urlscan.io logo urlscan.io
SecurityTrails logo

www.rolimons.com Open in urlscan Pro
108.138.217.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rolimons.com.admin-mcas-df.ms/
Effective URL: https://www.rolimons.com/
Submission Tags: phishingrod
Submission: On January 27 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 58 HTTP transactions. The main IP is 108.138.217.67, located in United States and belongs to AMAZON-02, US. The main domain is www.rolimons.com. The Cisco Umbrella rank of the primary domain is 126893.
TLS certificate: Issued by Amazon on August 2nd 2022. Valid for: a year.
This is the only time www.rolimons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.103.95.227 8075 (MICROSOFT...)
3 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 1 13.225.78.98 16509 (AMAZON-02)
12 108.138.217.67 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a04:4e42:400... 54113 (FASTLY)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 18.66.23.213 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.180.230 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 18.66.23.210 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
58 17
1    51.103.95.227 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rolimons.com.admin-mcas-df.ms
3    2a02:26f0:dc::6853:53b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
1    13.225.78.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-98.fra2.r.cloudfront.net
rolimons.com
12    108.138.217.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-217-67.lhr61.r.cloudfront.net
www.rolimons.com
9    2606:4700::6812:24e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
a.nitropay.com
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2a02:26f0:3500:11::215:14d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tr.rbxcdn.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.nitropay.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
3    18.66.23.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-210.vie50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
13 rolimons.com
rolimons.com — Cisco Umbrella Rank: 126707
www.rolimons.com — Cisco Umbrella Rank: 126893
796 KB
10 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 31425
tracker.nitropay.com — Cisco Umbrella Rank: 30453
a.nitropay.com — Cisco Umbrella Rank: 47871
201 KB
7 rbxcdn.com
tr.rbxcdn.com — Cisco Umbrella Rank: 10390
480 KB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
129 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488
51 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 184
159 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 789
api.btloader.com — Cisco Umbrella Rank: 909
15 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 37763
44 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 912
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 233723
55 KB
1 admin-mcas-df.ms
rolimons.com.admin-mcas-df.ms
888 B
58 12
Domain Requested by
12 www.rolimons.com www.rolimons.com
7 tr.rbxcdn.com www.rolimons.com
7 cdn.jsdelivr.net www.rolimons.com
6 s.nitropay.com www.rolimons.com
s.nitropay.com
3 a.nitropay.com s.nitropay.com
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net s.nitropay.com
securepubads.g.doubleclick.net
3 mcasproxy.azureedge.net rolimons.com.admin-mcas-df.ms
mcasproxy.azureedge.net
2 api.btloader.com btloader.com
2 ad-delivery.net www.rolimons.com
2 www.google-analytics.com www.rolimons.com
www.google-analytics.com
1 consent.nitrocnct.com s.nitropay.com
1 ad.doubleclick.net www.rolimons.com
1 tracker.nitropay.com s.nitropay.com
1 btloader.com s.nitropay.com
1 rolimons.com 1 redirects
1 rolimons.com.admin-mcas-df.ms
58 18

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.facebook.com
twitter.com
www.youtube.com
nitropay.com
Subject Issuer Validity Valid
*.com.mcas.ms
Microsoft Azure TLS Issuing CA 02		 2023-01-25 -
2024-01-20		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
*.rolimons.com
Amazon		 2022-08-02 -
2023-08-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.rbxcdn.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-23 -
2023-04-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.nitrocnct.com
E1		 2023-01-03 -
2023-04-03		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.rolimons.com/
Frame ID: F30DDAB64CD064E7DAF1BC45E9F5D114
Requests: 58 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.28.26/html/session-context-restore.html
Frame ID: A26B0F0B5BEE0CA4A509C61616DF5C31
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rolimon's | Roblox Trading WebsiteRolimon's Discord Invite

Page URL History Show full URLs

  1. https://rolimons.com.admin-mcas-df.ms/ Page URL
  2. https://rolimons.com/ HTTP 301
    https://www.rolimons.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

58
Requests

100 %
HTTPS

59 %
IPv6

12
Domains

18
Subdomains

17
IPs

5
Countries

1953 kB
Transfer

4053 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rolimons.com.admin-mcas-df.ms/ Page URL
  2. https://rolimons.com/ HTTP 301
    https://www.rolimons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rolimons.com.admin-mcas-df.ms/ 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rolimons.com.admin-mcas-df.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.103.95.227 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
ac6de00be0bb83a795a7157312fe4bee0bf46993e969c90ea063abc8bc1af015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 Jan 2023 22:16:22 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
10
x-mcas-request-id
4930703b0f9d042349f2aff997c88acf
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.28.26/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.28.26/js/session-context-store-helper.min.js
Requested by
Host: rolimons.com.admin-mcas-df.ms
URL: https://rolimons.com.admin-mcas-df.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:53b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rolimons.com.admin-mcas-df.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 27 Jan 2023 22:16:22 GMT
last-modified
Thu, 19 Jan 2023 09:30:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Dor7jY9XuhzpOAkbPbiHoQ==
etag
0x8DAF9FFD00FDC1A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
68f00651-e01e-006c-63fe-2be507000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30808209
x-ms-version
2009-09-19
content-length
4832
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.28.26/html/ Frame A26B 		209 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.28.26/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.28.26/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:53b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
https://rolimons.com.admin-mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30808437
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Fri, 27 Jan 2023 22:16:22 GMT
etag
0x8DAF9FFF7FCF83F
last-modified
Thu, 19 Jan 2023 09:31:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
68f006f0-e01e-006c-34fe-2be507000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.28.26/js/ Frame A26B 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.28.26/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.28.26/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:53b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.28.26/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 27 Jan 2023 22:16:22 GMT
last-modified
Thu, 19 Jan 2023 09:30:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
/YaMyLrHn30aHcVLtQfmcw==
etag
0x8DAF9FFD0703D9F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
68f00736-e01e-006c-67fe-2be507000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30808393
x-ms-version
2009-09-19
content-length
38628
Primary Request /
www.rolimons.com/
Redirect Chain
  • https://rolimons.com/?
  • https://www.rolimons.com/
249 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
bf1926e116009fdf7b68781626436c4baf1ff7bbc848b6e46a22071453545721

Request headers

Referer
https://rolimons.com.admin-mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
3
cache-control
public, max-age=15
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 Jan 2023 22:16:19 GMT
etag
W/"3e5fc-awMfOZdDi3vpTdp9UKQaA1BaQDQ"
server
nginx
vary
Accept-Encoding
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-id
87Di-d_tMODxOqfJLYeEQyAYjcF1IdeQ4I7NaLdhXswlfXNND9QnAw==
x-amz-cf-pop
LHR61-P3
x-cache
Hit from cloudfront

Redirect headers

age
61278
content-length
0
date
Fri, 27 Jan 2023 05:15:05 GMT
location
https://www.rolimons.com/
server
AmazonS3
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id
7tnsoWhiWS8hU5-ztLYaj0uVDzHIlLReS2A1ciN7i7DJXRNY_foe3g==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
ads-874.js
s.nitropay.com/ 		488 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-874.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db09d8311b4965fc5dc61dfe5d59048d4524d0fc052d51d7695e62c3ee564fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1674593760
age
1789
x-guploader-uploadid
ADPycdvifLK6e7lCLjlGn6H7AP_QdYZGpr7j6fuZFmKvgzOlvAR1BFVNBr60wYFPdWvWDaNVAngg_9qRwrTX2dmDiIDzCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 27 Jan 2023 21:45:47 GMT
server
cloudflare
etag
W/"9c0b93bb89434c5bce36bf9a4545b2a0:1674855947000"
vary
Accept-Encoding
x-goog-generation
1674594637791427
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=QyYqCw==, md5=nAuTu4lDTFvONr+aRUWyoA==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
497007
cf-ray
7904da38194c99b1-CDG
expires
Sat, 28 Jan 2023 09:46:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Jan 2023 20:21:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6879
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 27 Jan 2023 22:21:44 GMT
custom.css
www.rolimons.com/css/ 		144 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rolimons.com/css/custom.css
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
7a9e2ef67508917288754f547109f8a4a573923f1bdff807f0816768b8516958

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 18:03:53 GMT
content-encoding
gzip
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Sat, 16 Oct 2021 18:36:03 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
15148
etag
W/"2e04f-17c8a63b977"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
x2MGirSqAamN4YYH6Kq24gQDyNCXlUHFCA1bxshnVBHj9Zhp9xc6WA==
site.css
www.rolimons.com/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rolimons.com/css/site.css
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
88fa416c7cf6575e6d83e9aae96cf96de95b0db9d4397deeb45cb03142a09303

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 04:31:39 GMT
content-encoding
gzip
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Sat, 17 Dec 2022 09:14:15 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
64884
etag
W/"59b4-1851f5cd373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
dB-jUTB1iDXkwgbLZ1F8Zh9jHIwojP5Ct6Ichd8DLuA-CXMyq87X6w==
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
8711724
x-jsd-version
3.5.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30948
x-served-by
cache-fra19153-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
20546425
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21830
x-served-by
cache-fra19122-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jwt-decode.min.js
cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jwt-decode@2.2.0/build/jwt-decode.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1978137
x-jsd-version
2.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1066
x-served-by
cache-fra-eddf8230049-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"88d-JRgV54Ho0Cfi+gYKxbRnBKPtK48"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@8.19.0/dist/sweetalert2.all.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
7593333
x-jsd-version
8.19.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16266
x-served-by
cache-fra-eddf8230040-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"f9a3-83/dkKMqqE70ruguVvt5jysji+A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
mixitup.min.js
cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mixitup@3.3.1/dist/mixitup.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1976759
x-jsd-version
3.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21701
x-served-by
cache-fra-eddf8230109-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"15bc7-2VILGgXMwXLEJBYfaT+sorfOrFQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lazyload.min.js
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
20818145
x-jsd-version
2.0.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
937
x-served-by
cache-fra19171-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"8a2-ngY/Y9MDkyf1oyGHRNHDqclx9cM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
playerthumbnails.js
www.rolimons.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rolimons.com/js/playerthumbnails.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
ef12da74eca0a94a0ea637b5aa33451b84c58428c0452c808a2b9ce554a9e157

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 22:43:54 GMT
content-encoding
gzip
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 01:24:14 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
84749
etag
W/"1391-180d4c3f94e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
nf6LNZ0EGnz_a58LY6Uj5oQ4z7P1JIzHce0ZNgRJMvbqdXVf7lNCSA==
search.js
www.rolimons.com/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rolimons.com/js/search.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
bf24cfa6aecfcc4f7e976bc967b926a5ff13aa06453a5ebbd0eca3bc9088c9ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 22:43:54 GMT
content-encoding
gzip
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 16:34:48 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
84749
etag
W/"6eb1-18360e6e729"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
dtB1jZbjCY0XgbIcrlv3Y4cu6zzHe8kVf97BLGY1Y0dkjJJb0sUg0g==
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@7.3.3/ 		133 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@7.3.3/swiper-bundle.min.js
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
Origin
https://www.rolimons.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1453632
x-jsd-version
7.3.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37867
x-served-by
cache-fra-eddf8230021-FRA, cache-cdg20724-CDG
x-jsd-version-type
version
etag
W/"212a2-/9gofZKGG3k/4DEPgfQ3XoYezfA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
transparent-square-110.png
www.rolimons.com/images/ 		176 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/transparent-square-110.png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
b01348962ee4322f41f5ed94f1f4a66d6846716600da32b92bac0ad56697d938

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 00:26:53 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Sat, 16 Oct 2021 18:36:03 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1201770
etag
W/"b0-17c8a63b9bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
176
x-amz-cf-id
YI6aqGCjWesHFjElVF_whFXl5GD_mKVLnL7nyGW8-iSJ-9HSs0eFGA==
transparent-16x9-120.png
www.rolimons.com/images/ 		161 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/transparent-16x9-120.png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
0c119e28276f43a14f6a597b17d6db40dd2892c31533873edd6ff3d98d0e27d6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 12:15:32 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Dec 2021 18:23:30 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1332051
etag
W/"a1-17d773cc223"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
161
x-amz-cf-id
c9lbavCK6DjRYHjhtz-KXBdKuyxomZfpbb6DvPOk0TDdVLlIgSRCBw==
rolimons-banner-2.jpg
www.rolimons.com/images/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/rolimons-banner-2.jpg
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
b8995cf15f7b64271acdab1dfa97eb90d0d907b1378a857c028055ca84dd326e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 18:11:18 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Sat, 16 Oct 2021 18:36:03 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
2174705
etag
W/"21e3b-17c8a63b9a9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
138811
x-amz-cf-id
nj_OgAPWQ_L-l96cpEraP9QRAqB6gAd4Y9B1EbFwi3mCDH4GtlE6rg==
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a828d383bd3ed0368a40ee47ac3936ce3adf13fe2e358a257b1d13bd47c2a05

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebbc1d67497d152eb7859c47b4f6b53a4e558ea4ae39dd3a568676660aa4afbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
Png
tr.rbxcdn.com/301de4203345518a1cbd3b0b0cad8931/420/420/Hat/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/301de4203345518a1cbd3b0b0cad8931/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
689fea2546099fb803da1515b29bd213fcf47b05f6f1dd86ac1a393b6f47dcc4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB1083
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
69877
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/64f6262a8c221b1f465361ae993e3620/420/420/Hat/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/64f6262a8c221b1f465361ae993e3620/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c4b9c45e4c7ec2305ea2dd354572a58df3e974a92f1e29c0e50bec059d253cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI2-WEB5456
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
43677
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/13aba02ebd9bd6f4b2fd299755080273/420/420/Hat/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/13aba02ebd9bd6f4b2fd299755080273/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
59db19a1869f6ff09b152073f0356c96743601a9333f2a97df1ad6ebafa4cc07
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=3600
date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB1332
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
70671
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/3876a5c9bc22c32ee42e9a9015457f51/420/420/Hat/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/3876a5c9bc22c32ee42e9a9015457f51/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bdb4530ae4b9b12887f8b7eac3be6c4e5c6dd58fb706f592346ba0d8df090370
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=3600
date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB2574
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
82339
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/6e603253edae5716e10f47d34039dc8a/420/420/Hat/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/6e603253edae5716e10f47d34039dc8a/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ecfaa4f5c0264224e396d491aaeb5f38b463616841a98a60a64f86d320d791d5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=3600
date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB2248
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
52132
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/91e1ee69ea9f3a87fc3360328f4bcd50/420/420/Hat/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/91e1ee69ea9f3a87fc3360328f4bcd50/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ab4c47c31094aece6a26c755a89879922089f4cc793e172abd6f115a641e74c2
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=3600
date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB4401
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
94219
expires
Sat, 27 Jan 2024 22:16:23 GMT
Png
tr.rbxcdn.com/501803b615a801a687133b3e1f0fd2a5/420/420/Hat/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.rbxcdn.com/501803b615a801a687133b3e1f0fd2a5/420/420/Hat/Png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b0b89deb44cd2a87ba0414f38e0b8c07bae68b4b53336e07ad65782fc6a0aab9
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=3600
date
Fri, 27 Jan 2023 22:16:23 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
roblox-machine-id
CHI1-WEB4326
access-control-allow-methods
GET
content-type
image/Png
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
74800
expires
Sat, 27 Jan 2024 22:16:23 GMT
roblox-trading-terms-guide.jpg
www.rolimons.com/images/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/roblox-trading-terms-guide.jpg
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
b5f31b580533a8e45394b2b8256f6d37e19b84cbca51e982ea11c82643465e14

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 09:39:16 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 21:42:02 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1285132
etag
W/"420a4-183fc7ef626"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
270500
x-amz-cf-id
FOWFn10UXu5W64fgtS6ESvzN72StUThNHHMlFlephHAx3otfB-mt3g==
where-are-the-workclocks.jpg
www.rolimons.com/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/where-are-the-workclocks.jpg
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
2d6bfdc73cfff7d4876d55898ca17c13cd650d816ac5d35af43f8f63e4cddd39

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 00:03:34 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Tue, 09 Aug 2022 19:13:15 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1203169
etag
W/"11e8d-1828406831b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
73357
x-amz-cf-id
VHr-DrNa-tVj5ev43lTr_h4iClgeJrbng7yGniuYl6a8UpJaIl2jNA==
rolimons-value-changing-how-does-it-work.jpg
www.rolimons.com/images/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/rolimons-value-changing-how-does-it-work.jpg
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
5efd032cc7c5000ea884e929b017376ae0a132b8509f6eea5a36d876bd073c29

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 03:28:40 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jul 2022 00:13:26 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1190863
etag
W/"230ec-181ea9a8ecc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
143596
x-amz-cf-id
I9NOuQCkWaa36JHGztUx4iFZfmZdr5mEbtn8s7Dg4uK1_Nsl1CIVTw==
mysterious-roblox-badges-that-were-never-released.jpg
www.rolimons.com/images/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rolimons.com/images/mysterious-roblox-badges-that-were-never-released.jpg
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.217.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-217-67.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
b28d156a9c65783ba33a6e71c3f11b60e9d1807da14ea616633cb2c4e44d0cb9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 00:25:45 GMT
via
1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:00:33 GMT
server
nginx
x-amz-cf-pop
LHR61-P3
age
1374638
etag
W/"1c238-181a8aec03b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
115256
x-amz-cf-id
Yt63OQL-edGqPkU68wTK8l0RAwdCSVloM6FHI8KCgpVm8fUnx5JqYw==
tag
btloader.com/ 		91 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93d582a04d3f719a0903045b27e56216ef0206e51604c384b412cbd236b933bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Jan 2023 21:39:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2238
etag
W/"0e1e4cb8c0d9acb3bd5ee7a061788d3f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cfaL1l7elYWvjvhwtHOCeGw%2FyYNhM%2BBlVdVVo4oYZse%2BwQ2uTHw%2BZCffBH9z3dwFo8p2wrSQkixdE87ROzpbPr%2BnaHvD8HA4K6KqeheuVqfXrBTTny6srT%2B9JeneVg35pC7%2FTJB%2B3L9sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7904da39fac2d2c5-CDG
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28cafe7b273d969ee109ca5448db4cf3b64992e756666c8d13603af9ff85531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27586
x-xss-protection
0
server
sffe
etag
"1465 / 777 of 1000 / last-modified: 1674821399"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 22:16:23 GMT
ncmp-1593ef2.min.js
s.nitropay.com/ 		221 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ncmp-1593ef2.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eedf1e7e5e27a18648d3365b823f1f9adbc2fc257d49897dffd783fc9a521ba4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
263111
x-guploader-uploadid
ADPycdvGjmXi5vc2h_Q9HnB_K9pp7DsPBOHdnwV9oubzEj8kd4vL7B7FlxPMO9m5rHSdpwIdnPmCqt-2gPsUfql4LWdwHuSPQPtt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Oct 2022 16:01:57 GMT
server
cloudflare
etag
W/"4ab00debeb2ea85c9a660258a1bdeeb0"
vary
Accept-Encoding
x-goog-hash
crc32c=HqShZg==, md5=SrAN6+suqFyaZgJYob3usA==
x-goog-generation
1666800117961151
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
226609
cf-ray
7904da39ebeb99b1-CDG
expires
Sat, 27 Jan 2024 22:16:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		191 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:00:43 GMT
content-encoding
gzip
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified
Wed, 25 Jan 2023 21:28:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, VIE50-P1
age
941
x-amz-server-side-encryption
AES256
etag
W/"676ff20d9a1610954eca1e1b18855dbf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
0b9IXwsW_9CvDLOpmBBjp3yDTThsMBlagfYdWNea90zg36crc6pKUg==
analytics
tracker.nitropay.com/sites/874/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/sites/874/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly93d3cucm9saW1vbnMuY29tLyIsInYiOjcxLCJhIjpmYWxzZSwicyI6dHJ1ZX0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7904da3a5cf8d53c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
1.gif
s.nitropay.com/ 		42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
263111
x-guploader-uploadid
ADPycduk_8eHRYoARuWaRK0h-3wSWoMQV3DzljTGB9IysZ0b-hZtGSBov6KJDPxWt0bJYQSvuGhday4sappIGijpotMbfR_rsjlO
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
7904da3a5ffc22b1-CDG
expires
Tue, 31 Jan 2023 21:11:12 GMT
collect
www.google-analytics.com/j/ 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=233102934&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rolimons.com%2F&dr=https%3A%2F%2Frolimons.com.admin-mcas-df.ms%2F&ul=en-us&de=UTF-8&dt=Rolimon%27s%20%7C%20Roblox%20Trading%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1731205259&gjid=448714209&cid=225952503.1674857783&tid=UA-97395446-1&_gid=733062355.1674857783&_r=1&_slc=1&z=420653174
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rolimons.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Jan 2023 22:16:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rolimons.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85493
x-guploader-uploadid
ADPycdtH6OLja-eGXP_o9avhoSuRBsjAFv0bUNjVFB8T3if4oaK0umCEpMaX3ZTcK6BNp1XsXO0hMHcG7Hr0POjMxS4A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSm7NAjA3bBvL0daDHePI7uxgtCmmdlCYG9AInHBV8VXFyQI4XsI3EPTs01oT6AMyatPv8VJiuBKHFTfWwsaaAxeXF%2FEuRGJJ%2BZB5a88LOII92Fq2j1avE6I9QUcipompqh%2FmFdFTSwCEyaqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7904da3af9f7d584-CDG
expires
Thu, 26 Jan 2023 22:47:26 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 05:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Jan 2023 05:24:35 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.22327382404654217
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85493
x-guploader-uploadid
ADPycdtH6OLja-eGXP_o9avhoSuRBsjAFv0bUNjVFB8T3if4oaK0umCEpMaX3ZTcK6BNp1XsXO0hMHcG7Hr0POjMxS4A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbEgldtqZ5VH6yIFjrWQNF7FGIwqHLUj%2BF%2Bsj0fKGjbtybdqv6Of0T7nINJqZKAfUzAxDPzKlu2SYIU56jrAX8FX%2FXN7t8GaQBl%2B1QBwkiRjerZFeKNmaX5jF%2BY7QHfOIY4tnl7URMQ0ruyjow%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7904da3af9f9d584-CDG
expires
Thu, 26 Jan 2023 22:47:26 GMT
vendor-list.json
consent.nitrocnct.com/ 		400 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/vendor-list.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-1593ef2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ed37dc245287491a85e88263d1c137d5266c8db326d40b76c6ebb39ceeb307

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134708
x-guploader-uploadid
ADPycdssu4FQqDu3E1kzlCzeDWxYvWbXRnJ9pmuoV1wBvOecSogwab326jNq9YbI5Hxvy2IskN_TXBY5F842w1lXNegO8A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 Jan 2023 16:15:02 GMT
server
cloudflare
etag
W/"e70b18211847ecdf0cdfa3f6e4e75586"
vary
Accept-Encoding
x-goog-hash
crc32c=+kJZDw==, md5=5wsYIRhH7N8M36P25OdVhg==
x-goog-generation
1674144902580280
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwkm4toJ%2Fn5ehf4eCRQ%2BypuLaR4SNcKQ49kRoULe2DozFCC%2Bh9Xq4HEWiH5pII0kYcprdfcj4d2ovwx9DCtkhA0r58%2Fqn1NURXOlmwp23f1abCWXGyuB2YBkQiZwCin%2FWi1f66T1CQ5znsIqdf7hgBAwXm4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
410108
cf-ray
7904da3b18cb2a4d-CDG
expires
Thu, 02 Feb 2023 08:17:59 GMT
pubads_impl_2023012501.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071905
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 17:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 09:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 17:23:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		114 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rolimons.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efede1fa2810c9279add6b11eceeba627dcc3ca578bb1f205d6034b803b19628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76
x-xss-protection
0
expires
Fri, 27 Jan 2023 22:16:23 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.rolimons.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 18:12:13 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
age
14649
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.rolimons.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
QSXu2bepSVSLiDvy6_SFqJZ2sQczvGKceLBFPPDD0D158gr6BZkX-g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:02:47 GMT
x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
69217
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
s8ER76rLfcwFhUwbKnT_Ky0XAU5Ah2t9vYmK5hvKF-87UOFFPyQHug==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pr=https%3A%2F%2Frolimons.com.admin-mcas-df.ms%2F&pid=LI9W8JPd3XK05&cb=0&ws=1600x1200&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22desktop_top_inline_lb%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
DR3KAYBJEG8KNAYBFBTY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.rolimons.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
UPBhKnxeN4hjQUaONKAkkdbkYVazRbaJ_fEODjaSx6TdGmDAM3Wusg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pr=https%3A%2F%2Frolimons.com.admin-mcas-df.ms%2F&pid=LI9W8JPd3XK05&cb=1&ws=1600x1200&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22desktop_left_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
44CC0S4J90EB839ZHDHA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.rolimons.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
V8E4GJfNu-qknBgKei-FzaRPund1TRRCwF_Cq99mjLrwjTEMqqYLQg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rolimons.com%2F&pr=https%3A%2F%2Frolimons.com.admin-mcas-df.ms%2F&pid=LI9W8JPd3XK05&cb=2&ws=1600x1200&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22desktop_right_gutter_skyscraper%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C751%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
D98G51TJA44TRSXKHHNE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.rolimons.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QBM07fa0sHjPQoJYV6l4S_CXoaTzmUgxqekjEaYu3iXlOJG85bmLXg==
lang.png
s.nitropay.com/cmp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2990
x-guploader-uploadid
ADPycds-EBFuDGrOTgDJAqM-SNbenBGvAc9Mp3mrGUELo79aJzm0n-XblFzhF1-EfcEbPjk-gljJhbCAvjSkQpCUrvlAeg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1887
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
vary
Accept-Encoding
x-goog-generation
1666344058779792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
7904da3bb9ea22b1-CDG
expires
Fri, 27 Jan 2023 22:26:32 GMT
cancel.png
s.nitropay.com/cmp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
3006
x-guploader-uploadid
ADPycdsbS0LAf8YGUd4Yb9-qOkCe1oj_5kP4C-RDbDnRyzoAkgt4r5jAkDUJBehITvP5hXE7_oE1GvPF8P_PgauzUebqig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1302
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
vary
Accept-Encoding
x-goog-generation
1666344058825998
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
7904da3bb9ee22b1-CDG
expires
Fri, 27 Jan 2023 22:26:17 GMT
logo.png
s.nitropay.com/cmp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: www.rolimons.com
URL: https://www.rolimons.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2824
x-guploader-uploadid
ADPycdvf2oiqLHWGTPKGuaSVH1jmTq7Rt9nhn9G5s9h3EppO8tlWuNmR7T5BPHWBHZdZWSIiZEp-2U1OhxgfRgcoTjqIDw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2592
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
vary
Accept-Encoding
x-goog-generation
1666344058842900
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
7904da3bb9f022b1-CDG
expires
Fri, 27 Jan 2023 22:29:19 GMT
openrtb
a.nitropay.com/v3/ 		109 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v3/openrtb
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e5c19d67276126d6ffc80f8c1d6571d860491f7fb402012447588303078218
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.rolimons.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 27 Jan 2023 22:16:23 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rolimons.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
cf-ray
7904da3bde8499b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
a.nitropay.com/v3/ 		109 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v3/openrtb
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404b103cacaf8474ef027b50e56d9dce3cef8616686e86e1df9ea188285c0d50
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.rolimons.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 27 Jan 2023 22:16:23 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rolimons.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
cf-ray
7904da3bde8699b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
a.nitropay.com/v3/ 		109 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v3/openrtb
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5db49dc4074fb398af0cd5bd054fc0e8abb710d6adc2a98b5de97694a98a33e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.rolimons.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 27 Jan 2023 22:16:23 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rolimons.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
cf-ray
7904da3bde8799b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 22:16:23 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=C6JmDYs6gL&w=6021189733449728&o=6278260873756672&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.rolimons.com%2F&sid=iyFZhuZxfB&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.rolimons.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 27 Jan 2023 22:16:23 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| nitroAds function| ga number| sitewide_security_message_dismissed function| dismiss_sitewide_security_banner string| svg_navbar_account object| jwt_player_data object| jwt_player_name object| jwt_player_id function| cookie_value function| update_player_jwt_info function| update_player_navbar_menu function| $ function| jQuery object| bootstrap function| jwt_decode function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| mixitup function| lazyload function| LazyLoad function| fetch_player_thumbnails function| update_dom_thumbnail_elements function| update_player_thumbnails function| recalculate_global_search_display_counts function| show_global_search_modal function| do_global_player_search_mixer function| handle_global_player_search_string_change function| global_search_fetch_search_result function| globalSearchDelay function| global_search_is_search_string_content_valid function| global_item_search_filter_control_handler function| do_global_item_search_mixer function| global_item_search_details_fetch function| global_game_search_filter_control_handler function| do_global_game_search_mixer function| global_game_search_details_fetch function| do_global_group_search_mixer function| handle_global_group_search_string_change function| global_group_search_details_fetch function| global_search_sorter function| global_search_number_to_string_with_commas function| Swiper object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals object| mnet object| googletag function| __uspapi object| nitroAdsCustomConsents object| __tcfapi_queue function| __tcfapi object| apstag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| nitroAdsCMP object| regeneratorRuntime object| dataLayer function| gtag object| np.cmp object| __cmp_queue function| __cmp object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing

5 Cookies

Domain/Path Name / Value
.nitropay.com/ Name: __cf_bm
Value: A2jrwFFnU29RNCLr37UTNlvx8nGbgP53v_OkyCUvhj4-1674857783-0-AQiYyLyKJRcScCQuHQN3y70fFiQul4IPnmnMCQeknqsZLnE82pGInhwu5ebPJMsu8P7rpW2MbV/X33cg+gixuMY=
www.rolimons.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rolimons.com/ Name: _ga
Value: GA1.2.225952503.1674857783
.rolimons.com/ Name: _gid
Value: GA1.2.733062355.1674857783
.rolimons.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.nitropay.com
aax-dtb-cf.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.amazon-adsystem.com
cdn.jsdelivr.net
consent.nitrocnct.com
mcasproxy.azureedge.net
rolimons.com
rolimons.com.admin-mcas-df.ms
s.nitropay.com
securepubads.g.doubleclick.net
tr.rbxcdn.com
tracker.nitropay.com
www.google-analytics.com
www.rolimons.com
108.138.217.67
13.225.78.98
130.211.23.194
142.250.180.230
18.66.23.210
18.66.23.213
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700::6812:24e
2606:4700::6812:34e
2a00:1450:4001:80e::2002
2a00:1450:400d:806::200e
2a02:26f0:3500:11::215:14d1
2a02:26f0:dc::6853:53b
2a04:4e42:400::485
2a06:98c1:3120::c
51.103.95.227
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c119e28276f43a14f6a597b17d6db40dd2892c31533873edd6ff3d98d0e27d6
16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11
1a828d383bd3ed0368a40ee47ac3936ce3adf13fe2e358a257b1d13bd47c2a05
1c4b9c45e4c7ec2305ea2dd354572a58df3e974a92f1e29c0e50bec059d253cc
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
24e5c19d67276126d6ffc80f8c1d6571d860491f7fb402012447588303078218
2d6bfdc73cfff7d4876d55898ca17c13cd650d816ac5d35af43f8f63e4cddd39
404b103cacaf8474ef027b50e56d9dce3cef8616686e86e1df9ea188285c0d50
4534832ed675f4a507b49bb2d61be29ec22d72caecf5620f8acf72084b1b750d
47ed37dc245287491a85e88263d1c137d5266c8db326d40b76c6ebb39ceeb307
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050
50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59db19a1869f6ff09b152073f0356c96743601a9333f2a97df1ad6ebafa4cc07
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5efd032cc7c5000ea884e929b017376ae0a132b8509f6eea5a36d876bd073c29
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
689fea2546099fb803da1515b29bd213fcf47b05f6f1dd86ac1a393b6f47dcc4
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a9e2ef67508917288754f547109f8a4a573923f1bdff807f0816768b8516958
7db09d8311b4965fc5dc61dfe5d59048d4524d0fc052d51d7695e62c3ee564fd
88fa416c7cf6575e6d83e9aae96cf96de95b0db9d4397deeb45cb03142a09303
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
93d582a04d3f719a0903045b27e56216ef0206e51604c384b412cbd236b933bb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
ab4c47c31094aece6a26c755a89879922089f4cc793e172abd6f115a641e74c2
ac6de00be0bb83a795a7157312fe4bee0bf46993e969c90ea063abc8bc1af015
b01348962ee4322f41f5ed94f1f4a66d6846716600da32b92bac0ad56697d938
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b0b89deb44cd2a87ba0414f38e0b8c07bae68b4b53336e07ad65782fc6a0aab9
b28d156a9c65783ba33a6e71c3f11b60e9d1807da14ea616633cb2c4e44d0cb9
b5f31b580533a8e45394b2b8256f6d37e19b84cbca51e982ea11c82643465e14
b8995cf15f7b64271acdab1dfa97eb90d0d907b1378a857c028055ca84dd326e
bdb4530ae4b9b12887f8b7eac3be6c4e5c6dd58fb706f592346ba0d8df090370
bf1926e116009fdf7b68781626436c4baf1ff7bbc848b6e46a22071453545721
bf24cfa6aecfcc4f7e976bc967b926a5ff13aa06453a5ebbd0eca3bc9088c9ee
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92
c3a8c054d661e097ce836df7a16698c1008f2e9fe6daa098a1a85add3f5611c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e28cafe7b273d969ee109ca5448db4cf3b64992e756666c8d13603af9ff85531
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5db49dc4074fb398af0cd5bd054fc0e8abb710d6adc2a98b5de97694a98a33e
ebbc1d67497d152eb7859c47b4f6b53a4e558ea4ae39dd3a568676660aa4afbc
ecfaa4f5c0264224e396d491aaeb5f38b463616841a98a60a64f86d320d791d5
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
eedf1e7e5e27a18648d3365b823f1f9adbc2fc257d49897dffd783fc9a521ba4
ef12da74eca0a94a0ea637b5aa33451b84c58428c0452c808a2b9ce554a9e157
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efede1fa2810c9279add6b11eceeba627dcc3ca578bb1f205d6034b803b19628
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d