rblxscriptpastebin.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rblxscriptpastebin.com/
Submission Tags: phishingrod
Submission: On May 22 via api (May 22nd 2023, 6:05:58 pm UTC) from DE — Scanned from NL

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 54 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rblxscriptpastebin.com.
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2023. Valid for: 3 months.

This is the only time rblxscriptpastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:225b:3a00:1f:bf9:800:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:bc41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.172.27 172.64.172.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
3	172.67.216.177 172.67.216.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
54	13

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rblxscriptpastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225b:3a00:1f:bf9:800:21 (United States)

ASN16509 (AMAZON-02, US)

dltqxz76sim1s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc41 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.172.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net

wasverymuch.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.216.177 (United States)

ASN13335 (CLOUDFLARENET, US)

gforanythingamgl.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 101	295 KB
6	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 33	3 KB
6	rblxscriptpastebin.com rblxscriptpastebin.com	142 KB
3	gforanythingamgl.info gforanythingamgl.info	1 KB
3	cloudfront.net dltqxz76sim1s.cloudfront.net	107 KB
2	googleusercontent.com yt3.googleusercontent.com — Cisco Umbrella Rank: 1619	41 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27873	101 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	wasverymuch.info wasverymuch.info	542 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6037	165 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	5 KB
54	13

	Domain	Requested by
30	i.ytimg.com
6	accounts.google.com	4 redirects rblxscriptpastebin.com
6	rblxscriptpastebin.com	rblxscriptpastebin.com
3	gforanythingamgl.info	rblxscriptpastebin.com dltqxz76sim1s.cloudfront.net
3	dltqxz76sim1s.cloudfront.net	rblxscriptpastebin.com dltqxz76sim1s.cloudfront.net
2	yt3.googleusercontent.com
2	pogothere.xyz	dltqxz76sim1s.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.facebook.com	rblxscriptpastebin.com
1	wasverymuch.info	dltqxz76sim1s.cloudfront.net
1	js.hsforms.net	rblxscriptpastebin.com
1	fonts.googleapis.com	rblxscriptpastebin.com
1	cdnjs.cloudflare.com	rblxscriptpastebin.com
54	13

This site contains links to these domains. Also see Links.

Domain
www.youtube.com

Subject Issuer	Validity	Valid
rblxscriptpastebin.com GTS CA 1P5	`2023-05-22` - `2023-08-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
wasverymuch.info Amazon RSA 2048 M02	`2023-05-05` - `2024-06-02`	a year	crt.sh
gforanythingamgl.info GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rblxscriptpastebin.com/
Frame ID: 9501B38CA3418FCE88D0AD6FFF7E0B4F
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox-scripts-pastebin

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

54
Requests

96 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

894 kB
Transfer

2601 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCV9E1k_7oftDI81PeVgcBCQ?sub_confirmation=1
Title: SUBSCRIBE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneH-DBTfBsW2zJKzEkEWF8MAhH_lDwoBykLfHd3fP6AIGgMignRKNAzX4sucRhQScsXDPvON HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-889098279%3A1684778753279536&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEQSg0ImkC-v7nQSMv96mY6YCgSDXmWol9Txr-N95n4ZlEsY_y_aJLaD-XQfXzPVYigEI3a5Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEvxGRz0tnL-W0UWYDCL1ZZfxdQ2Q8F3ryhw5iIh6q68NdNP_kDMDMCaIlIlCBoOBAxNS-o HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1140744426%3A1684778753293536&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEF8OSlODrOMFV6N1zmOxeA0n9cPnf8ar3IYbSA8ZzXrUke0h_TKyAGFPCo-AgdUPUQpf9zrg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rblxscriptpastebin.com/ 3 KB
2 KB 325ms
221ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a7885b32c3f2f254af09dfd7b3f11ca42f5db35747f4e9a1c1ba796704c902

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, content-type
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cb6fd62dd2792ab-FRA
content-encoding: br
content-type: text/html
date: Mon, 22 May 2023 18:05:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJtYSLdjwT7FE1Et7WRo2UjlKdSAbWalnXGXPa%2FAdhCreyoIX3eWKvFfSycRck8xOLLtEE9j1DvB4CMaO7vGIQvqbAY6WmmrNlQnLMsd2B7hE0TkY9rTJEsvYEvtHEEIi%2FigI9CpHMJgfzrOpbrUpjx%2FZANZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 83ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6102889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eizVJGOV6xHU7ZFDKhZziEhRQtdazHa9n3BhVFw6ekDVEiZC2uIhK5y5MpG%2FaXBtYXxxuh7H58aVUOzO7bIhcYnnSfJKkGG6xRF5Fw5KH6rmu7IfCtV%2FzJtMC36ECYmrFdjDaXKichoQNwqs1BlmNytP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cb6fd648f6e913d-FRA
expires: Sat, 11 May 2024 18:05:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 111ms
34ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap

Requested by

Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a382ca98c7307bcf666c8cc770d690dd525616470fb16a9dff221b9cef8e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 18:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:05:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 18:05:52 GMT

GET
H2 200 / Show response
dltqxz76sim1s.cloudfront.net/ 161 KB
53 KB 132ms
34ms Script
text/plain 2600:9000:225b:3a00:1f:bf9:800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:3a00:1f:bf9:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8da60d3ccb5df3f4ccc0555a5d1a8dd491f56460e4e502b8fa5d03f60806a185

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 05:33:51 GMT
content-encoding: gzip
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 45121
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53808
x-amz-cf-id: VEYc1nSy5Btv_pqe8LkTLCBa3hDZNEpFabEXyt2jGJSJGR-FQsQ4ag==

GET
H2 200 ksdjgfks.js Show response
rblxscriptpastebin.com/ 64 KB
28 KB 407ms
405ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/ksdjgfks.js
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6ae11b5758dbb6d179d7edbf8f5422880c7f70aa020049600d99b4f13c2735

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 22 May 2023 14:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmsbwoOoGSdy2JcN9oO%2Bt38E0XTNBZfH33Fl5rXz2lTR1eHBRkr3Scph2KPP5MF1gGACefsa0NvnuwBOSbauGPDqey%2B2ilJUqFrK3FgZ2pNJmtQPkos98kaNsy7wtvOjI17JJ4X1n%2FkMVdQQ6uq9A7bZq4rl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cb6fd643ebb92ab-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 526 KB
165 KB 107ms
47ms Script
application/javascript 2606:4700::6810:bc41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec1775c9dd3e265b5199c3661b38cae053affae10152beb5a6a1217bf4668f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
age: 211
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3211/bundles/project-v2.js&cfRay=7cb6f83bff783623-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"1d656df477d6edca6241500e32135a70"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3211/bundles/project-v2.js
date: Mon, 22 May 2023 18:05:52 GMT
x-amz-version-id: XwZbVWs955S5IaGa40PkWhHIr22a1Zm2
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: dc81841c-4fcf-4888-8623-8835e998cdbb
last-modified: Thu, 18 May 2023 09:43:44 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7wnh%2BWl8c%2Bn9wtO8Vmn898tJR6O0B6rfoHHiq5%2F1obfd87sukRH76U7zKgFLI9tsWHVfbuxAiExg%2FH2RFT7kDf%2BDogFRx6WwTQBbFJBeeoU73lFH3n5VIA9sI%2FpboSXMbE7AuEJ%2B%2B1kLIwa"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-h6thn
cf-ray: 7cb6fd649aa4360e-FRA
x-amz-cf-id: 5OiMRWHo19_XtWoqzdhgBnAD8Ov1ZtcdDbUujMwAmgCxByGQLCxf6w==

GET
H2 200 main.402869ea.chunk.css
rblxscriptpastebin.com/static/css/ 11 KB
4 KB 271ms
269ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/static/css/main.402869ea.chunk.css
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef7f979b74bb0c90c2de7e8382508966e0950031ea8e198ca1185139c80a37b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 22 May 2023 14:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk7UqSUQCEcnhef%2B%2B37SnLMD4enqB1ZgMTKM7o8gHvmxmdo3%2FnsVccUjh7fwv25PMy9h6B7PcJ77EYAq2JZ%2BZe1Je%2BVnqjUoQbHkLqKqFDUwXc3lPdL54XjMR9Lsz9k7ZBU%2BZfhsAnpDNhE0bPo1Hg8iBQ3q"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cb6fd643eba92ab-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2.957ba4ec.chunk.js Show response
rblxscriptpastebin.com/static/js/ 162 KB
53 KB 538ms
537ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/static/js/2.957ba4ec.chunk.js
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a0a1b4f815a47722bc7ed61930eb77ce4cac28ea977ccbc2d14dffcb1b7e50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 22 May 2023 14:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCNP%2FTT3F%2BA9JdaMWaPNKCs4Hd%2BDQp0TAfxKVfulIhRaKzzP1e2a8A8Gx7lz6ieQaWjHv4V96Ctgd3iYS4%2Fx6fBbuqiowdLAeRpdNl9LN9ikezF%2F95MK6G%2B7C7cVwqj76rHg%2FjFnNo9m8rkJ0d8EkTHZzBGi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cb6fd643ebc92ab-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.3dfb8a59.chunk.js Show response
rblxscriptpastebin.com/static/js/ 8 KB
3 KB 240ms
239ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/static/js/main.3dfb8a59.chunk.js
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f3e7def7bc60b9931ea092ae036e18acb57c290262a7ddd22130d526cbbb48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 22 May 2023 14:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P3GpTL6zKVOKwZ2zH1gqamkX%2BjxfnXm7RSELwU3N3XSxcd3OYFYb%2FyU5TJcSg%2FBsvBAMokOGMTKypwFiSE5fLJMXArudeaQU3a0jkAiL%2FORWOXRLa12s%2Bp1SBSj4KDT%2B7v9HCF0ZwtIN%2FpRZHJ3Myr5HfWH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cb6fd643ebe92ab-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 382ms
318ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dltqxz76sim1s.cloudfront.net
URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
cf-cache-status: MISS
last-modified: Mon, 22 May 2023 18:05:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://rblxscriptpastebin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zO3zhutV%2Fs0mu6n8URzU1sIvMuPXYzPWBzKmgqbzs3Z0znhNkqRdIFgd%2B4%2BfeWkzs6Xw%2BbbqyJSs4tCdCtl0iSTJIfy%2Bg6JOT%2FrWskuZLVzziFg5kSRcU1a2NWftlPJa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7cb6fd65dfdf696f-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 27 B
638 B 199ms
135ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dltqxz76sim1s.cloudfront.net
URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3067b020c6ef978267481e1127dbc98e962c97fffdc95ff0201692a80d50db0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBe7qXLukINR2CBhTv5gKzIXihZiKEJ8XkLt%2BJbBuaCz3EBsxmkh71rp0o6GbqvaN7q6WWxqHkt%2FYfNq54UQAuDcxnavtTc36NuxLH1ts9bWW%2BqV41Vk8zc31iR6zVt5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://rblxscriptpastebin.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7cb6fd65dfe1696f-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
wasverymuch.info/ 0
542 B 172ms
114ms XHR
text/plain 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wasverymuch.info/utx?cb=kpmvz5RhzYzN&top=rblxscriptpastebin.com&tid=960661
Requested by: Host: dltqxz76sim1s.cloudfront.net
URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-59.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 18:05:52 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://rblxscriptpastebin.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: RxnaFmAdMJtj_Lg3xoiP19N6fqA-MTkK_jrkRAh7rnesD2SFW5VkAA==

GET
H2 204 UW19dXlfYnxwdlFi
gforanythingamgl.info/VUlCTmd6diE9WgIOcwk0Ag83GD8XfRR8ITQtCj42NCV7fAEDDGQ6DjF0e3hXY39zaBc8LX9/QSY9IzoSJnRzaA47Ly1zQSN0c2BUYWdxfElnbzdzVnM9Mi8AaHhkPhMhJX9/ 0
258 B 179ms
121ms Image
text/plain 172.67.216.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gforanythingamgl.info/VUlCTmd6diE9WgIOcwk0Ag83GD8XfRR8ITQtCj42NCV7fAEDDGQ6DjF0e3hXY39zaBc8LX9/QSY9IzoSJnRzaA47Ly1zQSN0c2BUYWdxfElnbzdzVnM9Mi8AaHhkPhMhJX9/UW19dXlfYnxwdlFi
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.216.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTjo5q4NSXFQgd8Z%2FrekssKRIJk9EGjZ7lr8k5vtkjjKCl4lo6d4XGVSLzUOGiJ8sB9Aj2X86eVKpMKVL6vStXIp10lbOwLu3kKnAi4oZedF3G8p7Uccnk8NUErPjZcDoZTwNfksLXI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7cb6fd672b9218eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 150ms
104ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneH-DBTfBsW2zJKzEkEWF8MAhH_lDwoBykLfHd3fP6AIGgMignRKNAzX4su...
https://accounts.google.com/v3/signin/identifier?dsh=S-889098279%3A1684778753279536&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEQSg0ImkC-v7nQSMv96mY6YCgSDXmWol9Txr-N95n4Zl...

0
0

45ms
45ms

Image
text/html

2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-889098279%3A1684778753279536&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEQSg0ImkC-v7nQSMv96mY6YCgSDXmWol9Txr-N95n4ZlEsY_y_aJLaD-XQfXzPVYigEI3a5Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H3
Server: 2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 May 2023 18:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-lRz_JZrp7sn7hFxXFz-GDA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-889098279%3A1684778753279536&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEQSg0ImkC-v7nQSMv96mY6YCgSDXmWol9Txr-N95n4ZlEsY_y_aJLaD-XQfXzPVYigEI3a5Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEvxGRz0tnL-W0UWYDCL1ZZfxdQ2Q8F3ryhw5iIh6q68NdNP_kDMDM...
https://accounts.google.com/v3/signin/identifier?dsh=S-1140744426%3A1684778753293536&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEF8OSlODrOMFV6N1zmOxeA0n9cPnf8ar3IYbSA8ZzX...

0
0

57ms
56ms

Image
text/html

2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1140744426%3A1684778753293536&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEF8OSlODrOMFV6N1zmOxeA0n9cPnf8ar3IYbSA8ZzXrUke0h_TKyAGFPCo-AgdUPUQpf9zrg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H3
Server: 2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 May 2023 18:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6Vz2Q-2Gg-uEO_hSc1S9VQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1140744426%3A1684778753293536&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEF8OSlODrOMFV6N1zmOxeA0n9cPnf8ar3IYbSA8ZzXrUke0h_TKyAGFPCo-AgdUPUQpf9zrg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
gforanythingamgl.info/ 35 B
554 B 55ms
31ms Image
image/gif 172.67.216.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gforanythingamgl.info/popunder.gif
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.216.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: public
date: Mon, 22 May 2023 18:05:53 GMT
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 00:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64905
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HBcG7KGRf9y%2Fitkldu30ivyPOvrzwY9Lr6ubUoOT2zTxiH6YcK6nX4jPZnLnsZ6rfGUyG9lvXSjIUpNpNcCihcK7z9XJIodt%2Fu1ZPz2dTwZ5W1sB6y6nLsZgtkYRB94VnfQIszXcVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7cb6fd672b9318eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
dltqxz76sim1s.cloudfront.net/ 161 KB
53 KB 93ms
34ms Fetch 2600:9000:225b:3a00:1f:bf9:800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/ksdjgfks.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:3a00:1f:bf9:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d628e8030ffd9bae828df9639796c3674383dcee4d41106a9cdf7e341e6b797d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 05:33:52 GMT
content-encoding: gzip
via: 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 45121
x-cache: Hit from cloudfront
access-control-allow-origin: https://rblxscriptpastebin.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 53811
x-amz-cf-id: qGRiRUNvMg3B-Gudsh9qliF8aAJitRQAts1ZnHhBdeNVySKX-Dx1Jw==

GET
H3 200 data.json Show response
rblxscriptpastebin.com/ 957 KB
53 KB 265ms
265ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rblxscriptpastebin.com/data.json?tid=934606
Requested by: Host: rblxscriptpastebin.com
URL: https://rblxscriptpastebin.com/static/js/main.3dfb8a59.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59b097aa50679b275024c49569e29164349ddba69f7e584f779e9017a47233c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Y85n89eAK8vqX54bOUcRkMXbApEz999e2k1uYctC5Hq8asumhYo3MV6BV69kpHxh5bTNUFDpk%2F0%2FuyYEFRnkahQ%2BJMEgSB8BSQimovOL1MNF2Ec8oaKo6ZdkXE701BllfeuGTGtfJR2dq92gvwCFYBHX3yu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7cb6fd67cf3f35ff-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 80ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rblxscriptpastebin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:01:25 GMT
x-content-type-options: nosniff
age: 216268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:01:25 GMT

GET
H2 200 e0NBGzwoAVtfaA9GAU10ekUUD2d4RgpPaHxKAk1re0EDTW96 Show response
dltqxz76sim1s.cloudfront.net/VczJ6WkkQXRQ8dgdbHmdwRQJMbHhVWAk1JwMPA2wCMlU+OAoYfzYvE1VGAD50QxQWOycUD1w/JxAPS3woF1BHam8HQhUxdBRUHDY4G1EfLiFVRxtnJBxIEzYlEhdIHHxdAl9oeVtFEzQtHEUJf3tDXA5/e0MDSnR5VgE4f3t... 777 B
828 B 188ms
187ms Script
text/plain 2600:9000:225b:3a00:1f:bf9:800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dltqxz76sim1s.cloudfront.net/VczJ6WkkQXRQ8dgdbHmdwRQJMbHhVWAk1JwMPA2wCMlU+OAoYfzYvE1VGAD50QxQWOycUD1w/JxAPS3woF1BHam8HQhUxdBRUHDY4G1EfLiFVRxtnJBxIEzYlEhdIHHxdAl9oeVtFEzQtHEUJf3tDXA5/e0MDSnR5VgE4f3tDRRM0f0cXSRhsQQICbH1aF0-hqKANCFj8+FlARMz1WADxvekQcSWxsQQJSMSEHXxZ/ezAXSGolGlkff3tDVR85IhwbX2h5EFoINSQWF0gceEIBVGpnRgRNaGdCAEx/e0NBGzwoAVtfaA9GAU10ekUUD2d4RgpPaHxKAk1re0EDTW96
Requested by: Host: dltqxz76sim1s.cloudfront.net
URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:3a00:1f:bf9:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6e5c827db912ee0718fe3c74264299bb35624e9d09ec6d78a5b91a109df34c58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
content-encoding: gzip
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 552
x-amz-cf-id: xXlwlsyoeUTHNIXrgqxdR2WQe-JYIzk0aBuFcWMlonNj_T6_Nd19Ow==

POST
H2 204 ZXl5M2xKRhpAUTIuKwIPVUwPaykrOhx0LjErSXFJVz8YAjYjK0oHShEQHQ5VU0lPBV1DCRBXUVRfCkcNEQwKDl9VSUgVBQsfFg5cVUlIFRpYSFcAWEtKSx1eQwxEAlldTEsGVVVOSAFeVE5MAEoRCRhUUVRfCUcYCURIBVRRTk4LW1BKSgpa
gforanythingamgl.info/ 0
253 B 120ms
119ms Ping
text/plain 172.67.216.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gforanythingamgl.info/ZXl5M2xKRhpAUTIuKwIPVUwPaykrOhx0LjErSXFJVz8YAjYjK0oHShEQHQ5VU0lPBV1DCRBXUVRfCkcNEQwKDl9VSUgVBQsfFg5cVUlIFRpYSFcAWEtKSx1eQwxEAlldTEsGVVVOSAFeVE5MAEoRCRhUUVRfCUcYCURIBVRRTk4LW1BKSgpa
Requested by: Host: dltqxz76sim1s.cloudfront.net
URL: https://dltqxz76sim1s.cloudfront.net/?xqtld=960661
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.216.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LyEoUCIJtPZABcEtrY2wJDcCBtKhjNSjB6cl5eWZYezHKwtJ%2Bl7F9PKYyg%2FPh0dEsyuduvqeWxJJrTB9nxyZUQbkOD76PEDAUpyIoYegaXMwzEDv80Xuh%2Bq3X9H0tChUg6Cn4woLIs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7cb6fd68ce1f18eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qmiLI3UzIOYpj4DQtsifdnqZZK1FBkFidYqL-94feJCyuXDaeX6urAy3WRDKvLhF8GlC64MqEQ=w1060-fcrop64=1
yt3.googleusercontent.com/ 39 KB
39 KB 121ms
44ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.googleusercontent.com/qmiLI3UzIOYpj4DQtsifdnqZZK1FBkFidYqL-94feJCyuXDaeX6urAy3WRDKvLhF8GlC64MqEQ=w1060-fcrop64=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27e57eb83626268d9b9542f5feda1ccf62b141048622a16b5a66282d386222d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_banner.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39886
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 May 2023 18:05:54 GMT

GET
H2 200 AGIKgqN45fvcDgiTErCHWUIqf7WbZkXLr1Gl08rTnQ=s176-c-k-c0x00ffffff-no-rj
yt3.googleusercontent.com/ytc/ 2 KB
2 KB 259ms
183ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.googleusercontent.com/ytc/AGIKgqN45fvcDgiTErCHWUIqf7WbZkXLr1Gl08rTnQ=s176-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0b1ace04b8f3aa7c279e15fef7171edbb3d4d37ccc03ed341fa174016929b79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1681
x-xss-protection: 0
expires: Tue, 23 May 2023 18:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/KXpsy0Ru1Rw/ 9 KB
10 KB 89ms
33ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/KXpsy0Ru1Rw/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe8fab7c31ab94503f1c5bb777e3bc2722122115f4734f82a8c6c3aaa1b2527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9572
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 18:10:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/zpSwkstKkAk/ 14 KB
14 KB 93ms
38ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zpSwkstKkAk/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc1421746102a2324c4bc564501e2e2741b96f359424f935d88aabd27b27bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14734
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 18:10:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/tGrVzPp4RRo/ 11 KB
11 KB 123ms
68ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tGrVzPp4RRo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e168b8843865c9e4375f0e376964a15a1f0c27a942d4c07a2b41d0ca07bfbf49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11171
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 18:10:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/OIwrwuOftBI/ 12 KB
12 KB 99ms
44ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OIwrwuOftBI/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3eac0a87996b24175087d8326e7b151c525e9eb293de501e614d13fa34b364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12006
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 18:10:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/twL7IrZ47uc/ 17 KB
17 KB 116ms
62ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/twL7IrZ47uc/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c498418db5294066e8f19308c4c223b36bce74634874c2b123f8c046dca28de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16947
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/UdZfBSlDRWY/ 12 KB
12 KB 111ms
56ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UdZfBSlDRWY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f873aec8a2c8ab606c2b5e6977b622d73ce7ea726d34192431b5aa7dc7cec59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11942
x-xss-protection: 0
server: sffe
etag: "1684436582"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/n5rC9kLuRZM/ 9 KB
9 KB 50ms
46ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/n5rC9kLuRZM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de187bcb23c2f59b54b076cf111613a1c28f6fc360610239e96c1e417e76db5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8950
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/BttcYMXVwH0/ 10 KB
10 KB 54ms
49ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/BttcYMXVwH0/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ccfa3905ed313b86a6247aa59e1b0804a03e6a972c81145fcb6917f070810e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10449
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/HRVMlQymtPY/ 4 KB
4 KB 59ms
55ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/HRVMlQymtPY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba7242ea6d072790544a4ea87de489807a4ca9c2a7096cca2ee064b5247cd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Cq2IlYMUGU4/ 10 KB
10 KB 52ms
48ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Cq2IlYMUGU4/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48d8a47f740c88466bffb11c3296ca48c4394c4a662bdeee4fed59b13313d2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10356
x-xss-protection: 0
server: sffe
etag: "1683558540"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/0KxtMLlPFYM/ 4 KB
4 KB 60ms
56ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0KxtMLlPFYM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2301b0be1e2ead8f85f00720562724a4c57157c73fe9b318535cebcc02c2f007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4244
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/djlb6r-w6Zs/ 8 KB
8 KB 56ms
52ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/djlb6r-w6Zs/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31653ce19dbaca02f72cd329dca07bbc3508d98142462a1a96eb23e731f821db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8450
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/TCKSxx6hR50/ 10 KB
10 KB 47ms
43ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/TCKSxx6hR50/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00b42309097816c761c16bf4c33b59decf78339777bc5ac13894c1526bd0f4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10135
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/a1wccRu-BfM/ 12 KB
12 KB 61ms
57ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/a1wccRu-BfM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbe98e04ff038062568634c5f6f8093d3a2314b18b816949837dd0b5d778d898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/hDuVd8afa5s/ 8 KB
8 KB 55ms
51ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/hDuVd8afa5s/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058cb02c4d970c04244d018f71e6adaf1fda9c3e55e2ba5a4c67a100c811eda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8027
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/x4CJIcF1iRk/ 11 KB
11 KB 57ms
53ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/x4CJIcF1iRk/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

180056fe050da689376829ae2b56950ecab530dc7d2fef711b99357007651912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11608
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Ywr-vzztUC8/ 9 KB
9 KB 69ms
65ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ywr-vzztUC8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9570b15cd7b9801a77a5e6a15af4110f6c779afbc01bc5b6b2b521d9714f7259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9149
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/D4JVF6ewDIM/ 9 KB
10 KB 64ms
60ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D4JVF6ewDIM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6811fe6e6bc96524f8b31428297ae5a99fb8a661849ccb2c0fb8c4bb50b07321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9692
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/wghUl_bpmqo/ 3 KB
3 KB 67ms
63ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wghUl_bpmqo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca1bd9f3bffb702cf699017450fac73100b7e743f892d88a421747c577e798b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3091
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/NgtIuORIPNk/ 5 KB
5 KB 68ms
64ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NgtIuORIPNk/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5fef401a0bd4d3688c08c3cfcb45524110ee7d5eb667d9aac88b328289d342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5396
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/WzfqyX8-BsI/ 8 KB
8 KB 60ms
56ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WzfqyX8-BsI/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251af69979495424b372932b88e183f8b98b9d50d525aca649e260ea4a3284a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8103
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/L3i6thLEPIY/ 15 KB
15 KB 70ms
67ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/L3i6thLEPIY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a476faa4a1697c309e150ef72dbc30727c54bee44704131efd0987fb3423185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15293
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/MX2gDgt3Nrg/ 9 KB
9 KB 74ms
70ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MX2gDgt3Nrg/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3751332845c8b0ce849f78a878ecbb4e92887aef4f2f36b9b8774a38489b4f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8939
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/7sIcNiyfFlM/ 8 KB
8 KB 75ms
71ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7sIcNiyfFlM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7ec6090c86a4bebb1c4e5be2abd10fd737e03c600c9db006f20c1c3d7e9294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7857
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/WV1GZFa4oeo/ 16 KB
16 KB 83ms
80ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WV1GZFa4oeo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb9f68a749e45c418678f64e7f3d5a81caff2121c9f9bfc7eaf9b2d6d86ea84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16102
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/8Vzhw4hWtD8/ 11 KB
11 KB 82ms
78ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/8Vzhw4hWtD8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2a4e3ef874ff650fae8495c6413d2e0e04740c4aecf57b710f4b0d918d608d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11384
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/8wZEr1asiQI/ 10 KB
10 KB 73ms
69ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/8wZEr1asiQI/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcb43e0514f051239b748ba8a4aa84dac6bc8919818188ab2b6a29eeb14b5af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9759
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/egp1aH0QY5Q/ 8 KB
8 KB 71ms
68ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/egp1aH0QY5Q/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24ae7918c36f5265b1ea26c8c9657f0cc9e0f2430b4aaf198d37e6ddba591872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8034
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qWJXPw2zZH8/ 11 KB
11 KB 76ms
73ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qWJXPw2zZH8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45523761f023bc3bfc5ee196beb723389ca09dc18db8419892b9ddef9afc434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11333
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qDTWQgnxEl0/ 11 KB
11 KB 82ms
79ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qDTWQgnxEl0/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb5833965b11aee413156f41eb80a3e95ae5acad269687419a1e5617aed2995e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rblxscriptpastebin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:05:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11233
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 May 2023 20:05:54 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pogothere.xyz/	1970-01-20 20:38:02	Name: csu Value: 1585259071221753@1@1684778752

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-889098279%3A1684778753279536&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEQSg0ImkC-v7nQSMv96mY6YCgSDXmWol9Txr-N95n4ZlEsY_y_aJLaD-XQfXzPVYigEI3a5Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1140744426%3A1684778753293536&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEF8OSlODrOMFV6N1zmOxeA0n9cPnf8ar3IYbSA8ZzXrUke0h_TKyAGFPCo-AgdUPUQpf9zrg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdnjs.cloudflare.com
dltqxz76sim1s.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gforanythingamgl.info
i.ytimg.com
js.hsforms.net
pogothere.xyz
rblxscriptpastebin.com
wasverymuch.info
www.facebook.com
yt3.googleusercontent.com
172.64.172.27
172.67.216.177
18.66.112.59
2600:9000:225b:3a00:1f:bf9:800:21
2606:4700::6810:bc41
2606:4700::6811:180e
2a00:1450:4001:801::2001
2a00:1450:4001:808::200d
2a00:1450:4001:809::2016
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
00b42309097816c761c16bf4c33b59decf78339777bc5ac13894c1526bd0f4a7
058cb02c4d970c04244d018f71e6adaf1fda9c3e55e2ba5a4c67a100c811eda6
08f3e7def7bc60b9931ea092ae036e18acb57c290262a7ddd22130d526cbbb48
0a7ec6090c86a4bebb1c4e5be2abd10fd737e03c600c9db006f20c1c3d7e9294
0b1ace04b8f3aa7c279e15fef7171edbb3d4d37ccc03ed341fa174016929b79a
0e3eac0a87996b24175087d8326e7b151c525e9eb293de501e614d13fa34b364
180056fe050da689376829ae2b56950ecab530dc7d2fef711b99357007651912
1f873aec8a2c8ab606c2b5e6977b622d73ce7ea726d34192431b5aa7dc7cec59
20ccfa3905ed313b86a6247aa59e1b0804a03e6a972c81145fcb6917f070810e
2301b0be1e2ead8f85f00720562724a4c57157c73fe9b318535cebcc02c2f007
24ae7918c36f5265b1ea26c8c9657f0cc9e0f2430b4aaf198d37e6ddba591872
251af69979495424b372932b88e183f8b98b9d50d525aca649e260ea4a3284a4
27e57eb83626268d9b9542f5feda1ccf62b141048622a16b5a66282d386222d9
2c498418db5294066e8f19308c4c223b36bce74634874c2b123f8c046dca28de
31653ce19dbaca02f72cd329dca07bbc3508d98142462a1a96eb23e731f821db
3751332845c8b0ce849f78a878ecbb4e92887aef4f2f36b9b8774a38489b4f82
3fe8fab7c31ab94503f1c5bb777e3bc2722122115f4734f82a8c6c3aaa1b2527
48d8a47f740c88466bffb11c3296ca48c4394c4a662bdeee4fed59b13313d2cc
5a5fef401a0bd4d3688c08c3cfcb45524110ee7d5eb667d9aac88b328289d342
5ec1775c9dd3e265b5199c3661b38cae053affae10152beb5a6a1217bf4668f4
5ef7f979b74bb0c90c2de7e8382508966e0950031ea8e198ca1185139c80a37b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6811fe6e6bc96524f8b31428297ae5a99fb8a661849ccb2c0fb8c4bb50b07321
6dc1421746102a2324c4bc564501e2e2741b96f359424f935d88aabd27b27bd0
6e5c827db912ee0718fe3c74264299bb35624e9d09ec6d78a5b91a109df34c58
7a382ca98c7307bcf666c8cc770d690dd525616470fb16a9dff221b9cef8e4c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8da60d3ccb5df3f4ccc0555a5d1a8dd491f56460e4e502b8fa5d03f60806a185
9570b15cd7b9801a77a5e6a15af4110f6c779afbc01bc5b6b2b521d9714f7259
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9a476faa4a1697c309e150ef72dbc30727c54bee44704131efd0987fb3423185
acb9f68a749e45c418678f64e7f3d5a81caff2121c9f9bfc7eaf9b2d6d86ea84
b9a7885b32c3f2f254af09dfd7b3f11ca42f5db35747f4e9a1c1ba796704c902
bbe98e04ff038062568634c5f6f8093d3a2314b18b816949837dd0b5d778d898
be2a4e3ef874ff650fae8495c6413d2e0e04740c4aecf57b710f4b0d918d608d
ca1bd9f3bffb702cf699017450fac73100b7e743f892d88a421747c577e798b4
cb5833965b11aee413156f41eb80a3e95ae5acad269687419a1e5617aed2995e
cba7242ea6d072790544a4ea87de489807a4ca9c2a7096cca2ee064b5247cd62
d59b097aa50679b275024c49569e29164349ddba69f7e584f779e9017a47233c
d628e8030ffd9bae828df9639796c3674383dcee4d41106a9cdf7e341e6b797d
de187bcb23c2f59b54b076cf111613a1c28f6fc360610239e96c1e417e76db5e
de6ae11b5758dbb6d179d7edbf8f5422880c7f70aa020049600d99b4f13c2735
e168b8843865c9e4375f0e376964a15a1f0c27a942d4c07a2b41d0ca07bfbf49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a0a1b4f815a47722bc7ed61930eb77ce4cac28ea977ccbc2d14dffcb1b7e50
f3067b020c6ef978267481e1127dbc98e962c97fffdc95ff0201692a80d50db0
f45523761f023bc3bfc5ee196beb723389ca09dc18db8419892b9ddef9afc434
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fcb43e0514f051239b748ba8a4aa84dac6bc8919818188ab2b6a29eeb14b5af8

rblxscriptpastebin.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

96 %HTTPS

77 %IPv6

13 Domains

13 Subdomains

13 IPs

2 Countries

894 kBTransfer

2601 kBSize

1 Cookies

1 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rblxscriptpastebin.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

894 kB
Transfer

2601 kB
Size

1
Cookies

54 HTTP transactions
0 data transactions