rovmembership.com Open in urlscan Pro
2606:4700:3035::ac43:c822  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Show response rovmembership.com/	6 KB 3 KB	1020ms 899ms	Document text/html	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.32 Resource Hash b77e34571e11dbbe9d84bfd9811af657bab29dacfe21c71a02dd98f134678de5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 761a3201bc43ca57-YUL content-encoding br content-type text/html; charset=UTF-8 date Sat, 29 Oct 2022 07:28:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPnoc%2B8S6aSNh5Ivo9J9ZtranNqHf9QGFbb58iXQNFCbiZtmzKcAshDoZXkKfG8yO50aLW2t9OLNL9DpgbfI1vehOxzfpFgqIdwjr0zV23fKPxUkFAAxlBkJxuvozLF5wN9UEqBY0bCEJbRaPzch9A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.32 x-turbo-charged-by LiteSpeed
GET H2	200	sso.css rovmembership.com/css/	30 KB 6 KB	27ms 22ms	Stylesheet text/css	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/css/sso.css?v=0.59 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 693e7e2e7b0c34658a121509472985dbaf3d238b17689534e100f5854b0e5513 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztTuyDUHwc55wFAGjEbgx%2BeEkhwttUf%2FhmpNueSbuG6rdc9YqzN8VcyaIT6fVgaUhD6VFqWLXAKj%2BwHMi3puXzgRLqxY%2Br0p6UQduOT8lyMVYa6lQzkUOr5ZYoch%2FWPjD0jW1jZxP793yjjqnWJXQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e2dca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	shopee-captcha-main.css rovmembership.com/css/	9 KB 3 KB	22ms 18ms	Stylesheet text/css	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/css/shopee-captcha-main.css?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 794825d0187c26472db66cd84f252832a73d5fce73f2d112357fdecd6b9e76b0 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PX0Vu9Rl%2B%2BDnAoL7oi4F9BkloZwGBBNtBafPM%2FNPe3zzPNj3LfHnWosU6CoAU5BJWsuAYSyWxLYHxpeVBJiJhfDu7Fym1lR%2FU1I8ne%2F63q%2Bcwnh8m2Bc9FNuTeqfmejg1p4DkVvqarOu%2FB1EvXHlPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e2eca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	jquery-1.10.2.min.js Show response rovmembership.com/js/	91 KB 33 KB	46ms 42ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/jquery-1.10.2.min.js Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7420 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3Une%2BLbBuDnF%2BtkELvDr%2FIs5ZbEEPCbTSC1cNUVuHT%2B%2FBMBITSZzUCYzVV3HZ6dnLckLbsY8XDkSkUfJmkCMmAEBr0KeOaiXtohp5kyPKJyHCzPPeYx6m0UOi8D0vW9A3JFhiGqxnS1mcfiSM4k1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e2fca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 05 Nov 2022 05:24:56 GMT
GET H2	200	crypto.js Show response rovmembership.com/js/	18 KB 7 KB	22ms 19ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/crypto.js?v=0.60 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a61dcc3d3782dd66699ceb450d63ee1e5bf77e429ac4d3c613b52a1d6f8c98f Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m14CYrN6FX5e65WRileSZHPrWciD1OqRdA3PdWbIebhZ9EmEQjYkRrl%2BvOPZiwQ3xzgS1q6eehcpuAUZ3qxvcZeY4GwTNe7pjHs5mGt3qcG38Zn5fotjwyKYctUO7OW60a3IqF%2F8LkxlpU276KLhhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e31ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	countries.js Show response rovmembership.com/js/	14 KB 4 KB	25ms 21ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/countries.js?v=0.30 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f044c6db150819618ec646c5dba0f9b9dd5fedc650cf0700a60853f43465bee0 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htueJzSQMh%2BsAFrqMQNidChcIJ97Z00%2BveFERcG%2FYe1%2BA7GnNsP0JIBVX3mvAfpvb2T4QdEzVzXXYWKc9WkimtMvrEIXVlXJ2AOSRrSfQmHRupc0OZosmGmWJXZJrYSQa1grlVVYVr7tk1z5xWtlgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e32ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	locales.js Show response rovmembership.com/js/	856 B 627 B	23ms 19ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/locales.js?v=0.03 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87815e8484a9445d01005526e7a86c40ec3aef73674871fb20f660093b44ce0d Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwW3lEXcZpVUSUhuDfhUuNGVxCucyQ%2B0DKWlgV0KJsI616SRX2n2YH7xlvDAj2%2BQNSyN%2FMxgcvmM7klAA9la2ZOXdgVQAKcIYFs%2B7zNG3h1qjB7c62ZYl%2BBryjjiV9i9o%2BV7eQKtWyCYWgHRH897CA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e33ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	th.js Show response rovmembership.com/i18n/sso/	26 KB 6 KB	28ms 25ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/i18n/sso/th.js?v=0.58 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d5fe6f7ced649888fd5e81780c7763147fee28116699301f4a417ca07dcff38 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7420 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2Odt5tSeP1fVeYm05u0m4ZT5SlWGjNSurpxAQO%2Fp3obZID1B7k7ooFWMbDFGQhqY15gCVV16C%2BPhfgsU4nwE9Bq6f7crGbXHxZwBUQkMSYWn2banWNrUbDXvJF4v8X49D9E2He2qjYW7b8oDo9szw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e34ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 05 Nov 2022 05:24:56 GMT
GET H2	200	platform.js Show response apis.google.com/js/	54 KB 21 KB	103ms 34ms	Script text/javascript	2607:f8b0:4006:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3baee4e3c8693b9b4f96df6ccad10ff14eddebebc3d916f617386835ae46b8f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Sat, 29 Oct 2022 07:28:37 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20987 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "849328c364e52e6e" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Sat, 29 Oct 2022 07:28:37 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	852 B 968 B	85ms 38ms	Script text/javascript	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 40f3351f437938b393fee15f5f6694b116eab173623ac63255bcf6998aea3119 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Sat, 29 Oct 2022 07:28:37 GMT
GET H2	200	fetch.umd.min.js Show response rovmembership.com/js/	9 KB 3 KB	26ms 23ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/fetch.umd.min.js?v=3.6.2 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdee1a2ea7277beafba671cd09db7eeb0fbc08d1103521801b6e1d5c121c7cf0 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV5NW4csbZIVbB1N2cv%2BWo387hL07lkmXuy%2BxfNAlxPGemNn%2Fv2CPzhPnxSHytr5U9XuppNyANOuwPWMdbF3kZ7DizW57assPyH6cZxXR%2Bcw%2BmozUuGYc9WuNGAzOzSw4ISPVuf4T5ym0QvT5axzqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e35ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	captcha-sdk-v2.0.1.js Show response rovmembership.com/js/	159 KB 60 KB	40ms 38ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/captcha-sdk-v2.0.1.js?v=0.02 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c13d7c5ef8a05d169359b4f7714977888ae89831e797cda23cda6e26031b781 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odwFyM4TV89cAazQV%2BV1HVc1FYaZdNIvOcC9TUcknHE5PxmwC8r%2FP0adGwtjFu7WAtVBmFTR5cS3zK2Xt8euazZ8NguHzMcK02swNMM5lcHxIyGZwFkTaWPHFNiUmWl8FR5Y%2FbDaF3Exv%2BOjS1M2nQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e36ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	shopee-captcha-bundle.js Show response rovmembership.com/js/	108 KB 34 KB	52ms 50ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/shopee-captcha-bundle.js?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb3af2be974bf1c7045066af1b5eb3ce27d2c63469c98ff03ae9f08e320fa0f Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7420 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KY5mSsebYRBk2vKykK%2BZJKxcSP3D1Aej3RmYmn7a0Gz%2FqnhXJ3jEMf9nbPAj9Wy5sHMc5J5P32PK6HfXJmnnF5AQN3pt9ELzMqvRTKMCwkc1UYjY9q5f9ahuPFpNyord4clPpM%2B5zgsFFF3jTmpdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32076e37ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 05 Nov 2022 05:24:56 GMT
GET H2	200	js.cookie.js Show response rovmembership.com/js/	4 KB 2 KB	39ms 37ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/js.cookie.js?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:12:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxQwjbwTU1GEZW2cSOlERIRhPQbQA5PQusQn%2BW3zZgu9M2%2Fkjl2uTKrSkmSK15w1NUP7FYfGE43O2W9yQB82fJu9mpgMNF%2F0X0C3OnNTfOxZth4Cm%2FUu8GW5%2FziK8WTfyiaWnSkzSSHPTi0TeIAO1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e39ca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	settings.js Show response rovmembership.com/js/sso/	3 KB 1 KB	43ms 41ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso/settings.js?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe3a62fa9cd94f98676600514ca5da7067cbacbb7fd31ecd923ceb620ef84803 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9IpZi3bAMoaEwSyxwhQwpAI2KJTPAbZ%2BvOmXJKyBIl2UHSlCOv7r%2FMiKweJ14nT3KvDz%2B%2FNH18QqmHweqX4Mz6XYupR0ffd%2FMeGarXIjKQpzd1GIxn6Jaqu9N1pH1oVaJ6rk0jZQh5sql7yozseqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3aca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	utils.js Show response rovmembership.com/js/sso/	5 KB 2 KB	38ms 36ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso/utils.js?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 421d77a0e489b592870e4bb5379191960c6168f5f25372ee8859f4a09f592fe9 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ72jpM2Ws%2FNUnuam21V9AzID4LlHb7eXE07CrBKnoDOelGEghKPKfRTaTRTU%2FTxPcRsttTvlHd45X7%2Bvd%2BYFu6uVYuHpGfr12ekgJ6kM5Zu4gCtmh1Dh%2Bpj53te%2Fud75xOkFfpVHNV5fcvnlvyUjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3bca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	captcha.js Show response rovmembership.com/js/sso/	9 KB 3 KB	43ms 41ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso/captcha.js?v=0.02 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1dcab165492966a3276bf684ed2d2d9458519d1803c70f979ea84b7007bf41c1 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7420 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43mJFl%2BVvW9vVPJtM6uZj1LL2oxy5pZK8rOzW5RZwJUwAaBsphO2S%2FGvcfqZsBA6F05ROITmG43wdv4kVgeZTe7qxx0j3NttzJUmF2xmuYMrP06%2FoJzBxEETbrSEySrLAUQ%2BN99umgFXcgj%2BGvz6Dw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3cca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 05 Nov 2022 05:24:56 GMT
GET H2	200	content.js Show response rovmembership.com/js/sso/	7 KB 3 KB	41ms 39ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso/content.js?v=0.01 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47fffe9cb26cb2202e5417bc993429c7ac998207d4b192a4d096376ae752fe96 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7420 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5boStJ9NcAuiLPd5UqMDzWW0LgVjAu1MbxuN0xNEe4wgjEx5lyU%2FGUmK9XqxaFuqlMSv6RpNyc%2B%2BFPzSrTJMYPybWIRzIVoUGdVuQ4IcG5siBILz74Jul2vcY%2BX6s3avUK7XB5%2FyprZm%2BvMYAc9o7Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3dca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 05 Nov 2022 05:24:56 GMT
GET H2	200	register.js Show response rovmembership.com/js/sso/	21 KB 5 KB	41ms 40ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso/register.js?v=0.03 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5fc76cc472ae0c5f3d4f2fe2f96695fa287062fd19d9554de3d829a709ca6f5 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:11:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQm5DFHpF06V6%2FVPuKKWh2w%2BxdGOY4O7eVL95FoSXZMyOeVQSTmfGNw4O%2F01X68h58aqp3xZQ%2F3We%2FwjyTGOQvPCJ8tast%2BGhptIlLzPIbei18VT%2B3uXfI%2B9eLm0yRoCPlArUgdPW3IjYaYyogyskw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3eca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	sso.js Show response rovmembership.com/js/	36 KB 8 KB	42ms 40ms	Script application/javascript	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rovmembership.com/js/sso.js?v=0.82 Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e73f306901e37d048b29e4389627fbc2e4e523d13a557122004ebbe38151acae Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:09:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 52660 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRry6PLGCpYDgaFMoPM%2BWV8fjdB50hFObYfc0shWXS7vxn3bt3HNWncQQwkTX5veuFDAFsWuVVTiEZmJHDS4tshO8%2BiuqR7NOVCpl2MzfAEaF4VLUdbTDRVG0C6MDvGIyTnFm4rWPi0dYjNWXiPG7w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 761a32077e3fca57-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	xhr_tag.js Show response js.captcha-display.com/	10 KB 4 KB	91ms 18ms	Script text/javascript	18.164.96.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.captcha-display.com/xhr_tag.js Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-101.jfk50.r.cloudfront.net Software Apache / Resource Hash 2be8c6ebd3347023932cd13eba627c8920d6d6e89c6343e4bd5aeb58134ea19d Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 06:42:02 GMT content-encoding gzip via 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront) last-modified Thu, 07 Jul 2022 16:32:54 GMT server Apache x-amz-cf-pop JFK50-P5 age 2796 etag W/"28fa-5e339a33afb63" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id vNMgVmJWSzy9UQ0YXU4AzReHMfpeH-VavCKYGk7KcQhbtPqryG95aw==
GET H3	200	bg.png rovmembership.com/images/	2 KB 2 KB	27ms 26ms	Image image/png	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rovmembership.com/images/bg.png Requested by Host: rovmembership.com URL: https://rovmembership.com/css/sso.css?v=0.59 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/css/sso.css?v=0.59 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 52660 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1550 last-modified Sun, 17 Apr 2022 03:29:40 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sh2rlaJJTSoKNGwzi0aNLWKvqEj83qzyLagUm3sn4WvJ7LYbKKaxWo2z0jYFyX0xissD6KrKbJXyDsjoYCYRoj2gUNTvWlY2thwV1OxcPKN7xPrruRW7CQVTxWqVJHIuevUNMn7WYk7YvDBGiLB0DA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 761a3207982d4bb9-YUL expires Fri, 04 Nov 2022 16:50:57 GMT
GET H2	200	tags.js Show response js.datadome.co/	206 KB 42 KB	89ms 20ms	Script text/javascript	99.84.37.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.datadome.co/tags.js Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.37.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-37-18.ewr52.r.cloudfront.net Software Apache / Resource Hash 5795c162503a8a8db1b67d8e38ff5b901d6278579c73750bb6641a69f54baad5 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 06:43:57 GMT strict-transport-security max-age=15768000 content-encoding gzip via 1.1 ef83386f79c9e19f4894237e9cf67dd2.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C4 age 2680 x-cache Hit from cloudfront content-length 43000 last-modified Fri, 30 Sep 2022 11:57:45 GMT server Apache etag "33929-5e9e3b3bbc8ac-gzip" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, public accept-ranges bytes x-amz-cf-id PW9iRveNxPK5WkuxPPpHK7hLLomMrCIFh9loUtoglH1JPCnftS_WBw== expires Sat, 29 Oct 2022 07:43:57 GMT
GET H3	200	earth.png rovmembership.com/images/	522 B 1 KB	16ms 15ms	Image image/png	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rovmembership.com/images/earth.png Requested by Host: rovmembership.com URL: https://rovmembership.com/css/sso.css?v=0.59 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/css/sso.css?v=0.59 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 52658 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 522 last-modified Sun, 17 Apr 2022 03:29:40 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHHCSuyTWLYLk3IaqN40%2Bc3WPsf1My3ahPYFlJEUw%2BRiGVD%2B3ESFx6G59DEgj1%2FCn9FkAIrJqIKweHiIz%2B3rGnoB2RBsRMhoTyXPiIqdUMqVSRNP8TEk%2B6zdr2bGT3LNSYlsKvumPdHxA0qp8QHA%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 761a320878a54bb9-YUL expires Fri, 04 Nov 2022 16:50:58 GMT
GET H3	200	img_garena_logo.png rovmembership.com/images/	6 KB 6 KB	17ms 15ms	Image image/png	2606:4700:3035::ac43:c822 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rovmembership.com/images/img_garena_logo.png Requested by Host: rovmembership.com URL: https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:c822 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263 Request headers accept-language en-CA,en;q=0.9 Referer https://rovmembership.com/hGvoMMj7HH5GAlt5M63yfGec0cC5OqBcJM2xpPlP879w7XXMc5h6wo0vuEktt0yG0FuFn8kmmeRskZEbEaSk0z7WKaN1Dx7dnkKaN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 07:28:37 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 52658 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6114 last-modified Sun, 17 Apr 2022 03:29:40 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTzPjCu9aq1C5fHRfJSu1WqHkvlPgnDJRa1sPPmBOLov4N%2Fq%2FZ8rTbEZNN%2FM7K51rozpWdvCEarCXfXTd4i%2BXE5RFoONOUpvq8Js8368tqX3R44ptf3gaTi46Ky1I2%2BAsJ5zjTM3XY6h%2FNhlHqElIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 761a320888ae4bb9-YUL expires Fri, 04 Nov 2022 16:50:58 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/	397 KB 158 KB	82ms 19ms	Script text/javascript	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7062e72edad5a2fb54912ad146b3c9009adc2af7f3d7c5b0dcf73ca8db87fc10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rovmembership.com/ Origin https://rovmembership.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Sat, 29 Oct 2022 06:00:11 GMT content-encoding gzip x-content-type-options nosniff age 5306 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 161443 x-xss-protection 0 last-modified Mon, 24 Oct 2022 04:01:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 29 Oct 2023 06:00:11 GMT
POST H2	200	/ Show response api-js.datadome.co/js/	238 B 416 B	120ms 26ms	XHR application/json	3.213.157.97 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-js.datadome.co/js/ Requested by Host: js.datadome.co URL: https://js.datadome.co/tags.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.157.97 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-157-97.compute-1.amazonaws.com Software DataDome / Resource Hash 2251f5a4ddead7a17f27a73574aed83a59a351774c1eed9739d7d102d2012b56 Request headers Referer https://rovmembership.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 29 Oct 2022 07:28:37 GMT server DataDome content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 238 expires 0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ddCaptchaOptions function| $ function| jQuery object| CryptoJS object| COUNTRY_LIST object| LOCALE_LIST object| SSO_SERVER_I18N string| ddjskey object| ddoptions object| gapi object| ___jsl object| WHATWGFetch object| captchaSdk string| SHOPEE_CAPTCHA_DOMAIN string| SHOPEE_CAPTCHA_GENERATE_URL string| SHOPEE_CAPTCHA_VERIFY_URL string| SHOPEE_CAPTCHA_REPORT_URL object| regeneratorRuntime object| captchaMobileVanilla function| Cookies object| SETTINGS string| captcha_key object| mobile_register_request string| SSO_SERVER_URL string| SSO_URL_API_PRELOGIN string| SSO_URL_API_LOGIN string| SSO_URL_API_LOGOUT string| SSO_URL_UI_REGISTER string| SSO_URL_API_AUTH string| SSO_URL_OAUTH_TOKEN_FACEBOOK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_VK_EXCHANGE string| SSO_URL_OAUTH_TOKEN_LINE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_GOOGLE_EXCHANGE string| SSO_URL_OAUTH_TOKEN_HUAWEI_EXCHANGE string| SSO_URL_OAUTH_TOKEN_APPLE_EXCHANGE_WEB string| SSO_URL_OAUTH_TOKEN_TWITTER_EXCHANGE string| SSO_URL_OAUTH_TWITTER_REQUEST_TOKEN string| SSO_URL_API_REG string| SSO_URL_API_REG_PREPARE string| SSO_URL_API_REG_CHECK string| SSO_URL_API_SEND_SMS_OTP string| SSO_URL_API_VERIFY_MOBILE_NO string| DEFAULT_REDIRECT_URL string| FACEBOOK_OAUTH_URL string| VK_OAUTH_URL string| GOOGLE_OAUTH_URL string| LINE_OAUTH_URL string| HUAWEI_OAUTH_URL string| TWITTER_OAUTH_URL string| APPLE_OAUTH_URL string| GAS_APP_URL string| GAS_IOS string| GAS_ANDROID string| CAPTCHA_SERVICE string| CAPTCHA_SERVICE_TEST string| DEFAULT_LOCALE string| ACCOUNT_CENTER_URL string| ACCOUNT_CENTER_TEST_URL string| ACCOUNT_CENTER_RECOVERY_URL string| ACCOUNT_CENTER_RECOVERY_TEST_URL string| FB_PLATFORM_MODE number| KEY_CODE_ENTER number| PLATFORM_GARENA number| PLATFORM_BEETALK number| PLATFORM_FACEBOOK number| PLATFORM_VK number| PLATFORM_LINE number| PLATFORM_HUAWEI number| PLATFORM_GOOGLE number| PLATFORM_APPLE number| PLATFORM_TWITTER number| OTP_SMS_INTERVAL number| OTP_REGISTER_INTERVAL function| isMobile function| _ function| getLocale function| getCurrentBaseUrl function| getUrlParams function| getRequestParams function| getRequestParam function| getRequestFragments function| getRequestFragment function| getRedirectUriWithParms function| redirect function| redirectWithFragments function| setCookie function| removeCookie function| changePlatform function| requestJsonp function| requestJson function| showCaptcha function| getCookie function| uuid function| refreshCaptcha function| hideCaptcha object| ReCaptchaWidgetIDMap function| renderRecaptcha function| getRecaptchaWrapperID function| getGacaptchaWrapperID function| getShopeeCaptchaWrapperID function| centralizeCaptchaDialog function| initCaptchaDialog function| hideAllCaptchaWrapper function| hideCaptchaDialog function| getCaptchaID function| showDataDomeDialog function| ReCaptchaVerifyCallback function| showReCaptchaDialog function| showGarenaCaptchaDialog function| showShopeeCaptchaDialog function| requestJsonWithCaptchaDialogProtection function| clearPage function| centralizeContent function| showContent function| appendClearDiv function| clearMessage function| showMessage function| showMobileRegisterAlert function| showSuccess function| showError function| centralizeDialog function| removeDialog function| showDialog function| showPageDialog function| checkPasswordValid function| showRegisterPage function| showRegisterFinishPage object| SSO_SERVER object| jQuery110203495475037029758 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| ddCbh function| displayDataDomeCaptchaPage function| _0xf25e5b object| _0x344967 object| _0xe65346 object| _0x3f4ddc function| _0x461f object| _0x349818 object| _0x366f32 function| _0x4674 object| _0x2e18d2 object| _0x9ab09a boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| recaptcha

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rovmembership.com/	1970-01-20 15:49:24	Name: datadome Value: .-GSiPMKWgoPMDgoeFElIj_XyloEY_fDGG77sX9.M~ekX-VcIRX5L7Wpr.p8hkbBPBitpVlzJiFm3W7ysmQcair5.ofdEPMJ.MdaEuQHWICqlNiaCA7jXgEVg2~Z7Nn~

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
apis.google.com
js.captcha-display.com
js.datadome.co
rovmembership.com
www.google.com
www.gstatic.com
18.164.96.101
2606:4700:3035::ac43:c822
2607:f8b0:4006:808::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:822::2004
3.213.157.97
99.84.37.18
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c13d7c5ef8a05d169359b4f7714977888ae89831e797cda23cda6e26031b781
0d5fe6f7ced649888fd5e81780c7763147fee28116699301f4a417ca07dcff38
1052ac0fe02e8c3300c458dc1a059335150c1e46d0476a5d0fb5a809af3ef263
1dcab165492966a3276bf684ed2d2d9458519d1803c70f979ea84b7007bf41c1
2251f5a4ddead7a17f27a73574aed83a59a351774c1eed9739d7d102d2012b56
2be8c6ebd3347023932cd13eba627c8920d6d6e89c6343e4bd5aeb58134ea19d
40f3351f437938b393fee15f5f6694b116eab173623ac63255bcf6998aea3119
421d77a0e489b592870e4bb5379191960c6168f5f25372ee8859f4a09f592fe9
47fffe9cb26cb2202e5417bc993429c7ac998207d4b192a4d096376ae752fe96
55ff8578db3a7e8d57214fb961b4c908ce5fd4bf66a53be77d989b1b16d82410
5795c162503a8a8db1b67d8e38ff5b901d6278579c73750bb6641a69f54baad5
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
693e7e2e7b0c34658a121509472985dbaf3d238b17689534e100f5854b0e5513
7062e72edad5a2fb54912ad146b3c9009adc2af7f3d7c5b0dcf73ca8db87fc10
794825d0187c26472db66cd84f252832a73d5fce73f2d112357fdecd6b9e76b0
85af81f91c93450bb15d6f7f75ca7e96fcbda0b12cc4a6fb9bf04bff4783600c
87815e8484a9445d01005526e7a86c40ec3aef73674871fb20f660093b44ce0d
8a61dcc3d3782dd66699ceb450d63ee1e5bf77e429ac4d3c613b52a1d6f8c98f
8fb3af2be974bf1c7045066af1b5eb3ce27d2c63469c98ff03ae9f08e320fa0f
b77e34571e11dbbe9d84bfd9811af657bab29dacfe21c71a02dd98f134678de5
e3baee4e3c8693b9b4f96df6ccad10ff14eddebebc3d916f617386835ae46b8f
e73f306901e37d048b29e4389627fbc2e4e523d13a557122004ebbe38151acae
f044c6db150819618ec646c5dba0f9b9dd5fedc650cf0700a60853f43465bee0
f5fc76cc472ae0c5f3d4f2fe2f96695fa287062fd19d9554de3d829a709ca6f5
fdee1a2ea7277beafba671cd09db7eeb0fbc08d1103521801b6e1d5c121c7cf0
fe3a62fa9cd94f98676600514ca5da7067cbacbb7fd31ecd923ceb620ef84803