/prelands/1557/images/
15 KB
16 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/7c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1beb8cc76171f15fcb4fddcf922575230376b07ddbfc58b6bcaa0aaf716bd9b

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
15734
cf-request-id
06ea7e647f0000002a97247000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"3d76-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BQLEKrq%2B6%2BWhDkOdilGC%2Bi30fZPQLb1%2BzlUL3O51H4ZQwedPn1%2FfDRbXqXvwNlHU6aOHikplx2uQHBIOapZfEAJXJhBAt3QAN3GLu80%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a6f0e002a-LHR
6c.jpg
romaneti.vip/prelands/1557/images/
1 KB
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/6c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c88d0b46dfc36913f97efafe0b68f3b81327c8edcd81796fa7fb1a699301c3

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1203113
Connection
keep-alive
Content-Length
1146
cf-request-id
06ea7e64930000e648193ca000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"47a-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5pWC9G5byfNNo3S%2F9L%2FNLPq5rCbUFo0tJHr%2F1iackiK8droC5ZJ9VtnKoEyXwZWq0sFiaSTyawKQoplJ1aFgn0PyCQRm9ICCTbtntbU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001a894ce648-LHR
15c.jpg
romaneti.vip/prelands/1557/images/
1 KB
2 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/15c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d102a3c9ab95ef68bb26a2e8391a24750868b940605c7aac6dbce6367c569595

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1203139
Connection
keep-alive
Content-Length
1108
cf-request-id
06ea7e64aa000006662ba93000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"454-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EfI9cRuYHN%2FpoCtdNL3kZigioW9%2F5qIA%2Bi3rge0jnyi7j%2BBpkdBa08HnW0kAvTlTNWTskBpN6dhuCPFiLGWhnKeqUiv0cOyqv8rbjnk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001aabcf0666-LHR
8c.jpg
romaneti.vip/prelands/1557/images/
2 KB
3 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/8c.jpg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9c9ddd04febb967d11081c9e5b676029cd2cbde1ebcaff19c8157be7301140

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
483060
Connection
keep-alive
Content-Length
1978
cf-request-id
06ea7e64bb0000002a052ae000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"7ba-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wo8QMlvJcy%2BEo9jqlNMsFUSPhKvpnaMn5D5MfT5qjM3CtU9nGO%2FcVRpy%2BJi9kF3ueLVOKTN2M9W3OCE1eKN2Fk%2BvqlvuELSM1XwF8%2Bg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
5ff1001acfef002a-LHR
script.js
romaneti.vip/prelands/1557/js/
7 KB
3 KB
Script
General
Full URL
http://romaneti.vip/prelands/1557/js/script.js
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3131172b18c2ec98af910ea0bc07943c02a90274ea9fdf47c1202ada43ae71b6

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
2429
cf-request-id
06ea7e63850000068a55b1c000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"1bef-5abb7996bd1d1-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2FrRt2mYotAzHDk9qIOxJXTtELQN5mggIfJQ5Fin8XY6nRq9JF%2B%2FSKm7o0C33fLkJhJkspmyIrn%2FhfItmFF%2BKkjRJdbl7ewHYTMYkBA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff10018dd1a068a-LHR
jquery-3.3.1.min.js
romaneti.vip/prelands/1557/js/
85 KB
30 KB
Script
General
Full URL
http://romaneti.vip/prelands/1557/js/jquery-3.3.1.min.js
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
30305
cf-request-id
06ea7e6385000040778e0f1000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"1538e-5abb7996bd1d1-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BIwPKgbf%2FjEZhFnlTQtq7LhrPtwDBcpFwWJxjrCxM4vcvA9in8oy5PvBQFGTmYEnRFEpuN%2BMGPbBzoPIVPuw%2BDCJqcdN341rL5tUtuQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff10018dde54077-LHR
getdetector.js
romaneti.vip/prelands/1557/js/
216 B
892 B
Script
General
Full URL
http://romaneti.vip/prelands/1557/js/getdetector.js
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354

Request headers

Referer
http://romaneti.vip/?pl=1557.49a95976ce62a5b89582867f1cd37d83&n=aHR0cDovL25sLmJpdGNvaW4tbm93LnJvbWFuZXRpLnZpcC8/c2Vzc2lvbj1mMTZkMWZiY2YzNTU0ZDNhOWQ0ZTgyNzI3ZWNkMWRjNyZhZmZfaWQ9MjI1JmZwcD0xJnBpeGVsc2V0dGluZ3M9Z28ucm9tYW5ldGkudmlwJTJGZmJwJTNGZXYlM0QlN0JldiU3RCUyNnBpeGVsJTNEJTdCcGl4ZWwlN0Q=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
171
cf-request-id
06ea7e63aa00000666893ff000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"d8-5abb7996bd1d1-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z0gwF0cmczuaCeQFjflvx5vw9BW6mFInWdqTqfwVnETRRIPSE6RcOZRYdkkLNTZ3%2F7m1atOx18XiqFzagXCc9g8Ccp%2FzxwAY3JVwmFQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff100191ff10666-LHR
css.css
romaneti.vip/prelands/1557/css/
1 KB
963 B
Stylesheet
General
Full URL
http://romaneti.vip/prelands/1557/css/css.css
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/prelands/1557/css/style.css
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb49b528f263007e6d0ba9d1dc1bb2d33a5b3858debe3b76204d576f5141221

Request headers

Referer
http://romaneti.vip/prelands/1557/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
255
cf-request-id
06ea7e63a70000ce3f8ebf9000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
"432-5abb7996b9351-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0taKf61TQZ9eacH6RJFlFoqJK1HgKwCOEqP5a3d5LCqZE9oZQcGPR%2B%2BYSBWwiBq3ufh6zvevcorEJHhEPpDe8PFuRYFIevKkTBEwJYg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ff1001908d7ce3f-LHR
brand-title-8719773b15.svg
romaneti.vip/prelands/1557/images/
5 KB
3 KB
Image
General
Full URL
http://romaneti.vip/prelands/1557/images/brand-title-8719773b15.svg
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/prelands/1557/css/brandpart.css
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6618ae9df86aa85bf80ea4f009cfe6f50e08f9f257b42b01d788f14caeb1e8de

Request headers

Referer
http://romaneti.vip/prelands/1557/css/brandpart.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
W/"1531-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dYXmwdJE5VSIwoNoOOH3%2F08zWSdWtmzTciNhqhqLxU0xK8y3MFK7CwNx0ehFe9K7PDzFV1t692JnHf7EjlEXWZMqKlNggT%2ByQGXlcHc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5ff1001acb0b4077-LHR
NEL
{"report_to":"cf-nel","max_age":604800}
cf-request-id
06ea7e64bb000040775eb26000000001
Roboto-Regular.woff
romaneti.vip/prelands/1557/fonts/
87 KB
88 KB
Font
General
Full URL
http://romaneti.vip/prelands/1557/fonts/Roboto-Regular.woff
Requested by
Host: romaneti.vip
URL: http://romaneti.vip/prelands/1557/css/css.css
Protocol
HTTP/1.1
Server
172.67.131.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6acc1f3d78dd83c615606a96da6291c184539af8794b4e5e546fa107d9c082e1

Request headers

Origin
http://romaneti.vip
Referer
http://romaneti.vip/prelands/1557/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 19:05:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
469894
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06ea7e64240000068a8b32b000000001
Last-Modified
Fri, 31 Jul 2020 07:18:44 GMT
Server
cloudflare
ETag
W/"15dfc-5abb7996bc231"
Vary
User-Agent, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lqt%2BO6GbvVP2A69348QLa2guOlWzDBu9S%2F0BBk89YaDeENVQ8Iwwcu2nO0eJs3dfIyy7HWoyECJo4LMWObQPQSXmifUdhP4yWyBLRzE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Cache-Control
public, max-age=31536000
CF-RAY
5ff10019dff1068a-LHR

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated number| month number| date string| dace object| dayNames object| monthNames object| nowre2 object| timeMainComment object| timeReply object| reviewsContainer object| reviewsContainerInner object| reviewsCloseBtn string| heightHelper undefined| heightHelper2 function| $ function| jQuery string| today string| dd string| mm number| yyyy number| rand

1 Cookies

Domain/Path Name / Value
.romaneti.vip/ Name: __cfduid
Value: d314101099ccadc65f3b9124b8cd76acc1607540755

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

207616.afylod.com
bit.ly
go.romaneti.vip
romaneti.vip
104.28.14.54
172.67.131.94
67.199.248.11
8.208.92.142
17d6c4b0160942e04e2ba434f4a5dd8bd61c7dcb6d90465a22631fe30242ce98
1c909ee29a0d98bce8178a0c17a5504e33b5d1f63a22dca84f34f83a9f5693a8
2eb49b528f263007e6d0ba9d1dc1bb2d33a5b3858debe3b76204d576f5141221
3131172b18c2ec98af910ea0bc07943c02a90274ea9fdf47c1202ada43ae71b6
3370c32498340228fb9e9d95451d2fe4aeca27f01802c8f894dc123b9938b9aa
35459cc6196838927f1c10ebee8d4f93f41db7dc04211c3fb2eb3d8db0a8b4b9
470f4d25e688e9286ad5fc192d5f547a846d59a79833bc08b147ebec6d55a3bd
4cf53e5e1b8756aac1274fce6f023d9d4ab3571261935b5a5011d60cfa50a4a7
6618ae9df86aa85bf80ea4f009cfe6f50e08f9f257b42b01d788f14caeb1e8de
6864279e8ac5e322b9c9a637602aeb08cd021db87acb0008f0e9b02770c8a72f
6acc1f3d78dd83c615606a96da6291c184539af8794b4e5e546fa107d9c082e1
6c9c9ddd04febb967d11081c9e5b676029cd2cbde1ebcaff19c8157be7301140
7caa363020000cdd4ee58c1fe715c68123459d9f43e672bb379454a9e288537b
808b4d61e5ac8cbf96db7287ffc2ae05b011edd7ecf4bc7cb293ea1833a50921
91b5fc1cc264d88a48a1dcf23ed8886e0c7efc6356a119fee2e746954a02f446
91d37977d09770913b5e658d7469824f5a0c30b3463870141397320179864b46
93b5dd8162e8675cbc2dc1d61781217896d843175ce8aea828ca13acc58c913f
99c88d0b46dfc36913f97efafe0b68f3b81327c8edcd81796fa7fb1a699301c3
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
ac3642ed6b71160bd8f61d5c6118c58d344fe01983b94a1cdb8f78dd467d09e1
b69942565e2d9ca09f9b260bd6e4a4c4070ef25612bb9d27b3eeffcd137afb9d
b83392766f32d34d4bbe8020b15704cbb86b65eb3d8a22b693eaa84cd20a23bc
b9a0fd6a0331897ee7673460f248677fd8da87f2df23aa831ddfd609de29d68f
c1beb8cc76171f15fcb4fddcf922575230376b07ddbfc58b6bcaa0aaf716bd9b
c3176aa5afd34b2b18ff787d24d2dec8c4ab46c309756346c650f1c52b15f6bf
d102a3c9ab95ef68bb26a2e8391a24750868b940605c7aac6dbce6367c569595
d1d3ca50e6279d0cff0fca4a3c78d957535ed628759f282c437f065e985a9a38
d7c55f3f5f7958387e6f54112863b20f5b908099d19d82e30a910929ea233f93
e0591cbf213702885fdded629c53bf0e335daadf4df0b9439ce35a0674dd41b5
e4d448dfa3311a59263f458a0867cf332fff04ff02277d3a7612e117c1367a25
f1b4934e50504f14424dbca5c73632ecd2abe36d0cbcc65ad4246c35fa8ab6b4