www.rolimons.com Open in urlscan Pro
65.9.25.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rbx.rocks/
Effective URL:
https://www.rolimons.com/
Submission: On February 09 via manual (February 9th 2023, 11:26:36 am UTC) from GB — Scanned from GB

Summary HTTP 54 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main IP is 65.9.25.35, located in United States and belongs to AMAZON-02, US. The main domain is www.rolimons.com. The Cisco Umbrella rank of the primary domain is 137900.
TLS certificate: Issued by Amazon on August 2nd 2022. Valid for: a year.

This is the only time www.rolimons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.64.119.20 192.64.119.20	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	99.86.4.109 99.86.4.109	16509 (AMAZON-02) (AMAZON-02)
12	65.9.25.35 65.9.25.35	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6812:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
7	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
7	2a02:26f0:350... 2a02:26f0:3500:11::215:14ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
3	13.227.198.171 13.227.198.171	16509 (AMAZON-02) (AMAZON-02)
54	14

1 192.64.119.20 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

rbx.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.109 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-109.fra6.r.cloudfront.net

rolimons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.25.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-25-35.zag50.r.cloudfront.net

www.rolimons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:11::215:14ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tr.rbxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.198.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-198-171.ams54.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rolimons.com 1 redirects rolimons.com — Cisco Umbrella Rank: 137888 www.rolimons.com — Cisco Umbrella Rank: 137900	796 KB
10	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 35629 tracker.nitropay.com — Cisco Umbrella Rank: 33425 a.nitropay.com — Cisco Umbrella Rank: 54208	200 KB
7	rbxcdn.com tr.rbxcdn.com — Cisco Umbrella Rank: 10805	321 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	129 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 480	51 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 ad.doubleclick.net — Cisco Umbrella Rank: 177	158 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 783 api.btloader.com — Cisco Umbrella Rank: 884	14 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 891	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	20 KB
1	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 270151	55 KB
1	rbx.rocks 1 redirects rbx.rocks	244 B
54	11

	Domain	Requested by
12	www.rolimons.com	www.rolimons.com
7	tr.rbxcdn.com	www.rolimons.com
7	cdn.jsdelivr.net	www.rolimons.com
6	s.nitropay.com	www.rolimons.com s.nitropay.com
3	a.nitropay.com	s.nitropay.com
3	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
3	c.amazon-adsystem.com	s.nitropay.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	s.nitropay.com securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad-delivery.net	www.rolimons.com
2	www.google-analytics.com	www.rolimons.com www.google-analytics.com
1	consent.nitrocnct.com	s.nitropay.com
1	ad.doubleclick.net	www.rolimons.com
1	tracker.nitropay.com	s.nitropay.com
1	btloader.com	s.nitropay.com
1	rolimons.com	1 redirects
1	rbx.rocks	1 redirects
54	17

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.facebook.com
twitter.com
www.youtube.com
nitropay.com

Subject Issuer	Validity	Valid
*.rolimons.com Amazon	`2022-08-02` - `2023-08-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.rbxcdn.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-23` - `2023-04-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.nitrocnct.com E1	`2023-01-03` - `2023-04-03`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-12-18` - `2023-03-18`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.rolimons.com/
Frame ID: 39E0BB834F39B6C2581F6AB4EEB6970E
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rolimon's | Roblox Trading WebsiteRolimon's Discord Invite

Page URL History Show full URLs

http://rbx.rocks/ HTTP 302
https://rolimons.com/?rocks= HTTP 301
https://www.rolimons.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

54
Requests

100 %
HTTPS

53 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

1745 kB
Transfer

3810 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/rolimons
Title: Discord Server

Search URL Search Domain Scan URL

URL: https://discord.gg/WBJ6C8Yn6h
Title: Support Server

Search URL Search Domain Scan URL

URL: https://discord.gg/STMCTrc
Title: Rolimon's Developer Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rolimons
Title: Rolimon's Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/rolimons
Title: Rolimon's Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/RolimonsYT
Title: Rolimon's YouTube Channel

Search URL Search Domain Scan URL

URL: https://twitter.com/Rolimons
Title: Twitter

Search URL Search Domain Scan URL

URL: https://nitropay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rbx.rocks/ HTTP 302
https://rolimons.com/?rocks= HTTP 301
https://www.rolimons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rolimons.com/
Redirect Chain

http://rbx.rocks/
https://rolimons.com/?rocks=
https://www.rolimons.com/

249 KB
35 KB

321ms
100ms

Document
text/html

65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: c6d1d5bf1199c427f184ab316b6624280bfba8682bf9d4c22f2f0b9f02a25342

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2
cache-control: public, max-age=15
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Feb 2023 11:26:26 GMT
etag: W/"3e5dd-OfYIa7OwpNWwfQh5slO5EW4oJlo"
server: nginx
vary: Accept-Encoding
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
x-amz-cf-id: Jotkg-gwrMotT-ORfXLyy2014fTY47xggCcGoKy_ElfV1j1MyNG2-w==
x-amz-cf-pop: ZAG50-C1
x-cache: Hit from cloudfront

Redirect headers

age: 28835
content-length: 0
date: Thu, 09 Feb 2023 03:25:54 GMT
location: https://www.rolimons.com/
server: AmazonS3
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-id: EHTtn2D40gFzvqtEPA_1mpU6GN0dQHyl1H5ndOFgbYigD3lUv23Sww==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 ads-874.js Show response
s.nitropay.com/ 487 KB
151 KB 188ms
67ms Script
application/javascript 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-874.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3907322b5cc76314e21f5ad5ed1a0391ea67ab8955dc2d2adea17950cf610987

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1675371673
age: 19153
x-guploader-uploadid: ADPycdusgmCSSLxi23L1vpqIGlLEmERicHfRWNCr9W-Trv-yBNRuR7XXtrmeYRAe_a6cnByS74ht67y-iW9BvTbfydBpUk1-0BUY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Feb 2023 06:05:49 GMT
server: cloudflare
etag: W/"88c930412b89b2eaff50536d8da844ca:1675922749000"
vary: Accept-Encoding
x-goog-generation: 1675372502509578
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=cwhO1w==, md5=iMkwQSuJsur/UFNtjahEyg==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 496266
cf-ray: 796c40175fba88b6-LHR
expires: Thu, 09 Feb 2023 18:05:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 245ms
72ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 11:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Feb 2023 13:12:08 GMT

GET
H2 200 custom.css
www.rolimons.com/css/ 144 KB
23 KB 85ms
85ms Stylesheet
text/css 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rolimons.com/css/custom.css
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: 7a9e2ef67508917288754f547109f8a4a573923f1bdff807f0816768b8516958

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:26:03 GMT
content-encoding: gzip
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Sat, 16 Oct 2021 18:36:03 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 27692
etag: W/"2e04f-17c8a63b977"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 39n7kqD4weL10SzPUBZ_R4JDQP_3f8hgQNOt5evfVfS8Qn_c0sfIFA==

GET
H2 200 site.css
www.rolimons.com/css/ 20 KB
5 KB 99ms
98ms Stylesheet
text/css 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rolimons.com/css/site.css
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: 88fa416c7cf6575e6d83e9aae96cf96de95b0db9d4397deeb45cb03142a09303

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 06:46:57 GMT
content-encoding: gzip
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Sat, 17 Dec 2022 09:14:15 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 17087
etag: W/"59b4-1851f5cd373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 3pnh24jJZpLx_m1Mh13qzEyr8_QfxvQlODTCz0sfIGCc-sV9HI3RSQ==

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 87 KB
31 KB 151ms
45ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 787580
x-jsd-version: 3.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30948
x-served-by: cache-fra-eddf8230037-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
21 KB 152ms
46ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 9275904
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
x-served-by: cache-fra-eddf8230138-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jwt-decode.min.js Show response
cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/ 2 KB
1 KB 202ms
95ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/jwt-decode.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 3062343
x-jsd-version: 2.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1066
x-served-by: cache-fra-eddf8230049-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"88d-JRgV54Ho0Cfi+gYKxbRnBKPtK48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/ 62 KB
16 KB 202ms
96ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/sweetalert2.all.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 8677540
x-jsd-version: 8.19.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16266
x-served-by: cache-fra-eddf8230040-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mixitup.min.js Show response
cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/ 87 KB
22 KB 207ms
101ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/mixitup.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 3060965
x-jsd-version: 3.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21701
x-served-by: cache-fra-eddf8230109-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"15bc7-2VILGgXMwXLEJBYfaT+sorfOrFQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 2 KB
1 KB 200ms
95ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 2607469
x-jsd-version: 2.0.0-rc.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 937
x-served-by: cache-fra-eddf8230103-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"8a2-ngY/Y9MDkyf1oyGHRNHDqclx9cM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 playerthumbnails.js Show response
www.rolimons.com/js/ 2 KB
1 KB 98ms
96ms Script
application/javascript 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rolimons.com/js/playerthumbnails.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: ef12da74eca0a94a0ea637b5aa33451b84c58428c0452c808a2b9ce554a9e157

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 10:53:56 GMT
content-encoding: gzip
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 01:24:14 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 2115
etag: W/"1391-180d4c3f94e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: meCw1MhDdfD2jr6xo5RhIWi3et8-2DYb8_nUKjlfk7N67XwDlqnQgA==

GET
H2 200 search.js Show response
www.rolimons.com/js/ 16 KB
4 KB 103ms
101ms Script
application/javascript 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rolimons.com/js/search.js
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: bf24cfa6aecfcc4f7e976bc967b926a5ff13aa06453a5ebbd0eca3bc9088c9ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 07:29:54 GMT
content-encoding: gzip
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 16:34:48 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 14729
etag: W/"6eb1-18360e6e729"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 9k6BVoBeeOyZ3u8L-vE9u5Izrzu28ky34AHnXRd1SS3jh2UnGy2kcA==

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@7.3.3/ 133 KB
37 KB 48ms
48ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@7.3.3/swiper-bundle.min.js

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
Origin: https://www.rolimons.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 2537839
x-jsd-version: 7.3.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37867
x-served-by: cache-fra-eddf8230021-FRA, cache-lcy-eglc8600049-LCY
x-jsd-version-type: version
etag: W/"212a2-/9gofZKGG3k/4DEPgfQ3XoYezfA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 transparent-square-110.png
www.rolimons.com/images/ 176 B
519 B 97ms
97ms Image
image/png 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/transparent-square-110.png
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: b01348962ee4322f41f5ed94f1f4a66d6846716600da32b92bac0ad56697d938

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:34:34 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Sat, 16 Oct 2021 18:36:03 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971513
etag: W/"b0-17c8a63b9bd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 176
x-amz-cf-id: JOhXjS1vWAR72UsNHLE29yl05_dlDNUIJvKa7iAs4BqfNDdPzFDc-g==

GET
H2 200 transparent-16x9-120.png
www.rolimons.com/images/ 161 B
502 B 97ms
96ms Image
image/png 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/transparent-16x9-120.png
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: 0c119e28276f43a14f6a597b17d6db40dd2892c31533873edd6ff3d98d0e27d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:22 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Wed, 01 Dec 2021 18:23:30 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971465
etag: W/"a1-17d773cc223"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 161
x-amz-cf-id: edYZkMlNgnTRPKSSmftyXnKurpwpvk7alfIIpT0WyAuf13SukDIoRA==

GET
H2 200 rolimons-banner-2.jpg
www.rolimons.com/images/ 136 KB
136 KB 89ms
88ms Image
image/jpeg 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/rolimons-banner-2.jpg
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: b8995cf15f7b64271acdab1dfa97eb90d0d907b1378a857c028055ca84dd326e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:23 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Sat, 16 Oct 2021 18:36:03 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971466
etag: W/"21e3b-17c8a63b9a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
content-length: 138811
x-amz-cf-id: t8CFZsvNqs2bDv8awKzyZEqYiHynWnKBxePlbiHW9t-6R8l1AVm0dg==

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a828d383bd3ed0368a40ee47ac3936ce3adf13fe2e358a257b1d13bd47c2a05

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebbc1d67497d152eb7859c47b4f6b53a4e558ea4ae39dd3a568676660aa4afbc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Png
tr.rbxcdn.com/69db69f0e6b746c0be8ebbdf9c0c3aab/420/420/Hat/ 57 KB
57 KB 286ms
108ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/69db69f0e6b746c0be8ebbdf9c0c3aab/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f69fe4ab56ce8a575179055d3a7194405dc44d3cbe3f0df16592c5e3f23e8739

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=3600
date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI1-WEB2399
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 58151
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/0e3057de01f2f47c1ae60b09294f7c3f/420/420/Hat/ 50 KB
50 KB 234ms
56ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/0e3057de01f2f47c1ae60b09294f7c3f/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cfe604f47537634f46281ae9fdee137f8fd74cfac136db5f27efb8bc88e3d0aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB4170
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 50795
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/8484f4d24adc3fcdeef695a47a8398d5/420/420/Hat/ 35 KB
36 KB 231ms
53ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/8484f4d24adc3fcdeef695a47a8398d5/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aab3a8a6b80832998cdefcd220e92d871e1f406f4b8cc9c8eb3bc6287da8939c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB3233
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 36113
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/ac3b1b57250eb5d988f9357f401ad733/420/420/Hat/ 32 KB
33 KB 342ms
165ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/ac3b1b57250eb5d988f9357f401ad733/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d00aef5df33d23d99505986b0699b7c7dd9a680b3bb60904fbe8e1bdb770575e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB5262
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 32955
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/d1c886e3e77b709f1edcd388f20b5bfe/420/420/Hat/ 54 KB
55 KB 352ms
176ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/d1c886e3e77b709f1edcd388f20b5bfe/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96ae9a9f8dcdb158e4aa83ff2bba3d87bf932d007e0f28e145c53149ceeec7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=3600
date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB4259
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 55545
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/38b17496653f22b3fea3d667dd4dee81/420/420/Hat/ 25 KB
26 KB 352ms
175ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/38b17496653f22b3fea3d667dd4dee81/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d884ee34764fbc90d511cff3f7c4f0bc0dc0adac06c146a0257f37899c3f1975

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=3600
date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB4930
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 25636
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 Png
tr.rbxcdn.com/5576f652dd8a2579212a9a8756b74eca/420/420/Hat/ 64 KB
64 KB 184ms
184ms Image
image/png 2a02:26f0:3500:11::215:14ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.rbxcdn.com/5576f652dd8a2579212a9a8756b74eca/420/420/Hat/Png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:11::215:14ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3f6f50959afbf883fdd02535c9a1995a1f8b8891068cddfb90111973b8662afb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id: CHI2-WEB3915
access-control-allow-methods: GET
content-type: image/Png
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 65191
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 roblox-trading-terms-guide.jpg
www.rolimons.com/images/ 264 KB
265 KB 82ms
80ms Image
image/jpeg 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/roblox-trading-terms-guide.jpg
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: b5f31b580533a8e45394b2b8256f6d37e19b84cbca51e982ea11c82643465e14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:24 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 21:42:02 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971465
etag: W/"420a4-183fc7ef626"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 270500
x-amz-cf-id: Acy-i-uznpX7tHofteexi4HqqAOxR66sWinMTQKcSa0ZQ32jSVyFuA==

GET
H2 200 where-are-the-workclocks.jpg
www.rolimons.com/images/ 72 KB
72 KB 175ms
174ms Image
image/jpeg 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/where-are-the-workclocks.jpg
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: 2d6bfdc73cfff7d4876d55898ca17c13cd650d816ac5d35af43f8f63e4cddd39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:24 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 19:13:15 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971465
etag: W/"11e8d-1828406831b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 73357
x-amz-cf-id: MaPRShDIBqJCHSjGV3qqAMV5o4zW_0G4dhok_7rY2JsowVZQ4_Vh3A==

GET
H2 200 rolimons-value-changing-how-does-it-work.jpg
www.rolimons.com/images/ 140 KB
141 KB 195ms
194ms Image
image/jpeg 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/rolimons-value-changing-how-does-it-work.jpg
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: 5efd032cc7c5000ea884e929b017376ae0a132b8509f6eea5a36d876bd073c29

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:24 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 00:13:26 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971465
etag: W/"230ec-181ea9a8ecc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 143596
x-amz-cf-id: 06etR9eqvFy0PG9Y2t0ahWHbUB4ZKHAlyMR63S0oa3QbxUrGqN2QKA==

GET
H2 200 mysterious-roblox-badges-that-were-never-released.jpg
www.rolimons.com/images/ 113 KB
113 KB 121ms
120ms Image
image/jpeg 65.9.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rolimons.com/images/mysterious-roblox-badges-that-were-never-released.jpg
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.25.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-25-35.zag50.r.cloudfront.net
Software: nginx /
Resource Hash: b28d156a9c65783ba33a6e71c3f11b60e9d1807da14ea616633cb2c4e44d0cb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:35:24 GMT
via: 1.1 404ac5621836af31e2d3d32ecae91e78.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:00:33 GMT
server: nginx
x-amz-cf-pop: ZAG50-C1
age: 971465
etag: W/"1c238-181a8aec03b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 115256
x-amz-cf-id: rOkH-wjRlRUbjW6VO3MuNw_hOQClmgttcFTPKjviYrwm-VMS8jioHQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 101ms
101ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1549563270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rolimons.com%2F&ul=en-us&de=UTF-8&dt=Rolimon%27s%20%7C%20Roblox%20Trading%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=322815355&gjid=6838174&cid=1630175638.1675941989&tid=UA-97395446-1&_gid=2120767144.1675941989&_r=1&_slc=1&z=1948706482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rolimons.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:26:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rolimons.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 51 KB
13 KB 147ms
52ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 264d2d6afeba100009962fa26e2567ee373142c7b0bf42ddd15c2179022d6839

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 10:57:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1719
etag: W/"a7100ac3d4a45dd56a29f3211da17d8d"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FZ3Tw6Rk1SWImmawpBdT5SXCtmmkr%2BnL6XSu3bntFGlQ1ubIhmLZN6IKvTSPayxaiMGG4I9QJaXEr%2BVOSRgDpuG8yCO5gLlsqW2DLDbF6uUG09%2BRPB%2FyXfEP3%2F%2B96DYocxMMqbAXB47Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 796c401a0bee76cb-LHR

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 226ms
91ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0d7307983a915ce61eace013c48c404ae5b11fb6618171766620061f3bfb01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27215
x-xss-protection: 0
server: sffe
etag: "1477 / 594 of 1000 / last-modified: 1675935793"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 11:26:29 GMT

GET
H2 200 ncmp-1593ef2.min.js Show response
s.nitropay.com/ 221 KB
40 KB 59ms
59ms Script
application/javascript 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ncmp-1593ef2.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eedf1e7e5e27a18648d3365b823f1f9adbc2fc257d49897dffd783fc9a521ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 569457
x-guploader-uploadid: ADPycdvtMzI_yYwVxLbrJgi37nOvjo1iP7C9XCW-yetpoXO4vyaA0m_XQdqnlk5wYWdF4lr8NMn1DNJz82LU1wfyFTLq2AezycEc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Oct 2022 16:01:57 GMT
server: cloudflare
etag: W/"4ab00debeb2ea85c9a660258a1bdeeb0"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1666800117961151
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=HqShZg==, md5=SrAN6+suqFyaZgJYob3usA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 226609
cf-ray: 796c4019cb7e88b6-LHR
expires: Fri, 09 Feb 2024 11:26:29 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 218ms
61ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 10:38:31 GMT
content-encoding: gzip
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 21:24:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 2879
x-amz-server-side-encryption: AES256
etag: W/"0d9f2b192f61b596888847da998647d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: cC_0__fNjGHGsS09qSEpWyy1rhoNwaBHz4eDnL4HFL6yv5_q7RRLVg==

GET
H2 200 analytics
tracker.nitropay.com/sites/874/ 0
0 294ms
159ms Fetch 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/874/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tLyIsInYiOjg5LCJhIjpmYWxzZSwicyI6dHJ1ZX0%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 796c401abdcd72ae-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 1.gif
s.nitropay.com/ 42 B
713 B 56ms
55ms Image
image/gif 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 569455
x-guploader-uploadid: ADPycduXgd_HyoqRqwF29Zv6N5EORL9CamktCU8W5bYgGvA3eKvUrwX9ztiuYqPwuInf9JYfAPezWDK6pITZ913qfQUE8XVwJn5e
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 796c401a5f4523d0-LHR
expires: Thu, 09 Feb 2023 21:15:31 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 144ms
54ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508761
x-guploader-uploadid: ADPycdsUwcHnH5RPrkotPSRzugHBTPPCrPo9zzEkrVn9GyAoP8kcBI2EYGHwXyIkGAMqR3HgX8laDkZjYLAubaWzSu1Qww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByN6hUtH4CSsiZ7oVn8LSWSEAQqPKqyv7wFdqIZ1klRyw%2Fw6R7RKXLEUpgVHvBT2oWCewMUizG%2FxXzWkYv7DAiozXooaJptPmTecpTneunmG8SP3tRsrEVFI9Ki1JLfSorw%2FoCxrKmtA0omf3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 796c401b195074a1-LHR
expires: Fri, 03 Feb 2023 14:11:39 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
569 B 186ms
54ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Feb 2023 11:22:19 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
957 B 56ms
52ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.3260136529300868
Requested by: Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508761
x-guploader-uploadid: ADPycdsUwcHnH5RPrkotPSRzugHBTPPCrPo9zzEkrVn9GyAoP8kcBI2EYGHwXyIkGAMqR3HgX8laDkZjYLAubaWzSu1Qww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqCSzgnysOGYb8OLayBB5KujAi%2F2NfUhtiPJHKgJk27YiIsqJI7UJAaTJvYHCiZGZauGcFbffv7v6kp9r9pfwHJT2zu2ETUNJbgSjovMlSKO56vqmGVVWlbI0tlQ6MPLwpw9yN4geM1FRaHklw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 796c401b195174a1-LHR
expires: Fri, 03 Feb 2023 14:11:39 GMT

GET
H2 200 vendor-list.json Show response
consent.nitrocnct.com/ 400 KB
55 KB 183ms
55ms XHR
application/json 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/vendor-list.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-1593ef2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8c38b83efa6d1043fbd52e32b38f2bcbab3014033b6dcabc8abcbe1fe00c8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275406
x-guploader-uploadid: ADPycdvfTK1SK3tcRyiTwZT0vdv3h7ZkIQyJGKHvz8rpbNzqEWM04eAfmvVrDu7BbfV1JL2dn9s7rJ8NzTTeoti4ul_0oQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 16:15:03 GMT
server: cloudflare
etag: W/"dd5e6d444109736accfeca7278bfc7a1"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675354503182706
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=rJXkgQ==, md5=3V5tREEJc2rM/spyeL/HoQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKE0BSFH3ZmBthy7XwytcUm5BdtwJusBsHiPZFORjnTwsTKvBxqsrS%2Bos5MTZXy5La%2Fz9vBMzL24L6%2F1baTPU%2B7g6y76b1oomqUQQPrUgWa4J0iLrHbuCYGxZE4gvO6QN1O6zFzz975hk1K8zKfe8HGnhRM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 409832
cf-ray: 796c401b6d8423c0-LHR
expires: Mon, 13 Feb 2023 06:48:03 GMT

GET
H2 200 pubads_impl_2023020601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
130 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133115
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:36:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Feb 2024 11:01:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 317 B
207 B 197ms
88ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rolimons.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

708232df2c439e5fa8b235c5debb299f2387accc63916f6fa103257dc0e0e7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182
x-xss-protection: 0
expires: Thu, 09 Feb 2023 11:26:29 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 55ms
54ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.rolimons.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:16:15 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 7813
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: SgsClHyNV9nqGv3DfgcnbXe8w_-vhW5OW83FXPZrh5mbK1-tgncHdg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 166ms
55ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: zv0zkgF8NnUlHbYAYVWZBKSRYlhapW6k
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
date: Thu, 09 Feb 2023 10:06:54 GMT
x-amz-cf-pop: FRA56-C2
age: 4801
x-cache: Hit from cloudfront
last-modified: Wed, 08 Feb 2023 10:05:52 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: y160WT7UsF2jOfSpnH65NQr0TOlqQV9Zw9rjeGtQrfZcXzdPCNY16A==

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 293ms
159ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 293ms
159ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=8Ri6GlC1a4&w=6021189733449728&o=6278260873756672&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.rolimons.com%2F&sid=Pe9xQEtaEA&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Feb 2023 11:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 244ms
81ms XHR
text/javascript 13.227.198.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pid=3jnJrs00sGHnb&cb=0&ws=1600x1200&v=23.203.336&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_top_inline_lb%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.198.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-198-171.ams54.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS54-C1
x-amz-rid: CW97X88RPPQ3S9CPYW84
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sx8SuaJ8SJqx_S5NMkFVzUPud5YK4MRvKl1hoIlUP43NPiqAn5IstQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
462 B 244ms
83ms XHR
text/javascript 13.227.198.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pid=3jnJrs00sGHnb&cb=1&ws=1600x1200&v=23.203.336&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_left_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.198.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-198-171.ams54.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS54-C1
x-amz-rid: 670WS2QGFX1FAZNATSQC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0oiACg5V4-RbwBCQWwoAodY7JA7uaTUjasdWOpvSkLadtGBY1fxoMg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
464 B 238ms
78ms XHR
text/javascript 13.227.198.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pid=3jnJrs00sGHnb&cb=2&ws=1600x1200&v=23.203.336&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_right_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.198.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-198-171.ams54.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS54-C1
x-amz-rid: Z875V7MN9ZVQES2W1S81
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rolimons.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1DZTe2rdiGmQe1kGWdcId2RM7GF8FjSQIqN0HjBO4iBzlJjgy9Hlow==

GET
H3 200 lang.png
s.nitropay.com/cmp/ 2 KB
2 KB 54ms
53ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/lang.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3023
x-guploader-uploadid: ADPycduh5WKeapQqvF_QQtRjJuj62xSNEfnX6uZC9qRon47sVL5L3vRYB56SrnuhYZpWY2Y75I3BIzIKFrJd8c7hYGXy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1887
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1666344058779792
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 796c401c39cf23d0-LHR
expires: Thu, 09 Feb 2023 11:36:06 GMT

GET
H3 200 cancel.png
s.nitropay.com/cmp/ 1 KB
2 KB 52ms
51ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/cancel.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3022
x-guploader-uploadid: ADPycdsjNhsu3_qz5QMEBbCYB5Ge1i0JDWlcqQ1SmWMroPh5OC7dIJKhmnhomB1WbBH5PKtQbyndrd6I76Hnwhvu5MggEw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1302
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1666344058825998
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 796c401c39d323d0-LHR
expires: Thu, 09 Feb 2023 11:36:07 GMT

GET
H3 200 logo.png
s.nitropay.com/cmp/ 3 KB
3 KB 53ms
52ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/logo.png

Requested by

Host: www.rolimons.com
URL: https://www.rolimons.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.rolimons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3022
x-guploader-uploadid: ADPycdsrP0haR8w9UjwAnLs73kuvHba1GJh4EnEh9Bye_82iH6BnpzXHJRgOZSjs5OHFpOOtWd5JBNZj8SK7rN7ANTIDJnvHYlDL
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2592
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1666344058842900
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 796c401c39d523d0-LHR
expires: Thu, 09 Feb 2023 11:36:07 GMT

POST
H2 200 openrtb Show response
a.nitropay.com/v3/ 124 B
183 B 183ms
158ms Fetch
application/json 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v3/openrtb

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026ea9647697a10e4654ac339306e9d41ec840f698e5d2aefb552e0edc660d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.rolimons.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Feb 2023 11:26:29 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 796c401c6f3f88b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 openrtb Show response
a.nitropay.com/v3/ 124 B
318 B 180ms
155ms Fetch
application/json 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v3/openrtb

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31bf15279854ee974b463f2abbe038700fe8730e30b0f9483b36edca8b940cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.rolimons.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Feb 2023 11:26:29 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 796c401c6f4388b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 openrtb Show response
a.nitropay.com/v3/ 124 B
187 B 183ms
159ms Fetch
application/json 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v3/openrtb

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

211db9b4909a9f9d138215b2beff149d416dca1667000761eef47b5708adf99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.rolimons.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Feb 2023 11:26:29 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Feb 2023 11:26:29 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rolimons.com
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 796c401c6f4088b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitropay.com/	1970-01-20 09:32:23	Name: __cf_bm Value: ozxTARDj3.YMXrB9RFpGOuI3ekujE5OiviRupiEKfYI-1675941989-0-AW1DtDbLqtto05LXE5aNh9NEXfgtWYIsPgBVEPtNjjrf3iTMP3z0n6lOml1LRAer3q4nI0Z8Eb/xC14NIs37q6Y=
.rolimons.com/	1970-01-20 19:08:21	Name: _ga Value: GA1.2.1630175638.1675941989
.rolimons.com/	1970-01-20 09:33:48	Name: _gid Value: GA1.2.2120767144.1675941989
.rolimons.com/	1970-01-20 09:32:22	Name: _gat Value: 1
www.rolimons.com/	1970-01-20 10:15:33	Name: _pbjs_userid_consent_data Value: 3524755945110770

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.nitropay.com
aax-dtb-cf.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.amazon-adsystem.com
cdn.jsdelivr.net
consent.nitrocnct.com
rbx.rocks
rolimons.com
s.nitropay.com
securepubads.g.doubleclick.net
tr.rbxcdn.com
tracker.nitropay.com
www.google-analytics.com
www.rolimons.com
13.227.198.171
13.32.28.197
130.211.23.194
142.250.186.134
192.64.119.20
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700::6812:34e
2a00:1450:4001:810::2002
2a00:1450:400d:806::200e
2a02:26f0:3500:11::215:14ce
2a04:4e42::485
2a06:98c1:3121::c
65.9.25.35
99.86.4.109
026ea9647697a10e4654ac339306e9d41ec840f698e5d2aefb552e0edc660d3e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c119e28276f43a14f6a597b17d6db40dd2892c31533873edd6ff3d98d0e27d6
16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11
1a828d383bd3ed0368a40ee47ac3936ce3adf13fe2e358a257b1d13bd47c2a05
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
211db9b4909a9f9d138215b2beff149d416dca1667000761eef47b5708adf99a
264d2d6afeba100009962fa26e2567ee373142c7b0bf42ddd15c2179022d6839
2d6bfdc73cfff7d4876d55898ca17c13cd650d816ac5d35af43f8f63e4cddd39
3907322b5cc76314e21f5ad5ed1a0391ea67ab8955dc2d2adea17950cf610987
3f6f50959afbf883fdd02535c9a1995a1f8b8891068cddfb90111973b8662afb
4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d
4a8c38b83efa6d1043fbd52e32b38f2bcbab3014033b6dcabc8abcbe1fe00c8f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5efd032cc7c5000ea884e929b017376ae0a132b8509f6eea5a36d876bd073c29
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
708232df2c439e5fa8b235c5debb299f2387accc63916f6fa103257dc0e0e7ee
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a9e2ef67508917288754f547109f8a4a573923f1bdff807f0816768b8516958
88fa416c7cf6575e6d83e9aae96cf96de95b0db9d4397deeb45cb03142a09303
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
96ae9a9f8dcdb158e4aa83ff2bba3d87bf932d007e0f28e145c53149ceeec7d3
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
aab3a8a6b80832998cdefcd220e92d871e1f406f4b8cc9c8eb3bc6287da8939c
b01348962ee4322f41f5ed94f1f4a66d6846716600da32b92bac0ad56697d938
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b28d156a9c65783ba33a6e71c3f11b60e9d1807da14ea616633cb2c4e44d0cb9
b31bf15279854ee974b463f2abbe038700fe8730e30b0f9483b36edca8b940cf
b5f31b580533a8e45394b2b8256f6d37e19b84cbca51e982ea11c82643465e14
b8995cf15f7b64271acdab1dfa97eb90d0d907b1378a857c028055ca84dd326e
be0d7307983a915ce61eace013c48c404ae5b11fb6618171766620061f3bfb01
bf24cfa6aecfcc4f7e976bc967b926a5ff13aa06453a5ebbd0eca3bc9088c9ee
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4
c6d1d5bf1199c427f184ab316b6624280bfba8682bf9d4c22f2f0b9f02a25342
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe604f47537634f46281ae9fdee137f8fd74cfac136db5f27efb8bc88e3d0aa
d00aef5df33d23d99505986b0699b7c7dd9a680b3bb60904fbe8e1bdb770575e
d884ee34764fbc90d511cff3f7c4f0bc0dc0adac06c146a0257f37899c3f1975
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
ebbc1d67497d152eb7859c47b4f6b53a4e558ea4ae39dd3a568676660aa4afbc
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
eedf1e7e5e27a18648d3365b823f1f9adbc2fc257d49897dffd783fc9a521ba4
ef12da74eca0a94a0ea637b5aa33451b84c58428c0452c808a2b9ce554a9e157
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69fe4ab56ce8a575179055d3a7194405dc44d3cbe3f0df16592c5e3f23e8739
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.rolimons.com Open in urlscan Pro 65.9.25.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

53 %IPv6

11 Domains

17 Subdomains

14 IPs

3 Countries

1745 kBTransfer

3810 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rolimons.com Open in urlscan Pro
65.9.25.35 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

53 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

1745 kB
Transfer

3810 kB
Size

5
Cookies

54 HTTP transactions
2 data transactions