robloxscripts.net Open in urlscan Pro
192.0.78.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://robloxexploit.net/
Effective URL:
https://robloxscripts.net/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On December 29 via api (December 29th 2023, 1:19:27 am UTC) from DE — Scanned from DE

Summary HTTP 136 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 136 HTTP transactions. The main IP is 192.0.78.230, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is robloxscripts.net.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time robloxscripts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:44fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:c918	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.0.78.230 192.0.78.230	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:209... 2600:9000:2090:6600:15:9ced:b8c0:21	16509 (AMAZON-02) (AMAZON-02)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	162.159.129.233 162.159.129.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	172.64.133.28 172.64.133.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.214.70 52.222.214.70	16509 (AMAZON-02) (AMAZON-02)
4	104.21.70.127 104.21.70.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:400c:c02::54	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
136	29

1 2606:4700:3031::6815:44fd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

robloxexploit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c918 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

robloxexploit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.78.230 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

robloxscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2090:6600:15:9ced:b8c0:21 (United States)

ASN16509 (AMAZON-02, US)

dlh8c15zw7vfn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.129.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.133.28 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-70.fra56.r.cloudfront.net

gladthereis.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.70.127 (None, )

ASN13335 (CLOUDFLARENET, US)

withdedukication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c02::54 (Brussels, Belgium) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	513 KB
15	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	154 KB
15	wp.com i0.wp.com — Cisco Umbrella Rank: 3858 s0.wp.com — Cisco Umbrella Rank: 7928 stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796	2 MB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	273 KB
11	robloxscripts.net robloxscripts.net	206 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	132 KB
8	google.com 5 redirects accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2	4 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 34161	302 KB
5	gladthereis.org gladthereis.org	6 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	withdedukication.com withdedukication.com	1 KB
4	cloudfront.net dlh8c15zw7vfn.cloudfront.net	185 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2996	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	26 KB
2	robloxexploit.net 2 redirects robloxexploit.net	1 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98
1	robloxexploits.net robloxexploits.net	679 B
136	22

	Domain	Requested by
19	pagead2.googlesyndication.com	robloxscripts.net pagead2.googlesyndication.com googleads.g.doubleclick.net robloxexploits.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com robloxexploits.net s0.2mdn.net
12	i0.wp.com	robloxscripts.net
11	s0.2mdn.net	robloxexploits.net s0.2mdn.net
11	robloxscripts.net	robloxscripts.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net robloxexploits.net
8	www.gstatic.com	googleads.g.doubleclick.net
6	accounts.google.com	4 redirects robloxscripts.net
6	pogothere.xyz	dlh8c15zw7vfn.cloudfront.net
5	gladthereis.org	dlh8c15zw7vfn.cloudfront.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	withdedukication.com	robloxscripts.net
4	dlh8c15zw7vfn.cloudfront.net	robloxscripts.net gladthereis.org
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net robloxexploits.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	robloxexploits.net
2	www.googleadservices.com	robloxscripts.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	cdn.discordapp.com	robloxscripts.net
2	use.fontawesome.com	robloxscripts.net
2	robloxexploit.net	2 redirects
1	m.exactag.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.wp.com	robloxscripts.net
1	www.facebook.com	robloxscripts.net
1	stats.wp.com	robloxscripts.net
1	s0.wp.com	robloxscripts.net
1	robloxexploits.net
136	30

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
robloxexploits.net GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
tls.automattic.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
gladthereis.org Amazon RSA 2048 M02	`2023-12-23` - `2025-01-20`	a year	crt.sh
withdedukication.com GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://robloxscripts.net/
Frame ID: 0EAC9534CCD46E5EF8EF0CA03C8F41F8
Requests: 56 HTTP requests in this frame

Frame: https://gladthereis.org/M3pxb1FSGBICblJHE0kkQRZMSmN1X0MpNV8SSQxgBgAGWCdVFF8MPVwPFQkjXBQFQT9WDlRdF1c0QzUdZzwBOhJgLwA1BH4qPVwXWTsdIWdVSAI9FXcdGyEUVxg8XARpLSUmAX8oFToAd0JDPzZDIhM8EAQtICljUhBINRNrIEgJF2o5OjcXRj8jJmZ6ADQkE2dCQSYXZjU4BgAKLzQudAE4PTg1UjklKj19FgInM11OEi46W00QODZ7LhsYPX08PCUBd0NUXRdxLCgDHntCNzk/Q0IVLjV3HzBadAE8MzkICzAlPhNmF0RKY3U9MyUEVgAjHBADQwQJPEMtNwV8QB0hXxB3MSIMK2JKP1oSXkI0OgZlX0MpM3EwJApjYgIpFxheMzlXF3ktREpjcRsdHAF6OR1KY3U4JzYieC4dDBJkMAEOEFA8OBVlAi0WISRVEgYoB3sOGA45XysUXAdZPScLZlciSSkHWR0FPxdqLzgCPVwZJyFlVkkgKgR0SkQ1JmpcGxw+XQpMF2hwFCUrMH4Z
Frame ID: FF68AD97FB223680C950B30A8D3870BF
Requests: 2 HTTP requests in this frame

Frame: https://gladthereis.org/UDdOMUQxVS1cezEKLBcxIltzFHYWEnx3IDxfdlJ1ZU05BjI2WWBSKD9CKlc2P1k6Hyo1Q2sDAhRuJUZ3HmI5cw1hWxpSPAlbG0YsYWF9WgURbxx0DjtlL3gsGk8aZx0/cSAAAzZzH2klO3keegJpDgtnLyRzDUIPFU4lfAgnWAtQIx1YGGAsZGUKWQwHXipXCGB5AH8jEVwWXXQidRlBBwZ/C2ENYAYteAVkQwtWJxthfHgMFX97Yh4VdS14IwldH3QeIGIGSR4BYCJgIhFuCGgoGkcMeSAgYgZJBQh0BGQhEn4JdS80EnxzBmAGeGcpBWQMAjMUZwscIAp8HGQ0BmF6XQI9XAhSdzxlK0kvF1IlVWFidQxJdD50JFklB2AiYAAofgZXBWRbFncGIGIGSRUFdHZ7DSgDH1coGUEWASc6czdaFxJAPmUiN1QsVwEoAQxGPGFjBgEMFHAiYCIVZRt6Ix0SfHMcOHVrAwYafyV0BT19HFQsFnYtZwl2XT1eKiAKNFIgJAY/eDwl
Frame ID: 43B42C7748C28B5E1F366C2CEDB6A647
Requests: 2 HTTP requests in this frame

Frame: https://gladthereis.org/VmRxNGY3BhJZWTdZExITJAhMEVQQQUNyAjoMSVdXYx4GAxAwCl9XCjkRFVIUOQoFGggzEFQGIGUFNFsfGFYaeCwAHCNiDiEOJ1MWBzwpDC0XMgl7LxMiKHYePlcrU15zVjdwN2MJJVhSBgY0bigSMicDIBAXOHYPZjQ0ZRERLyAMIQITGkEzFxQVYAxjJyZ1LAA0QEwyEiVFXj4QLT9gDG8wMlM3Hik3QAQUNR1CJx4iEmYIOTwzYgoXNCdAPBI1Eg03BC4TYyUEIzRYEg8BBn08ATFAAQUULhNjImcGJmJfNQYGclcCIgECNTEiFWUxbiUzQwEPKx0ZUwUsFgQJATJFUDIODEF1CiYCK3UjFDA3RFARCAZ2LhUAFHEKJRYTQyceJiBxDgAcO1YxFVUpYicfLChMBRAzIEcPByIWcSIBXDBXMD4FFFwRHjZAAVAVE0R8MQ4LPXEKIj0+YigEJzNbDBATJEI+Dg83czAmARNxBR0zMBIMJQsfRFsCXCdRIgIdRlM
Frame ID: C516897B67F2ABC460B0DA71DA377252
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 327EE8363EC5CD33A13E43CAAAB4D0A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1703812644&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763063&bpp=8&bdt=401&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2144509748814&frm=20&pv=2&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241
Frame ID: E4524746A9D58DA2918FC12EEFA8C96B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703812644&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763071&bpp=2&bdt=409&idt=241&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2144509748814&frm=20&pv=1&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: BC3152479744701837A4936A67A84096
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 301EBCE79DD49E05A32DDF9F1781E326
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 0247F90139BD73FE448E6473F08B02EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7BD145ECAD1495E54C0096F4D0B82F5A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 85760C47B1AA6D9103879D2DCFBB28A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2682A43B8C462E559FFC49697FEC489
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50C6BD6596C47E1B6C56EC82DAB219EF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4no4gEwAQ&v=APEucNUYdEVRzgKSF0NP4ckEmmYafPmv9FHU_MqIroYg4KDOOhzng-jZK7_TjMsfZ70eKyEbxA-slerJfyqwQXbU8ZJ3sKj9XSjevqI0F0g5hIt26ckqzpWt_U2nWK6SKCDNMJiT-Xc4TaZsUs6bsn8lVBd3IQdaZJO5l036nue86JX-M7C6LUE
Frame ID: A0B23F09906640DBDA4AD2ED2908A418
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 31C4D78979F9CFB028688C9C0D35B53C
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 89122F16BA250C699A85B415457022B4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BD88DB778F3B922F4C1A85988686FBE3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
Frame ID: BAC6E29E901A2C8D82FF1F933A21798D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: CCE4FEA8911AB95086FB0E277B158516
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 90B98B04AEA061B3C2126698E0BC64F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Scripts - The best website for Roblox Scripts & Executors!

Page URL History Show full URLs

http://robloxexploit.net/ HTTP 301
https://robloxexploit.net/ HTTP 301
https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

136
Requests

93 %
HTTPS

53 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

4002 kB
Transfer

7296 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://robloxexploit.net/ HTTP 301
https://robloxexploit.net/ HTTP 301
https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://robloxexploit.net/ HTTP 301
https://robloxexploit.net/ HTTP 301
https://robloxexploits.net/

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp0ptUBcjLSCO3SKwPsuGyVykeyNHhyFGg9jkZQQ4oLFM8yTxo-z-TcWmIwaokGtOBsDWCnGxQ HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2Q1SPipu7GiJH7zNIBoMxKUdZGP-K071sZt7pgu8qGjAEehK6TcAWHsrjGPHv5CMgiA7Tg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1442932359%3A1703812763044057&theme=glif

Request Chain 33

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3NQkFX2RE6QrQ4rxEedHuPJqk6yR9ACD3DCCMlYg0O7FUmmn84XMwcKBPirtymyR3lcuILSw HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3tCftwp1wk51ObLIrCtQ5x3nsE2u0DQi3E_7q0KAUeOTeotyJ-XDNHusjeJyVzy8p2kjEF&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-872078782%3A1703812763042489&theme=glif

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=ClWnqmx6OZZ_YFLjU1PIPw9yKkAr86M7jdIKS4tXSEYCvlJhDEAEg_uala2CVgoCAmAegAYi13twpyAEBqAMByAPDBKoE1QFP0MxFpymi-5e1sZBmSfYWe7ni3n_4GdW-0uT72kVZMwg4hE2bFSVDyN7WcCZYJkQDcwueOSHHRSnjGzZ965QS68_muOgIlBXiTPQZaTBkNUIaKQX5AuWKIspP-2Cl9w_fXDWAFYdp5A_9O3UWwn_-t-PjGb2HpYxaSbmdO46wmtElwMJYjmkmJg2xJ270ukFi9MSfKjPOOMYAdK0EDomvl7ooISEep9R0zxJeiKh5yhXFRC6DprFDIAlNR5LCHJGDIX5Kt9Akr_UMZ0nEGELHWznCHpTABIqJ6YC8BIgFi4Gsz0uSBQQIBBgBkgUECAUYBKAGZoAH3pqNwgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCQ_QTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLn3lpS9s4MDmgl4aHR0cHM6Ly9zdC1wYy5raW5nc2dyb3VwZ2FtZXMuY29tL2xhbmRpbmctMi5odG1sP21zPWdvb2dsZSZ1dG1fY2FtcGFpZ249MjAyOTkwNTUyNDMmdXRtX21lZGl1bT0xNTM1NDY4MDIzMTQmYWQ9c3Rvcm1zaG90gAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMjI0OTI1NzkxODA0NTA2ORgA&sigh=yk38q4VuS5o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_UybJWhSwHofeos-i6aO8K8ibaexdi43pKexyfrEk_gXbxkdJBJWDI23QNArI1CGqbQtW3ya8JCBnE6WYHj7PQ_o5_gARW0OFhYMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216780872929754348523%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226450338473591229857%22}&andc=true

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY4enF8YUHcaqoVt.DIkVAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1&google_hm=2

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECcHgY7qdHae3KfxBqK_ZGw&google_cver=1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NTgxNDUzMTUxOTk0MjE2Mg%3D%3D

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
robloxexploits.net/
Redirect Chain

http://robloxexploit.net/
https://robloxexploit.net/
https://robloxexploits.net/

353 B
679 B

545ms
393ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83ce36e38f5eb957-AMS
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 01:19:22 GMT
last-modified: Sun, 02 Oct 2022 13:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMHeWHznYzr2H3t5taVudpLClnDEzC2pgDwBfAO%2FLsSEWLm0Kmd7CxMqfsRXb6BFCf%2BW9R5c0H8kew42ieh%2BkqvxZ6lvgAN0idWOb0GW0Py4V78wZW3kYzzLTanyC3BibL4Ts2LkZ2iTq1KJ9kU2qUA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83ce36e05c483a9d-FRA
content-type: text/html
date: Fri, 29 Dec 2023 01:19:21 GMT
location: https://robloxexploits.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU%2FwjRDkONm1GHloyHRO9dR97SvhwHkeH%2B%2BgasVgkyguUgxzAu3Hr4IaTu5A1dXZsF9DzUxFppnVhY9LdTOIpd5OPvA%2F6EZdN3tSYtQZOHlVbkzKf1QzOQ2IiPIJfrwHYDYzS1%2BTn7SNRkod%2Bo%2BbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H2 200 Primary Request / Show response
robloxscripts.net/ 129 KB
31 KB 92ms
20ms Document
text/html 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7817c1465e3cc79c837667eda0dddcf0cb1903fc085b337790721a1be0c1bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 01:19:22 GMT
host-header: WordPress.com
last-modified: Fri, 29 Dec 2023 01:17:24 GMT
link: <https://robloxscripts.net/wp-json/>; rel="https://api.w.org/" <https://robloxscripts.net/wp-json/wp/v2/pages/299>; rel="alternate"; type="application/json" <https://wp.me/PebEFq-4P>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams HIT
x-hacker: Want root? Visit join.a8c.com and mention this header.
x-nananana: Batcache-Set

GET
H2 200 /
robloxscripts.net/_static/ 463 KB
68 KB 21ms
20ms Stylesheet
text/css 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

55225177e951f130f18f083ca3a825ec67df44fa99c6ffbe037ef08c2e2821ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 26 Dec 2023 18:08:52 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
x-page-optimize: uncached
etag: W/"fe333d7d877597f22d6fa326707ac361"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.2/css/ 99 KB
21 KB 72ms
32ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/all.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1279927
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLAk7BQT%2F7p6j02nRtKfpEx%2B4OpVO30Gg%2Fi9GclMSYTNnFxNAOGcJRt%2F7WQep8tMmfbqCec0Sy77LygwfjLc%2BkKCydUYAWzkA3n10Yi%2F8opKkrG40mnwJlgwwHrU%2FCk4rQr4f%2B76TI2EIzLQrvq7%2Fgpl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 83ce36e70c313738-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 71ms
30ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2571251
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ffb6lVUXAQDo2JL9Xe6l3uM2i%2FQ2dr7qeJLMHtzJ7IB80uKR2GdP8iCLYjG4rYlGgMHwrWQlqqf4uhAAnGCyDkw6Cj%2FwN%2FReZ9SYf%2BAzpt0qEXhrwUUCXE9l8V0PeaQ4oF%2B%2FLwJoS7oZ3YCemv1XRmvN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 83ce36e70c333738-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
robloxscripts.net/wp-includes/js/jquery/ 86 KB
31 KB 21ms
20ms Script
application/javascript 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 45 KB
19 KB 21ms
20ms Script
application/javascript 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/gutenberg/build/modules/importmap-polyfill.min.js,wp-content/uploads/yhumkpbql.js?m=1703614132

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

992ee60e2a5686760238ab6f2fb415bc6aa7b90bf7862389a71519faa58f9043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 26 Dec 2023 18:08:52 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
x-page-optimize: uncached
etag: W/"be5cb82fcd8c75eb15cab750923bd2f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 121ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3908ef5efb68a966ccbea59558b303788cff6470e7451bfb6a6eae9742bd070f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51430
x-xss-protection: 0
server: cafe
etag: 7139528303566217591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:22 GMT

GET
H2 200 / Show response
dlh8c15zw7vfn.cloudfront.net/ 520 KB
182 KB 115ms
36ms Script
text/plain 2600:9000:2090:6600:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:6600:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6448529832fe7d052996546e748663b7d116c694692511018c1212d4e50df779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:17 GMT
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 5
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 186083
x-amz-cf-id: gNzc7egBtJL2KlRuslGqsbkCtkGwVGLTFXmt6uERR8Y0jWA31g36ag==

GET
H2 200 pnj-rs-w-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 3 KB
4 KB 61ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png?fit=504%2C355&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3194
x-nc: HIT hhn 2
last-modified: Mon, 05 Sep 2022 09:51:20 GMT
server: nginx
etag: "a7bc203b11e77164"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png>; rel="canonical"
expires: Wed, 04 Sep 2024 21:51:20 GMT

GET
BLOB 200
OK 9e6dcdb2-cb18-41dd-8dd3-cfee71e4faba
https://robloxscripts.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://robloxscripts.net/9e6dcdb2-cb18-41dd-8dd3-cfee71e4faba
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 fluster1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 582 KB
583 KB 56ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/fluster1.png?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e8df7bd495d8fc2c7e9a7676c3aa105e1f913a2a1776bf5d01652aeb697f2bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 596112
x-nc: HIT hhn 4
last-modified: Mon, 16 Oct 2023 13:47:51 GMT
server: nginx
etag: "8f4b49beff9858c6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/fluster1.png>; rel="canonical"
expires: Thu, 16 Oct 2025 01:47:51 GMT

GET
H2 200 Codex.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/07/ 171 KB
171 KB 56ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/07/Codex.webp?fit=1222%2C691&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d11b3f88e8e03d8a37e85cea00c18e02f588570c061663dbd6befbcd58943bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 174630
x-nc: HIT hhn 4
last-modified: Sat, 01 Jul 2023 19:31:48 GMT
server: nginx
etag: "36af72f9a624da9b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/07/Codex.webp>; rel="canonical"
expires: Tue, 01 Jul 2025 07:31:48 GMT

GET
H2 200 Furk-Ultra.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 109 KB
110 KB 24ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/Furk-Ultra.webp?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7210ffae4ea7badc94c99bdc514077bd4ee217433338bd11bff22201ac35294c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 111868
x-nc: HIT hhn 1
last-modified: Tue, 09 May 2023 21:23:13 GMT
server: nginx
etag: "0f8b4928f3bfa1b5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/Furk-Ultra.webp>; rel="canonical"
expires: Fri, 09 May 2025 09:23:13 GMT

GET
H2 200 image-2.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 22 KB
23 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image-2.png?w=561&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b8b44c9128abdce2345e601b2546cca99f2516eb9310f669d980a5fd24413a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22716
x-nc: HIT hhn 3
last-modified: Sun, 17 Dec 2023 02:15:49 GMT
server: nginx
etag: "10f27d39bce613cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image-2.png>; rel="canonical"
expires: Tue, 16 Dec 2025 14:15:49 GMT

GET
H2 200 image-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 37 KB
37 KB 20ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image-1.png?w=848&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

402b33aedef532331ad11608226b71d791b63ca688a20c1b90cf9b90e96aa38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 37730
x-nc: HIT hhn 3
last-modified: Wed, 06 Dec 2023 01:58:50 GMT
server: nginx
etag: "86033fd5c2613225"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image-1.png>; rel="canonical"
expires: Fri, 05 Dec 2025 13:58:50 GMT

GET
H2 200 discord.svg
cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/ 1 KB
2 KB 93ms
40ms Image
image/svg+xml 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/discord.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127656
x-guploader-uploadid: ABPtcPrOOB0FgKQlmimz_zTy9rFbxqe1p3-lP2FHb_hXR8-J95MsccXK2o7vttCjN-qfqr3uwxw
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=discord.svg
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:56:01 GMT
server: cloudflare
etag: W/"ff7fb5235b904fea50cedf072826782d"
vary: Accept-Encoding
x-goog-generation: 1661954161504978
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=Mb61zA==, md5=/3+1I1uQT+pQzt8HKCZ4LQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wwVsTa7ZGRhRS0TbD7NwmGnw3EU9hTBl4arwDPwF%2BPwxqYCbDFBY0OrquDTD5VTPscTEPh88wHmR0DC6B4bqi868xHsPlF0g%2FRh1tqBdlIdFvHDLtw2k%2FuSem6uCLftwKOqsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1270
cf-ray: 83ce36e888e639d3-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Sat, 28 Dec 2024 01:19:22 GMT

GET
H2 200 icons8-youtube.svg
cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/ 702 B
1 KB 96ms
43ms Image
image/svg+xml 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/icons8-youtube.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127657
x-guploader-uploadid: ABPtcPojLZ0wl4X36_NyFwKBcrlKADSaVwyt_gv_-Dh4DhBNxkR327fYQg9Nkw-zq7OMagpftzcv8fE4oQ
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=icons8-youtube.svg
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:57:21 GMT
server: cloudflare
etag: W/"382c3ebffb19403d05359a5ec7554298"
vary: Accept-Encoding
x-goog-generation: 1661954241540175
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=mHmx0g==, md5=OCw+v/sZQD0FNZpex1VCmA==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzl4LSYbHaGUKKBgFX9e8hfC3Cl9KEwwm0HyxuUSt7SxICZD2Qmc7qV%2BLp%2BbDMq1lIBpMwF0pb9aJEtP7XqAzdpJiKUt35D%2FGuz5e7bOVTEbc5IsFbMs%2BJ%2FKJw9BAUMOtuh8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 702
cf-ray: 83ce36e888e739d3-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Sat, 28 Dec 2024 01:19:22 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 7 KB
3 KB 74ms
24ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202352
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: e9885e4aea54f587ccabce165b42e0b3cd097030a72d4153b6eff6362d4f9bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
server: nginx
etag: W/"63443f58-1a42"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 00:00:01 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 41 KB
11 KB 19ms
19ms Script
application/javascript 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJydkdFOwzAMRX8Ikw0q8YT4lClNvMxr6oTaadjfY7ENTUNIiCfLjs7xldMrhMKKrK7mlojFHVGrD9O17lbkWBbnm5bZq1K4vgDNPiGEyC6SqPtuH4/y0H+KLz2shF3gveFyAs8RDK7Zn6AWUajmcLWN2fZ4EVQLZOj6i9NGulhA4nTmJVPE5cvbKSbUG0vXKh3O8jufHnBGcUyMMOaSdhbKjxnjDS4TVcjEE+xLaAJ7+viHhf1KySuV+zP9Bba19gsGvs2v25fN82Y7PA3DJw4Yq2U=

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e00ef8d8e4494291e3e1041bef75833e7948ad3cc8e30748e0cbe55704ae3168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Dec 2023 19:30:44 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
x-page-optimize: uncached
etag: W/"8155a60f4787d6605f77c210b442a192"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 e-202352.js Show response
stats.wp.com/ 7 KB
3 KB 70ms
23ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202352.js
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Fri, 29 Dec 2023 01:19:22 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Wed, 25 Dec 2024 04:07:10 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 50 KB
13 KB 20ms
20ms Script
application/javascript 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJylzFEKhDAMhOELGaOiuC/iWbQbpK6mwan2+uYO+zb8A18xCkmzaGY77i0quBhdAkuK+IjP4CdZQiYc8SsXL4Bk8A72EH71GbXeUZW/qGKGJZDdq5vOzefUjk3zGfquH1/9Pj4y

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

07a15cb778fd35290ee6949422605e80525668618bb6567b22e51f4bf9c0cfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 24 Nov 2023 19:30:47 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
x-page-optimize: uncached
etag: W/"8df86fb0a15ea7c51bb91442e47724e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 6fe10a4d-8eaf-4d1b-84f2-78cf5b422cca Show response
https://robloxscripts.net/ 20 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://robloxscripts.net/6fe10a4d-8eaf-4d1b-84f2-78cf5b422cca
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/gutenberg/build/modules/importmap-polyfill.min.js,wp-content/uploads/yhumkpbql.js?m=1703614132
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d29d1b10a6da0e25ff1bba88b0701b5c05c6544969ed31aac4eae3ed3bd075d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 20
Content-Type: text/javascript

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 88ms
30ms Fetch
binary/octet-stream 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3084
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Dec 2023 00:27:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLk9xTKcQ72W%2BKcZMRA6dSfrcaS289KaVfOB7dSupbDRZ8sWT8KnaQZlIyF7C0gG5CPV6jqM3htgXIp3Mb6lGGDKhAlWyrPLqnt3%2BO4witTGwi8Hn8gdQCGFukcolV95"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83ce36e84ad99152-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
391 B 175ms
118ms Fetch
text/plain 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163adf926e11f38baf5b238eeef7756a6fc46ea435d12a4ddd77039c71f26f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EirSY8Gohn0yGtpudzorRbgtzTHH0w5I1331PRlYdNesB1RID%2BmRL62e1zIhyR38K3llKewECxHzttzmDempWkon4pbZbUdd1qsZ1C3%2Bcx%2F2MzDk58w3%2BUca%2Fkud69vI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 83ce36e84add9152-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
gladthereis.org/ 0
538 B 160ms
112ms XHR
text/plain 52.222.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gladthereis.org/utx?cb=aJ1EdpYEOpjZ&top=robloxscripts.net&tid=955131
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-70.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:22 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 8hWiOyf49d_FrmyfwqBJwLXihIR-A-twPUyALMrJfutmw6I7Cel-1g==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 107ms
57ms Fetch
binary/octet-stream 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3084
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Dec 2023 00:27:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F1zcXXR%2FhnezLptlZCdpxsGuQiyG9%2BMmC8bzrEgjv3tvcLUevUYbzmXC46e870NZDv4nDUcYAPZOeCa9EcP2PMj424kF133SawHcPBvIX7NLQICoDd0DlbKvMg2E6U5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83ce36e84ada9152-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
350 B 174ms
123ms Fetch
text/plain 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2302f0e347573e5d0286b6b13ef6430b17d99d2ed0f12568899f972250f55549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wVaBbOoVZfRlTzODHLui2h3rPsGjxfM73D5ksjuYiTiWP6JAdEE%2F%2BchQAav%2F%2FLZmtu9cPhfErP%2Ba7u38uMHFKXQ6rPtD0pOT8a8hnTOfmwJ1of9I1g0or7XKktcKSgg"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 83ce36e84ade9152-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
gladthereis.org/ 0
539 B 153ms
111ms XHR
text/plain 52.222.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gladthereis.org/utx?cb=6bCdsP2itMvL&top=robloxscripts.net&tid=955748
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-70.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:22 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: mEr8K3xOKTYrth3D_TmSuHoVkuANuOmdd_MEBMwvf94d1GQZ7nJ-Dg==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 100ms
57ms Fetch
binary/octet-stream 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3084
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Dec 2023 00:27:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ekNri7%2FBeUDd7OmzadSL2BrIZlFXVvlbrZllkrCAQ3UkFPlXkB7biwQijNnYgaBB7WjLKZf36n4sx%2BtAbukmfUpqGKecVx%2FFse4eDvzK31wq7pu0j9SH2eQwRpmAVd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83ce36e84adc9152-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
350 B 169ms
126ms Fetch
text/plain 172.64.133.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62a5f09ee92cc06d2567a4c1a34431fffaaa025299765cace91c872d1e6ba93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHLvo7V%2FXW3WKWL4O47lbQ%2F8ALOY6wngNmMIlRgTOv4IJu97%2BMTfPp0Fo7y2t16x5WUm6mSginKmkgsLYHKTWm3aDdN3UXBPw31D7bdE6Xfe32zIlvw6WH9ZVBQ5CZ%2FF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 83ce36e84adb9152-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 OTZ6Z3kWCRkURG5gKBAab3wSBSxRcyMgAUpnETESW3E8IStuVVwTEF0LQ1JMCAVLQQlQUkdWX0pCGxMMSgtLQRBXUBVaX08LS0lKDRhJU1cJEA9aSB9CCgYeBAdcFw1NWkdWTgkFQlZLDgBIX08L
withdedukication.com/ 0
260 B 180ms
126ms Image
text/plain 104.21.70.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://withdedukication.com/OTZ6Z3kWCRkURG5gKBAab3wSBSxRcyMgAUpnETESW3E8IStuVVwTEF0LQ1JMCAVLQQlQUkdWX0pCGxMMSgtLQRBXUBVaX08LS0lKDRhJU1cJEA9aSB9CCgYeBAdcFw1NWkdWTgkFQlZLDgBIX08L
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Vbaqs%2BSoWK7t66ELvW6giGMFs3Kyo1wbJvYKY%2Bz771f6kjZ0FxtYRQ9WUY%2FXQE8Ls4XepimFFv2JiDPP8THokhZjwrDL4L%2BHwkGX4%2Fm4CJrnkxVVf%2Ft43ziHIGxd%2BmamtX61Inkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83ce36e88c224d52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 148ms
108ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp0ptUBcjLSCO3SKwPsuGyVykeyNHhyFGg9jkZQQ4oLFM8yTxo-z-TcWmIw...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2Q1SPipu7GiJH7zNIBoMxKUdZGP-K071sZt7pgu8qGjAEehK6TcAWHsrjGPHv5CMgiA7Tg&passive=...

0
0

71ms
71ms

Image
text/html

2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2Q1SPipu7GiJH7zNIBoMxKUdZGP-K071sZt7pgu8qGjAEehK6TcAWHsrjGPHv5CMgiA7Tg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1442932359%3A1703812763044057&theme=glif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Fri, 29 Dec 2023 01:19:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-oGrTOQRU030ktfpSTlcyRg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2Q1SPipu7GiJH7zNIBoMxKUdZGP-K071sZt7pgu8qGjAEehK6TcAWHsrjGPHv5CMgiA7Tg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1442932359%3A1703812763044057&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3NQkFX2RE6QrQ4rxEedHuPJqk6yR9ACD3DCCMlYg0O7FUmmn84XMw...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3tCftwp1wk51ObLIrCtQ5x3nsE2u0DQi3E_7q0KAUeOTeotyJ-XDNHusjeJyVzy8p2kjEF&passive...

0
0

47ms
47ms

Image
text/html

2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3tCftwp1wk51ObLIrCtQ5x3nsE2u0DQi3E_7q0KAUeOTeotyJ-XDNHusjeJyVzy8p2kjEF&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-872078782%3A1703812763042489&theme=glif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Fri, 29 Dec 2023 01:19:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce--7j0j9bDlDxZK_-XBgW7uw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3tCftwp1wk51ObLIrCtQ5x3nsE2u0DQi3E_7q0KAUeOTeotyJ-XDNHusjeJyVzy8p2kjEF&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-872078782%3A1703812763042489&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
withdedukication.com/ 35 B
542 B 91ms
38ms Image
image/gif 104.21.70.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://withdedukication.com/popunder.gif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: public
date: Fri, 29 Dec 2023 01:19:22 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 00:56:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1354
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4xNgJiZuQfjPDbasdUc%2F7J01F9CvkC6WYCsYmE0I%2BfFsHyGEzRzTfmlh1qFMOPiW6QVrQ%2FqKssnMAyrTTnOyt2%2BApt1BYJZ6g1lNYOA%2Fw3oByCQ%2FuWPBatOdf15Mg0eoGy%2FlQCzjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 83ce36e88c244d52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 bnRrR2RBSwg0WTs8Pj4xNhwMFRM4GjoANis1LA0mDyEqBQU7TE0zDQpJUnJRWUBTYRQHEFZ2Qh0ACjMRHUlaYQ0AEgR6QhhJWmlXWlpYc0peUh56VUgAGyYDU0VNNxAaGFZ2U15HU3ZWWUJZf1JX
withdedukication.com/ 0
287 B 119ms
119ms Image
text/plain 104.21.70.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://withdedukication.com/bnRrR2RBSwg0WTs8Pj4xNhwMFRM4GjoANis1LA0mDyEqBQU7TE0zDQpJUnJRWUBTYRQHEFZ2Qh0ACjMRHUlaYQ0AEgR6QhhJWmlXWlpYc0peUh56VUgAGyYDU0VNNxAaGFZ2U15HU3ZWWUJZf1JX
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5qJHMfy3Gbf%2BZ77z6fS58wWh%2BrYevWW%2BuaIMF7eZ19CbAY4yWuOf5cjPV08jf0Njk8rzIYkgk1SRysWNyAu0CVFyfbC7rEbFcSnwl2T6LnIBXYLVF4O76%2Fwd4egdrTD0wh%2FanocTw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83ce36e89c254d52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 ZUNwVTFKfBMmDAEWAARVMnYzM2YzByg+f1wZGw9oNxscOWAjGlYhWAF+SWAEXXVFc0EMJ01mBEMwBDRFEDBNZBcMLRY6DEM1TWUfUG1CewJDNk1kFxEzETIMVGUAIUUJfkFiAVZ7QWcGU3FIYgU
withdedukication.com/ 0
256 B 121ms
121ms Image
text/plain 104.21.70.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://withdedukication.com/ZUNwVTFKfBMmDAEWAARVMnYzM2YzByg+f1wZGw9oNxscOWAjGlYhWAF+SWAEXXVFc0EMJ01mBEMwBDRFEDBNZBcMLRY6DEM1TWUfUG1CewJDNk1kFxEzETIMVGUAIUUJfkFiAVZ7QWcGU3FIYgU
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQtE30LPlMaZdL%2F4GkigcuGyUUFCTRugJcYrd747qwlmRzGB07UWcwr8egb%2FjTTOPfZrlHJVZ%2FE8yQDM9V8tQk6CNX%2B7N31gTeaWI6RSqbXOe5LhI7pv9Rj6h8zvXNlcC0MYP8km9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83ce36e89c264d52-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 20ms
20ms Font
application/font-woff2 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ecc"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7884
expires: Wed, 03 Jan 2024 15:00:12 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 20ms
20ms Font
application/font-woff2 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1f40"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8000
expires: Wed, 03 Jan 2024 15:00:12 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 20ms
20ms Font
application/font-woff2 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ea0"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7840
expires: Wed, 03 Jan 2024 15:00:12 GMT

GET
H2 200 image.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 25 KB
25 KB 20ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image.png?w=599&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

99d4c42638c3f0d4cd4d2891abec4cf56681abf61ea8644fb66d2cd93d08b014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25244
x-nc: HIT hhn 4
last-modified: Mon, 04 Dec 2023 18:06:39 GMT
server: nginx
etag: "8d57dd2782c2395e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image.png>; rel="canonical"
expires: Thu, 04 Dec 2025 06:06:39 GMT

GET
H2 200 image.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/11/ 107 KB
107 KB 20ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/11/image.png?w=855&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e9034cb5c93deabdf13ad27110fdbb73bed2f480f38fd00e0ba4dd2c71c6f97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109502
x-nc: HIT hhn 2
last-modified: Thu, 30 Nov 2023 19:00:21 GMT
server: nginx
etag: "c549b226ed9b5ca7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/11/image.png>; rel="canonical"
expires: Sun, 30 Nov 2025 07:00:21 GMT

GET
H2 200 image-4.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 59 KB
59 KB 21ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/image-4.png?w=380&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5dcf2ecc8fcdc01d1f390be9c1599b74c9e39162a692aa0da5bb1e40e0701ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 60188
x-nc: HIT hhn 3
last-modified: Tue, 31 Oct 2023 19:12:47 GMT
server: nginx
etag: "2f5657afce182ec7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/image-4.png>; rel="canonical"
expires: Fri, 31 Oct 2025 07:12:47 GMT

GET
H2 200 image-3.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 42 KB
42 KB 23ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/image-3.png?w=668&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

451763f38c07ca6765fb0dfc81a046df11124035914f2cdbe6af0891c6a9be12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 42624
x-nc: HIT hhn 3
last-modified: Tue, 17 Oct 2023 21:23:54 GMT
server: nginx
etag: "8f19372fb386d629"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/image-3.png>; rel="canonical"
expires: Fri, 17 Oct 2025 09:23:54 GMT

GET
H2 200 fluster1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 385 KB
386 KB 23ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/fluster1.png?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

90628502cb1a48f11dc4f6fc164333280cb8f9129d6fcacbcef45458fc1554b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 394416
x-nc: HIT hhn 4
last-modified: Mon, 16 Oct 2023 13:47:52 GMT
server: nginx
etag: "72e790af56bd8c7b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/fluster1.png>; rel="canonical"
expires: Thu, 16 Oct 2025 01:47:52 GMT

GET
H2 200 bypass.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 446 KB
447 KB 24ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/bypass.png?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2d81d5489bf028fd09f6e0358faa7254cba0a2bdc69c4ac708d60fd4ba7fc590

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 457012
x-nc: HIT hhn 1
last-modified: Fri, 13 Oct 2023 18:16:06 GMT
server: nginx
etag: "d01b6d9a20ffad5e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/bypass.png>; rel="canonical"
expires: Mon, 13 Oct 2025 06:16:06 GMT

GET
H2 200 ajax-loader.gif
robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ 4 KB
4 KB 22ms
21ms Image
image/gif 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ajax-loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEiRmMaf3T6KB0+TsQQghyYydv3Eu00OlU7nf5I4A522bu9PjDV+QQ+8eCysR75JWYnCz2yY4Y4MOE10xaDEwMLHSYWhAEesnRWcYEIiXBI32lBy0v/zbqjFbmoN6XcrrSs67KSVS2WoItdDZuqKrdS1beoLy0mUyghGi6zdZpL16mGOSujiAPHNDj4GzTtob0LpSq7nJiJVl+/Yb1yWQPyA/IWtBXgiIaQ82BsEkTmwAg1LFrrn6LpbB7PMbfSKBUBQ+fRnoC2anRqcgSd1RDnZlBGNf9BdHX6qOeUShG8tt7Muabx6a02kOa0fQrYs/MQ3WM8QApCNbztdHbUOmcb+v8oYrIUubceGJltPmhghXSg529OU4C/hz4s91bcuUTkqQtT+XeE5uA6oZEP+9w2QR7dM/5R+GU/Xn1v34rX5boqymK9+gRHl20T
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams HIT
last-modified: Fri, 24 Nov 2023 19:30:47 GMT
server: nginx
etag: "6560f9e7-1052"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4178
expires: Wed, 03 Jan 2024 15:00:13 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 26ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=209646640&post=299&tz=1&srv=robloxscripts.net&hp=atomic&ac=2&amp=0&j=1%3A13.0-a.10&host=robloxscripts.net&ref=https%3A%2F%2Frobloxexploits.net%2F&fcp=357&rand=0.25449143230118576
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 01:19:22 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
robloxscripts.net/wp-includes/js/ 18 KB
5 KB 22ms
22ms Script
application/javascript 192.0.78.230
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Q0IVLjV3HzBadAE8MzkICzAlPhNmF0RKY3U9MyUEVgAjHBADQwQJPEMtNwV8QB0hXxB3MSIMK2JKP1oSXkI0OgZlX0MpM3EwJApjYgIpFxheMzlXF3ktREpjcRsdHAF6OR1KY3U4JzYieC4dDBJkMAEOEFA8OBVlAi0WISRVEgYoB3sOGA45XysUXAdZPScLZlciS... Show response
gladthereis.org/M3pxb1FSGBICblJHE0kkQRZMSmN1X0MpNV8SSQxgBgAGWCdVFF8MPVwPFQkjXBQFQT9WDlRdF1c0QzUdZzwBOhJgLwA1BH4qPVwXWTsdIWdVSAI9FXcdGyEUVxg8XARpLSUmAX8oFToAd0JDPzZDIhM8EAQtICljUhBINRNrIEgJF2o5OjcXR... Frame FF68 3 KB
2 KB 121ms
121ms Document
text/html 52.222.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gladthereis.org/M3pxb1FSGBICblJHE0kkQRZMSmN1X0MpNV8SSQxgBgAGWCdVFF8MPVwPFQkjXBQFQT9WDlRdF1c0QzUdZzwBOhJgLwA1BH4qPVwXWTsdIWdVSAI9FXcdGyEUVxg8XARpLSUmAX8oFToAd0JDPzZDIhM8EAQtICljUhBINRNrIEgJF2o5OjcXRj8jJmZ6ADQkE2dCQSYXZjU4BgAKLzQudAE4PTg1UjklKj19FgInM11OEi46W00QODZ7LhsYPX08PCUBd0NUXRdxLCgDHntCNzk/Q0IVLjV3HzBadAE8MzkICzAlPhNmF0RKY3U9MyUEVgAjHBADQwQJPEMtNwV8QB0hXxB3MSIMK2JKP1oSXkI0OgZlX0MpM3EwJApjYgIpFxheMzlXF3ktREpjcRsdHAF6OR1KY3U4JzYieC4dDBJkMAEOEFA8OBVlAi0WISRVEgYoB3sOGA45XysUXAdZPScLZlciSSkHWR0FPxdqLzgCPVwZJyFlVkkgKgR0SkQ1JmpcGxw+XQpMF2hwFCUrMH4Z
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-70.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 7cf2535ac3543aee266535cd5ef42dd5df15d9c1013ecb3c831d0924ba20e9e1

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Fri, 29 Dec 2023 01:19:23 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-id: rLvNP9QqMEZhpSJLsaoWbbldk-jOw_ZrZiuJcRe3n2l4ntA9xdbnkw==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront

GET
H2 200 eDwl Show response
gladthereis.org/UDdOMUQxVS1cezEKLBcxIltzFHYWEnx3IDxfdlJ1ZU05BjI2WWBSKD9CKlc2P1k6Hyo1Q2sDAhRuJUZ3HmI5cw1hWxpSPAlbG0YsYWF9WgURbxx0DjtlL3gsGk8aZx0/cSAAAzZzH2klO3keegJpDgtnLyRzDUIPFU4lfAgnWAtQIx1YGGAsZ... Frame 43B4 3 KB
2 KB 121ms
121ms Document
text/html 52.222.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gladthereis.org/UDdOMUQxVS1cezEKLBcxIltzFHYWEnx3IDxfdlJ1ZU05BjI2WWBSKD9CKlc2P1k6Hyo1Q2sDAhRuJUZ3HmI5cw1hWxpSPAlbG0YsYWF9WgURbxx0DjtlL3gsGk8aZx0/cSAAAzZzH2klO3keegJpDgtnLyRzDUIPFU4lfAgnWAtQIx1YGGAsZGUKWQwHXipXCGB5AH8jEVwWXXQidRlBBwZ/C2ENYAYteAVkQwtWJxthfHgMFX97Yh4VdS14IwldH3QeIGIGSR4BYCJgIhFuCGgoGkcMeSAgYgZJBQh0BGQhEn4JdS80EnxzBmAGeGcpBWQMAjMUZwscIAp8HGQ0BmF6XQI9XAhSdzxlK0kvF1IlVWFidQxJdD50JFklB2AiYAAofgZXBWRbFncGIGIGSRUFdHZ7DSgDH1coGUEWASc6czdaFxJAPmUiN1QsVwEoAQxGPGFjBgEMFHAiYCIVZRt6Ix0SfHMcOHVrAwYafyV0BT19HFQsFnYtZwl2XT1eKiAKNFIgJAY/eDwl
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-70.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b68ae28314855f2fbf9bdc105f49e69d1a5a53bee61d40156b444a113c9d88f2

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1230
content-type: text/html
date: Fri, 29 Dec 2023 01:19:23 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-id: 62Tpmxeno2qxMlYvC1xaGJE6UDp9HKAtu3M7YDVeN8fiseClMVdi0Q==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront

GET
H2 200 VmRxNGY3BhJZWTdZExITJAhMEVQQQUNyAjoMSVdXYx4GAxAwCl9XCjkRFVIUOQoFGggzEFQGIGUFNFsfGFYaeCwAHCNiDiEOJ1MWBzwpDC0XMgl7LxMiKHYePlcrU15zVjdwN2MJJVhSBgY0bigSMicDIBAXOHYPZjQ0ZRERLyAMIQITGkEzFxQVYAxjJyZ1LAA0Q... Show response
gladthereis.org/ Frame C516 3 KB
2 KB 113ms
113ms Document
text/html 52.222.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gladthereis.org/VmRxNGY3BhJZWTdZExITJAhMEVQQQUNyAjoMSVdXYx4GAxAwCl9XCjkRFVIUOQoFGggzEFQGIGUFNFsfGFYaeCwAHCNiDiEOJ1MWBzwpDC0XMgl7LxMiKHYePlcrU15zVjdwN2MJJVhSBgY0bigSMicDIBAXOHYPZjQ0ZRERLyAMIQITGkEzFxQVYAxjJyZ1LAA0QEwyEiVFXj4QLT9gDG8wMlM3Hik3QAQUNR1CJx4iEmYIOTwzYgoXNCdAPBI1Eg03BC4TYyUEIzRYEg8BBn08ATFAAQUULhNjImcGJmJfNQYGclcCIgECNTEiFWUxbiUzQwEPKx0ZUwUsFgQJATJFUDIODEF1CiYCK3UjFDA3RFARCAZ2LhUAFHEKJRYTQyceJiBxDgAcO1YxFVUpYicfLChMBRAzIEcPByIWcSIBXDBXMD4FFFwRHjZAAVAVE0R8MQ4LPXEKIj0+YigEJzNbDBATJEI+Dg83czAmARNxBR0zMBIMJQsfRFsCXCdRIgIdRlM
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-70.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 60ae6fbb6fc504c5bf17d7a06f91eb0baa6e930f401f3c8f1892881623ba19f3

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1228
content-type: text/html
date: Fri, 29 Dec 2023 01:19:23 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-id: EvDWezX4FMB1nQsmmXIi8H9Ex1sdWjcOEouL1nZXOxuqVfhatv77sg==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 127ms
84ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db59a6c8bb3ca2124938bb7f0970619e51ffc094595351015a4a61dc1ba10f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137957
x-xss-protection: 0
server: cafe
etag: 11303391760646919574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:23 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 327E 9 KB
4 KB 71ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 DQ5mTl4PbEZNDVV7FFsIBi0PEQwGKQ8GTwkuUApdTj5CWAJVP1xTDA4jXFINTj9TCgQHMFtbBQlvAHFcRnoXBVlAPVtZDQc9QRJbWCRGEltYewIZWU15cBJbWD1bWV9cbwF1TFp6SgFdQW8ABwgYOl-5SHg0oWV4dTXh0AlpfZAEBTFp6GlwBHCdeElsrbwAHBQEh... Show response
dlh8c15zw7vfn.cloudfront.net/3aEoyN2kLJVxRVhwjVgpQXX8KAVxOIEFYBxh3Zg8/ Frame C516 773 B
799 B 176ms
175ms Script
text/plain 2600:9000:2090:6600:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/3aEoyN2kLJVxRVhwjVgpQXX8KAVxOIEFYBxh3Zg8/DQ5mTl4PbEZNDVV7FFsIBi0PEQwGKQ8GTwkuUApdTj5CWAJVP1xTDA4jXFINTj9TCgQHMFtbBQlvAHFcRnoXBVlAPVtZDQc9QRJbWCRGEltYewIZWU15cBJbWD1bWV9cbwF1TFp6SgFdQW8ABwgYOl-5SHg0oWV4dTXh0AlpfZAEBTFp6GlwBHCdeElsrbwAHBQEhVxJbWC1XVAIHYxcFWQsiQFgEDW8AcVhaehwHR156Cw5HWXoLEltYOVNRCBojFwUvXXkFGVpebEcKWA
Requested by: Host: gladthereis.org
URL: https://gladthereis.org/VmRxNGY3BhJZWTdZExITJAhMEVQQQUNyAjoMSVdXYx4GAxAwCl9XCjkRFVIUOQoFGggzEFQGIGUFNFsfGFYaeCwAHCNiDiEOJ1MWBzwpDC0XMgl7LxMiKHYePlcrU15zVjdwN2MJJVhSBgY0bigSMicDIBAXOHYPZjQ0ZRERLyAMIQITGkEzFxQVYAxjJyZ1LAA0QEwyEiVFXj4QLT9gDG8wMlM3Hik3QAQUNR1CJx4iEmYIOTwzYgoXNCdAPBI1Eg03BC4TYyUEIzRYEg8BBn08ATFAAQUULhNjImcGJmJfNQYGclcCIgECNTEiFWUxbiUzQwEPKx0ZUwUsFgQJATJFUDIODEF1CiYCK3UjFDA3RFARCAZ2LhUAFHEKJRYTQyceJiBxDgAcO1YxFVUpYicfLChMBRAzIEcPByIWcSIBXDBXMD4FFFwRHjZAAVAVE0R8MQ4LPXEKIj0+YigEJzNbDBATJEI+Dg83czAmARNxBR0zMBIMJQsfRFsCXCdRIgIdRlM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:6600:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8138fe504e37a39c2b87803d864db3815e709ee799b539962b25a97160681a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gladthereis.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 522
x-amz-cf-id: dE2d6_YZwT5YEsMQx3KunTyxQyiEG9kFWDT9sros-41qh8aBcbfASw==

GET
H2 200 BVYsKTlcCWJpaAcFIz41WgNufhwGVHtiahlQe3VjGVd7dX8FVjgtPFYUImlocVN4e3QEUG05ZwY Show response
dlh8c15zw7vfn.cloudfront.net/dN2ZLTFpUCSUqZUMPL3FjAlN6f2sRDDgjNEdbM3UZWTIPLRdUQD82PgpXbSA7WQF2aj9ZBXZ9fFYCKXFuERI7IzEKBT80IFUOIiQ9UEA+LWdaCTElNlsHbn4cAkh7aWgHTjwlNFMJPD9/BVYlOH8FVnp8dAdDeA5/BVY8JTQ... Frame FF68 845 B
865 B 174ms
174ms Script
text/plain 2600:9000:2090:6600:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/dN2ZLTFpUCSUqZUMPL3FjAlN6f2sRDDgjNEdbM3UZWTIPLRdUQD82PgpXbSA7WQF2aj9ZBXZ9fFYCKXFuERI7IzEKBT80IFUOIiQ9UEA+LWdaCTElNlsHbn4cAkh7aWgHTjwlNFMJPD9/BVYlOH8FVnp8dAdDeA5/BVY8JTQBUm5/GBJUezRsA09ufmpWFj-sgP0ADKSczQ0N5Cm8EUWV/bBJUe2QxXxImIH8FJW5+alsPICl/BVYsKTlcCWJpaAcFIz41WgNufhwGVHtiahlQe3VjGVd7dX8FVjgtPFYUImlocVN4e3QEUG05ZwY
Requested by: Host: gladthereis.org
URL: https://gladthereis.org/M3pxb1FSGBICblJHE0kkQRZMSmN1X0MpNV8SSQxgBgAGWCdVFF8MPVwPFQkjXBQFQT9WDlRdF1c0QzUdZzwBOhJgLwA1BH4qPVwXWTsdIWdVSAI9FXcdGyEUVxg8XARpLSUmAX8oFToAd0JDPzZDIhM8EAQtICljUhBINRNrIEgJF2o5OjcXRj8jJmZ6ADQkE2dCQSYXZjU4BgAKLzQudAE4PTg1UjklKj19FgInM11OEi46W00QODZ7LhsYPX08PCUBd0NUXRdxLCgDHntCNzk/Q0IVLjV3HzBadAE8MzkICzAlPhNmF0RKY3U9MyUEVgAjHBADQwQJPEMtNwV8QB0hXxB3MSIMK2JKP1oSXkI0OgZlX0MpM3EwJApjYgIpFxheMzlXF3ktREpjcRsdHAF6OR1KY3U4JzYieC4dDBJkMAEOEFA8OBVlAi0WISRVEgYoB3sOGA45XysUXAdZPScLZlciSSkHWR0FPxdqLzgCPVwZJyFlVkkgKgR0SkQ1JmpcGxw+XQpMF2hwFCUrMH4Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:6600:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f0ca40b0db476cf46f6b4ad254f649cc6c25475cc4a759f9ea70ca62dc75d918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gladthereis.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 590
x-amz-cf-id: 4_fQw1aI9wm03qlAKCQWJ0Q2ZaseboZ4tJ6uy6E2deM1gaDQIYtp5A==

GET
H2 200 DYkw3NUwBI1lTcxYlUwh1V3kAAXREJkRaIhJxTVYoFn1GfDQXakNPKF99EVktDCsKEykMLwoEagMoVQh4RDhHWidfL0NNNgAkXl0rBWpCVHEPI01cIA4tEgcKV2IHEH5SZEBcIgYjQEZpUHxZQWlQfAYFYlJpBHdpUHxAXCJUeBIGDkd+B016VmUSB3wDPE-dZKRU... Show response
dlh8c15zw7vfn.cloudfront.net/ Frame 43B4 861 B
883 B 173ms
173ms Script
text/plain 2600:9000:2090:6600:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/DYkw3NUwBI1lTcxYlUwh1V3kAAXREJkRaIhJxTVYoFn1GfDQXakNPKF99EVktDCsKEykMLwoEagMoVQh4RDhHWidfL0NNNgAkXl0rBWpCVHEPI01cIA4tEgcKV2IHEH5SZEBcIgYjQEZpUHxZQWlQfAYFYlJpBHdpUHxAXCJUeBIGDkd+B016VmUSB3wDPE-dZKRUpVV4lFmkFc3lRexkGekd+Bx0nCjhaWWlQDxIHfA4lXFBpUHxQUC8JIx4QflIvX0cjDykSBwpTfgcbfEx6Bwx1TH0HDGlQfERUKgM+XhB+JHkEAmJRehFAcVM
Requested by: Host: gladthereis.org
URL: https://gladthereis.org/UDdOMUQxVS1cezEKLBcxIltzFHYWEnx3IDxfdlJ1ZU05BjI2WWBSKD9CKlc2P1k6Hyo1Q2sDAhRuJUZ3HmI5cw1hWxpSPAlbG0YsYWF9WgURbxx0DjtlL3gsGk8aZx0/cSAAAzZzH2klO3keegJpDgtnLyRzDUIPFU4lfAgnWAtQIx1YGGAsZGUKWQwHXipXCGB5AH8jEVwWXXQidRlBBwZ/C2ENYAYteAVkQwtWJxthfHgMFX97Yh4VdS14IwldH3QeIGIGSR4BYCJgIhFuCGgoGkcMeSAgYgZJBQh0BGQhEn4JdS80EnxzBmAGeGcpBWQMAjMUZwscIAp8HGQ0BmF6XQI9XAhSdzxlK0kvF1IlVWFidQxJdD50JFklB2AiYAAofgZXBWRbFncGIGIGSRUFdHZ7DSgDH1coGUEWASc6czdaFxJAPmUiN1QsVwEoAQxGPGFjBgEMFHAiYCIVZRt6Ix0SfHMcOHVrAwYafyV0BT19HFQsFnYtZwl2XT1eKiAKNFIgJAY/eDwl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:6600:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7cb05fe22ae35f11c9e28c7997a1f1f2da06418c0de2f580782088130b894604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gladthereis.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: gzip
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 606
x-amz-cf-id: yWw2l7Si19OnzauD0Q-sNdkAxhuopEn6X3zx4Rn78VI4tAgZzVK7JQ==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E452 374 KB
98 KB 980ms
979ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1703812644&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763063&bpp=8&bdt=401&idt=223&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2144509748814&frm=20&pv=2&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4377645a2cf1841ffdaafc7d796688342339c3660af2e186073fb110f9f813c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 99926
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
expires: Fri, 29 Dec 2023 01:19:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC31 129 KB
42 KB 510ms
510ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703812644&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763071&bpp=2&bdt=409&idt=241&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2144509748814&frm=20&pv=1&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b125cff90ac87816331fe204b6cd17fd2aabc044bc1f50bcee1652e117e143dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43068
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:23 GMT
expires: Fri, 29 Dec 2023 01:19:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame BC31 9 KB
4 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703812644&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763071&bpp=2&bdt=409&idt=241&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2144509748814&frm=20&pv=1&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 01:04:19 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame BC31 11 KB
5 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:33:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BC31 14 KB
2 KB 77ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 00:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 01:19:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BC31 2 KB
875 B 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BC31 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BC31 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BC31 20 KB
9 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC31 203 KB
65 KB 78ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:23 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BC31 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 301E 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703812644&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703812763071&bpp=2&bdt=409&idt=241&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2144509748814&frm=20&pv=1&ga_vid=1838608491.1703812763&ga_sid=1703812763&ga_hid=30084855&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079759%2C31080144%2C95320885&oid=2&pvsid=1940217420885840&tmod=419958152&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 00:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BC31 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26e020ebe6f3a524d471f871ee25665bed74ad50d12dd216e2b0de9d7f7b09d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 301E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
expires: Fri, 29 Dec 2023 01:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BC31 33 KB
34 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 101853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 21:01:51 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BC31
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClWnqmx6OZZ_YFLjU1PIPw9yKkAr86M7jdIKS4tXSEYCvlJhDEAEg_uala2CVgoCAmAegAYi13twpyAEBqAMByAPDBKoE1QFP0MxFpymi-5e1sZBmSfYWe7ni3n_4GdW-0uT72kVZMwg4hE2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216780872929754348523%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_win...

0
0

403ms
55ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216780872929754348523%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226450338473591229857%22}&andc=true

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16780872929754348523","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6450338473591229857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Dec 2023 01:19:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16780872929754348523","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6450338473591229857"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0247 50 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 08:10:10 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 120ms
57ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 01:19:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/gutenberg/build/modules/importmap-polyfill.min.js,wp-content/uploads/yhumkpbql.js?m=1703614132

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4e5d6a39db3b04fdddc5ec221157b7baf9628721c80adb3c2c61d34c258eb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51428
x-xss-protection: 0
server: cafe
etag: 1706232285930432553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90221ffe84a937bace0ff97febc9b9c00ada4c2d505fab8171691d453189c5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12140
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56007
x-xss-protection: 0
server: cafe
etag: 5399100907576838485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 7BD1 9 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8576 9 KB
4 KB 27ms
27ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F268 13 KB
5 KB 30ms
27ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 16:01:27 GMT
expires: Fri, 27 Dec 2024 16:01:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 50C6 829 B
998 B 40ms
39ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da4a0879dd78602b8a4f4e6d99585ab01b350b1ecaf3f804f95d26f7edfe25db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O3ABuOd7QyzTAabaQN2jYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-O3ABuOd7QyzTAabaQN2jYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
expires: Fri, 29 Dec 2023 01:19:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 7BD1 4 KB
767 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 01:13:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BD1 205 B
229 B 29ms
29ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:12:33 GMT
x-content-type-options: nosniff
age: 54411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Dec 2024 10:12:33 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BD1 604 B
628 B 30ms
30ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:13:33 GMT
x-content-type-options: nosniff
age: 86751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Dec 2024 01:13:33 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7BD1 16 KB
7 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7BD1 22 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:17:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A0B2 624 B
245 B 72ms
71ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4no4gEwAQ&v=APEucNUYdEVRzgKSF0NP4ckEmmYafPmv9FHU_MqIroYg4KDOOhzng-jZK7_TjMsfZ70eKyEbxA-slerJfyqwQXbU8ZJ3sKj9XSjevqI0F0g5hIt26ckqzpWt_U2nWK6SKCDNMJiT-Xc4TaZsUs6bsn8lVBd3IQdaZJO5l036nue86JX-M7C6LUE

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
expires: Fri, 29 Dec 2023 01:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 31C4 172 KB
61 KB 89ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 31C4 7 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:43:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 31C4 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 20:43:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 31C4 41 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 31C4 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 31C4 20 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31C4 203 KB
64 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 31C4 42 B
63 B 66ms
65ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoycAtPFx77b3eS2RXAwM40RGUYJBUZdvsVldXYOTD9_qViiRLdjn_Tet3byMaubbWVgZkMRm7mOLW3JknCqPdJBtmj6XAb733EIgP5bqvBinSWAU

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A0B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1

43 B
340 B

47ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4no4gEwAQ&v=APEucNUYdEVRzgKSF0NP4ckEmmYafPmv9FHU_MqIroYg4KDOOhzng-jZK7_TjMsfZ70eKyEbxA-slerJfyqwQXbU8ZJ3sKj9XSjevqI0F0g5hIt26ckqzpWt_U2nWK6SKCDNMJiT-Xc4TaZsUs6bsn8lVBd3IQdaZJO5l036nue86JX-M7C6LUE
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF1w%2BYjEu5%2BLkIpPraJPCf2rWyupZNwfwMl6inqDYh9jFnvc4SXHvDCnx2x0GXtnP7SQSACZo8freDnyKxLZgzQwE%2FhUUQW0yj48sB6PnCx25P2POy2HemwWbC6BTZkU%2FPuKmul4TUtjAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ce36f3295b6a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A0B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY4enF8YUHcaqoVt.DIkVAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1&google_hm=2

43 B
765 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4no4gEwAQ&v=APEucNUYdEVRzgKSF0NP4ckEmmYafPmv9FHU_MqIroYg4KDOOhzng-jZK7_TjMsfZ70eKyEbxA-slerJfyqwQXbU8ZJ3sKj9XSjevqI0F0g5hIt26ckqzpWt_U2nWK6SKCDNMJiT-Xc4TaZsUs6bsn8lVBd3IQdaZJO5l036nue86JX-M7C6LUE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKGVoE8CaT6D08jwNsSAxZFmy0BE%2BqHnGZEcGNUYIObq6T72pWoQHdA%2FRA04U30ttgu1XaTzOkgIUIucacW3sLnIUouVUGR62K4KpujuSS1wlukVdfsapQPPNu4YFxES696n66GuYokdCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ce36f3e9d36a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH-B6YCGQ8UwTGDi18xdCr0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A0B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECcHgY7qdHae3KfxBqK_ZGw&google_cver=1

43 B
839 B

41ms
41ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECcHgY7qdHae3KfxBqK_ZGw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4no4gEwAQ&v=APEucNUYdEVRzgKSF0NP4ckEmmYafPmv9FHU_MqIroYg4KDOOhzng-jZK7_TjMsfZ70eKyEbxA-slerJfyqwQXbU8ZJ3sKj9XSjevqI0F0g5hIt26ckqzpWt_U2nWK6SKCDNMJiT-Xc4TaZsUs6bsn8lVBd3IQdaZJO5l036nue86JX-M7C6LUE

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
an-x-request-uuid: 86af50b0-3ad4-49c6-bca6-4ec56a3f99b8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECcHgY7qdHae3KfxBqK_ZGw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A0B2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NTgxNDUzMTUxOTk0MjE2Mg%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NTgxNDUzMTUxOTk0MjE2Mg%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
an-x-request-uuid: 9a07cc6e-441e-432f-a321-6703bb32ad36
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NTgxNDUzMTUxOTk0MjE2Mg%3D%3D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 8912 9 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 01:04:19 GMT

GET
H3 200 43280567f396343d5424196559bfbf8c.js Show response
www.gstatic.com/mysidia/ Frame 8912 146 KB
53 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/43280567f396343d5424196559bfbf8c.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 05:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54724
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 05:37:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8912 21 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 23:23:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8912 2 KB
822 B 23ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8912 23 KB
9 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8912 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8912 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8912 203 KB
64 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8912 37 KB
15 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 50C6 0
0 54ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1940217420885840&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 31C4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90a78da4c7333ca631c5ccc3a0e032856db38592c0a54767476e8f1b817c4c62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BD88 38 KB
13 KB 23ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 228846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F268 39 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame BAC6 1 KB
768 B 70ms
29ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 01:19:24 GMT
expires: Sat, 28 Dec 2024 01:19:24 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 31C4 0
0 134ms
67ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstK6Qpou_H7SCn5qq_8RUcLXZsV3heglCgQqgtP6P91AX6xEJAaJ1xBzgKnDgUbQCULgBf8_lz2-UV5e18_s6NT-P6XYFWOqBEgnzN4JcKWGvfVXU8nHCnEk3CGP4aO46IdY5ukoS6-FoXM9ix1qLdUb1n6ci-0ZOvkd7MuyaIecEWJx7s99QAk9pQtgIphlEYfRqXC42cIgoTkxjYn_PyRiA2Ymrd40peYFNgOjogxfCBBuzKL_TXnJpn-V1IsuOi2Ik5xDmZmW8sIFdhrw71V_il-FU3lZCbOFyhAEQ14h-a5D1LRob-TxsdYB-_kc1o1Cb6xVG1-haeiD9s8WTnvusRz7s9SLIrC3kIq2LnBpugnUmu8SfZqoSfCyokrrMfY_ssMzC0hvwDfDY2GC-9clhHmvyGztljn_cyoXU8dhK-FUXCMhiHmp7dG310i8kPLnslNWec0XB119YrBTprP_iCqmjbVH9u3iTOCvLXpe66WGKLFPzhm2f_FyGFcUmmBnUrfNPQXS8fFlzjp_dhqqP-oH8HF01x-bZ1LbaHF_QGO3WYltprIr1UTkGTjnrOO_lHaX-ECzRnHqM3DG4xwaNIusHPgucwJTfRSKT8xHBooSZ5UjRQalpXxyhQTE8HuRQ9T__qaFJPHdM_pePcU31_wlstTHOl6CxFMnssBYg7JY8NqDDl2VDKWdXfNiyb8JG6pV_app52Sl-LUNFWXoHkx89Y7iKi8cw6i_2y-HdyxUIrmDdwPib7YadPLQqxQofMXj6FOg9siJu8b4r7VkvWa95IHg-V-gyKLhVhLuSUgh0btFhZ2-zigXdUPCk-pH_CUbUaPPvcobQvGkwssVWLRmLbVmOpXP2hhOeeiYHmqVUxXOfjM6U0sAJZSoEM5J33mm-D0GqDghjGsgkNQGJ5RfCYJqZa2IRHs4lBPUK80wAW3b4VdZWnh1dKjAH1H2JoUxS-6uYyh8Bn8MD2DmTTD7LvFQMw6tDy0NB102jU246CZreaO8fiwqCFd_l0tuijdGorBaPlx1k6JS_lZv1buJonedne0kwTSVNBUjQGyshmXnUJN8ddQO8NjZpoRuZHGIZq-84rIeJ2kDQj9Hf9eHU7fxZBqOTcvZqBf0Q5ev8DHcHn0OOZil0_QqIqGWmbl3p8D5St-fKI2qS9pVyi2cFauSABWgKvR9juixWDYLfGQqieebP7yg8E3PDVJHZ50Po8kRLXQ1fgJlz4SPoKwjvgtjxRneqiOo3n2RKJzNXSYl66GpWm3BK7jyorNGV-LcEBSZ4MJ9tuZ_gk-bFs29yh9AJZt-z_LJWAHflYVgO6Ali_NVhXM1ZQXI5_mClHMDgVPUWwdyMnLO1QVXZUFZVm_U5Fn1Ke6y6uyWZo1kPnrowoGdntG1tnjMP0&sai=AMfl-YQe-Nu49HjMgZqynCOXkGd6w1jIVPRs-tBT8hQV_bREkwdjildXDjFsyAPPV05m6NX3wLY2eTU4I76bgpsSZCXu5T7dzfy4oXt2cbRyh_mVCx5NtVxowBaV4R1b01yxgwMkUhs1WPjRp7a88RPgjHd58O2x3DqJaRaPM62pyYBoND12Lv46en3YoXO3J4TBhipKp6e10-0NE2hxLyo49nl8N22TqoooE7ZeWcMaOmM5RiYRLSmc4duOK4QawIn-Cu7GkO58SWtVArUacTVQOWaf_PRXgaUIO8AHadx7SsCMsQQ6mL9AsYqSEC2T60twDcvyLsfZCM9-9zu6bmyogUDiPKtrJrJ5hdoVV0tvj4ctBeoijoOqXg1_KtiJumL0Z39LajsSAiehUUHPE3FMW8eRLejtFo4CkpiBmQWIl9b7Mhq5noqmxgiM-bB8QPl-FVpfUJrAZEgjMMRyBr01eODwdwqj-VHb6pPCF5qSkSizrfAIwhJKBGXHIRXM1OtvmTEkoJ4-8-augg&sig=Cg0ArKJSzApuWNaxcUXIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=131&cisv=r20231207.40789&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 31C4 43 B
1 KB 114ms
28ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577754&gdpr_consent=&gdpr=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 29 Dec 2023 01:19:23 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 29 Dez 2023 01:19:24 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BD88 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame CCE4 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 08:10:10 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BAC6 113 KB
38 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BAC6 118 KB
40 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 04:12:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F268 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JxoXdQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 31C4 0
0 59ms
59ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstK6Qpou_H7SCn5qq_8RUcLXZsV3heglCgQqgtP6P91AX6xEJAaJ1xBzgKnDgUbQCULgBf8_lz2-UV5e18_s6NT-P6XYFWOqBEgnzN4JcKWGvfVXU8nHCnEk3CGP4aO46IdY5ukoS6-FoXM9ix1qLdUb1n6ci-0ZOvkd7MuyaIecEWJx7s99QAk9pQtgIphlEYfRqXC42cIgoTkxjYn_PyRiA2Ymrd40peYFNgOjogxfCBBuzKL_TXnJpn-V1IsuOi2Ik5xDmZmW8sIFdhrw71V_il-FU3lZCbOFyhAEQ14h-a5D1LRob-TxsdYB-_kc1o1Cb6xVG1-haeiD9s8WTnvusRz7s9SLIrC3kIq2LnBpugnUmu8SfZqoSfCyokrrMfY_ssMzC0hvwDfDY2GC-9clhHmvyGztljn_cyoXU8dhK-FUXCMhiHmp7dG310i8kPLnslNWec0XB119YrBTprP_iCqmjbVH9u3iTOCvLXpe66WGKLFPzhm2f_FyGFcUmmBnUrfNPQXS8fFlzjp_dhqqP-oH8HF01x-bZ1LbaHF_QGO3WYltprIr1UTkGTjnrOO_lHaX-ECzRnHqM3DG4xwaNIusHPgucwJTfRSKT8xHBooSZ5UjRQalpXxyhQTE8HuRQ9T__qaFJPHdM_pePcU31_wlstTHOl6CxFMnssBYg7JY8NqDDl2VDKWdXfNiyb8JG6pV_app52Sl-LUNFWXoHkx89Y7iKi8cw6i_2y-HdyxUIrmDdwPib7YadPLQqxQofMXj6FOg9siJu8b4r7VkvWa95IHg-V-gyKLhVhLuSUgh0btFhZ2-zigXdUPCk-pH_CUbUaPPvcobQvGkwssVWLRmLbVmOpXP2hhOeeiYHmqVUxXOfjM6U0sAJZSoEM5J33mm-D0GqDghjGsgkNQGJ5RfCYJqZa2IRHs4lBPUK80wAW3b4VdZWnh1dKjAH1H2JoUxS-6uYyh8Bn8MD2DmTTD7LvFQMw6tDy0NB102jU246CZreaO8fiwqCFd_l0tuijdGorBaPlx1k6JS_lZv1buJonedne0kwTSVNBUjQGyshmXnUJN8ddQO8NjZpoRuZHGIZq-84rIeJ2kDQj9Hf9eHU7fxZBqOTcvZqBf0Q5ev8DHcHn0OOZil0_QqIqGWmbl3p8D5St-fKI2qS9pVyi2cFauSABWgKvR9juixWDYLfGQqieebP7yg8E3PDVJHZ50Po8kRLXQ1fgJlz4SPoKwjvgtjxRneqiOo3n2RKJzNXSYl66GpWm3BK7jyorNGV-LcEBSZ4MJ9tuZ_gk-bFs29yh9AJZt-z_LJWAHflYVgO6Ali_NVhXM1ZQXI5_mClHMDgVPUWwdyMnLO1QVXZUFZVm_U5Fn1Ke6y6uyWZo1kPnrowoGdntG1tnjMP0&sai=AMfl-YQe-Nu49HjMgZqynCOXkGd6w1jIVPRs-tBT8hQV_bREkwdjildXDjFsyAPPV05m6NX3wLY2eTU4I76bgpsSZCXu5T7dzfy4oXt2cbRyh_mVCx5NtVxowBaV4R1b01yxgwMkUhs1WPjRp7a88RPgjHd58O2x3DqJaRaPM62pyYBoND12Lv46en3YoXO3J4TBhipKp6e10-0NE2hxLyo49nl8N22TqoooE7ZeWcMaOmM5RiYRLSmc4duOK4QawIn-Cu7GkO58SWtVArUacTVQOWaf_PRXgaUIO8AHadx7SsCMsQQ6mL9AsYqSEC2T60twDcvyLsfZCM9-9zu6bmyogUDiPKtrJrJ5hdoVV0tvj4ctBeoijoOqXg1_KtiJumL0Z39LajsSAiehUUHPE3FMW8eRLejtFo4CkpiBmQWIl9b7Mhq5noqmxgiM-bB8QPl-FVpfUJrAZEgjMMRyBr01eODwdwqj-VHb6pPCF5qSkSizrfAIwhJKBGXHIRXM1OtvmTEkoJ4-8-augg&sig=Cg0ArKJSzApuWNaxcUXIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=286&vt=11&dtpt=150&dett=3&cstd=131&cisv=r20231207.40789&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD88 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcN2qmx6OZYyRFIrH1PIPlqeWyAsAAAAAOAHgBAI&bg=!5eal5qnNAAY3kmNgF5I7ADQBe5WfOL-dxAUtplzMetFlKxrz4-QTNl5A1THUdV__hxK3XJht36JKFS6j1xQtqe3LxyFdAgAAAF1SAAAAAWgBBwoACNQSB4uPjW-0mQNVr0wm8pH06g6YS2Y-Wue21dhgcMgXkESi64BYw-EAmYZfjQM1RufaGRdQ6OC3NiAqVxZHhJmFulg7QZDtJ3SJ66p1seThdIdW0b46ri9JLtysdthyNPl71LPuLuT37maKSv6jHokUq0Ycr8e_irzYy50HH1i-iMXIJ_hsFNWRZxcwJpq2fs-4Xn9jngJ1SIVFD0NLWfpDJ5SguP1WrXikyPxqdTMfQ8s3NH0gLRQAgI02D9Cz81k5EqstyAjP-m5hsd-hAGg7lFN6kRzCrtMpMuJoXOA8gU7hd-xf6zUE1HwzHsxUbwhgWSBUlneTHY7jnW5x7AcVP0xQFbG7HaBw3ATDRFRKiZ_Ei66hjkyGxfEjThGGa92G7sTZhJQlRsgBygiqnWkuXzHKXGZkStOKKtKtFwjjtLRVXyDA6ldYtf2QD9GWNoueydpnKWIZ_5W9ePiGwbziITwVKNeYwx5AkHbPcpwPh1JL64-J3sHLjHASTuz0OB2kK1dVgwP67oXDgkyrlj7zYRkjyiWnY879fBPRG9LpmyWkWnFmhJwuDEjxAH96_UIQh-1OkBa5P2a9WPI6gpEl73qslG3sAHjW1QpXz5X3zhesAvXikdeUgVLrZF0BjfSdyqS_YscJ3jNOheTZXwVTTy41VV9lx8cHsmu5SjqMF_lQv7wkcHILEikGAxfI-dxOBeur66SzlVLOUBzD81S3l5SOs4a8rTX-AaHZs6NJ8epDZElrg02K2HZfHosOLtqdXL5e5HpdgSGVmd1MAKqpFvzMf81ADiXg3NS4HRCj9ppc3_fH4VczdGwdINHQ0zY0V0fZs0TKawXihAdTQK5Ngb8I-kWV2gI3NZIENAUDXkIQkA_BH1pmKf3cmn0hx_fsBHxbftvyN_j1cpqesmX_z4s7i8XqLDrooJgGgPZJWxM_rW3Lnk6VSwtG9qwkGqaGd-1veamUS0VSCnpEjBIkSeuOIGympPwGpc4ghoWvxPhrBGq32zwnifsuBwPCZI2ObFNCmYfwb5IrcSUZAAe3CRYuVEHiI0OyjJZghlFixBs3ntLeKFYILUAegfZ6DXwSmFBsrgC1L0bsyrTwjsvsurNK-6F6VJ6eKi3XyjZ3KYqAVDd6ynyaHvpQAuGmzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame BAC6 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:21:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BAC6 8 KB
6 KB 61ms
61ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f9e71867451eb9ba7d043f150718bd3a4f908304500221664961a9d364e8085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame BAC6 80 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19263
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:40:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:22:39 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame BAC6 6 KB
2 KB 23ms
22ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:21:43 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame BAC6 5 KB
2 KB 22ms
21ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:27:46 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame BAC6 2 KB
1 KB 30ms
29ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:28:59 GMT

GET
H3 200 NH_D_NA_Miami-Palms_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame BAC6 57 KB
57 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_Miami-Palms_728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0545f27ba8edc9e3343e6cf00fd98585f90c6af18a9857235ef0fc198e28896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:10:09 GMT
x-content-type-options: nosniff
age: 555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58826
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:13:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:25:09 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame BAC6 50 KB
50 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=BJrNOJfzg5&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:08:19 GMT
x-content-type-options: nosniff
age: 665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 01:23:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BAC6 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 01:19:24 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 90B9 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC31 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEM0HOdA_xQ2YSUZ3gtnBAWbnXMK69ogn3SHrNH4lRpsnC1VFpHYQj4Gx6xwhQh-_-vlD6wM-XK6v1UZ1_Rw602jnfJUQvqF8E7P9Ah9SERqdealGjeMz_epqsyWp-FnD23cVqt2iJOc6xXqMooMEx2Hv3&sai=AMfl-YRAxbe0l1nOtO4p5yEBPEutb0xbmlLarSGnGJTIGS0KStAx7DQQfqijV9QUuIyc9Qhrlsa6Y9wDjTBDNiXSNFYeCb-CKJ6tTRtR8nntHsg4dD4IK6SR2v3y3WTHCqvVjVEuR32xprewEdUH1YQwuQ&sig=Cg0ArKJSzIeQIYssfc2VEAE&cid=CAQSTwAvHhf_UybJWhSwHofeos-i6aO8K8ibaexdi43pKexyfrEk_gXbxkdJBJWDI23QNArI1CGqbQtW3ya8JCBnE6WYHj7PQ_o5_gARW0OFhYMYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2904063243&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703812763315&rpt=788&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1940217420885840&bg=!8_Cl8L_NAAY3kmNgF5I7ADQBe5WfOBHNBqR-k5SH8MNOpNfIisToBrnFIqeThDuRSSHc6_Fasxqu4oeUopdgH-VhgraRAgAAAG9SAAAAAmgBB5kC7kmdcidS2B5UdVN2MqkU-vtdsjD-dpwj8ML_r4rvSLPfdjSmWJKj8aIbWmXx6FIXXB1Mz6I4C8X42Ja87rZZzDMJqALM2DvpY2O8UfBPCPWtywubtf0GaqhGlxl2_lotx9eSchfChiq3XsFgFSJtm_aSHjFlk2SYuNJE_oExo1Sa4ElMMSuE1a_jzXD_n76uzPNK0T-TnwVbjl88PQyiztGA0WpogteWtpqd7g-xy8KdAYjuj4VSWLSuxXiEYJA9MJB7_1iEGPOjjz5yBqhiONJYMJMFY9zVHVXIqOEiJ2fcFv8v1k_I7gvOlHaZGcSksQWsrK_YV5VCUqzzYQOiu0N5m-05orkALSnvM2oNjKDUiuM83HOEOfWEdO9qLA9sfPUbCLSuJIP-CpTyQAW49vSSxCyJYPKPpGbtpKYcXNk6GGoyy0QOVwgn-7ttKBUmWX9Sc2vUjIAVTDym2-n-KAmQTk8O8aXo0g8kClD3V31yW8dYdK_aLJwVts7bw5qLtdF-31UWn0UWH9ppKTWPfZFb8yh0xFd7O34YG7z1iv7UEW9kXJogRQw3GWrsxmTQRCluzuCGn5o6PaOI7gaZ4aQDdXtMPJJMYp5BQN8Zxo9CmauX5pM-BbxvgpdjjS5TeaEIZY66I5tY-60W9VoAI6KsxGt_TU_IXvnOXKvUzY6_Z0hAS771Cls_HCTc4qjj-9WKzAHKxoS0lU_grGU7PtGR56fumLb0ALRLAUAz8AC7jzrYizGWpZ7ZvVqx5RYeVv1AtCWIZeLdIkxf5E6fBTdzUjAFXFV7V30u2e3FS9sLIHQbRZD28NgOMwP0dcQLKUfTNW7c9wwTfwSJ6hD6KtEc4FZ5XahknhSXTKgrPLpf2NU6Irkcq6T0-9-GzRO2iXOfUp1AVySk1GjvesHQMU-TZy52YE5RZseNRkeguj27i3KUBaodJ1BnZFao_XpEy6qRWDu1cJfApiuyQvPLf3cY_mhfP9vb43vb-HG2yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31C4 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7QCyFsWzu6iR2CKMx1TcBOfpE7L7zxR7BEy2yqIo01cM_xUHx0RaxuaYmn64duDayE_K1WCioe2g_SDCrUTFhISPR9yEgt_cmpLLbr5VaAcxijluhkKcIM_m3ndAMhemsze5SxkspSmcYaF5luANGtr1u&sai=AMfl-YSsfy8siQM17J-UyT30B6gWZVMOjYPV58HaZlnjkSXf9m9TlGCO0adyuwz-jKV8omcs5ICUSG_6KCtgb4gtotnYbHIidySz88-Y266MKkU1VqeAwOnjp_D7dKwrT2wT9lGTQTCuqqRbuS7Sb6-HsQ&sig=Cg0ArKJSzKOdvA2eFDFJEAE&cid=CAQSTwAvHhf_LOuiaR4c290KDwcF5me5sY2UqFwy48rCamdSsMvq-tkwHgbt6ZETFVwN2snvai6NAHpGvp28oqqQ6v0xgo03LjKVESEUojKif7AYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=383,882,1000,1000,1000&tos=383,499,118,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703812764469&rpt=351&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 01:19:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1970-01-20 17:16:54	Name: __cf_bm Value: YtWHhJu5T.1ff2QqHYw7U7BfOqpHd8cxcEpPAm6LnTw-1703812762-1-AYELzuWne3MetinY5qGyJAjBgfzzSHpjJUM4HxSuZP1nNUHXW9Jb8ZUbnhZP1aj35Y8/YVhZvPSWhKeHEa3oFSs=
.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: UnFEaQY99f29z.22qlKIAOD676K4d83ACUMYIYdKsmE-1703812762989-0-604800000
pogothere.xyz/	1970-01-21 01:55:16	Name: csu Value: 961696452439244@1@1703812762
.robloxscripts.net/	1970-01-21 02:38:28	Name: __gads Value: ID=c64a05a9df2e0570:T=1703812763:RT=1703812763:S=ALNI_MYr5N8vigCJsXO0DNoZZI_TWk6Pfg
.robloxscripts.net/	1970-01-21 02:38:28	Name: __gpi Value: UID=00000d2f0835f4aa:T=1703812763:RT=1703812763:S=ALNI_Mb7P9RLO3bavgsSrTw3FcW2i85Srw
.doubleclick.net/	1970-01-20 17:16:56	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:38:28	Name: IDE Value: AHWqTUl9Xr9usMoawipVY-yRyIYc_jbHJv7037Oa0oty78QGnWA8MNsvYpPQ10oU428
.casalemedia.com/	1970-01-21 02:02:28	Name: CMID Value: ZY4enF8YUHcaqoVt.DIkVAAA
.casalemedia.com/	1970-01-20 19:26:28	Name: CMPS Value: 3311
.casalemedia.com/	1970-01-20 19:26:28	Name: CMPRO Value: 3311
.adnxs.com/	1970-01-20 19:26:28	Name: uuid2 Value: 1685814531519942162
.googleadservices.com/	1970-01-20 19:26:28	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 19:26:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJk:y?0!]tbPl1M>e)ZlrFUfJ+tGXxoa_>F8>L!zW$DbLa[BtsOKG8]'aaSeO77c[03If)y3KL9D3I?-7w:q7
m.exactag.com/	1970-01-20 19:26:28	Name: exactag_new_gk Value: c2fe0fae8c8a4101b808be6a2f531e04%7C27.02.2024%2001%3A19%3A24
m.exactag.com/	1970-01-20 21:36:04	Name: exactag_new_uk Value: 09b1cfced772493da95fac4853ac6a6f%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 3feae84c2a994060af4ef34f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3tCftwp1wk51ObLIrCtQ5x3nsE2u0DQi3E_7q0KAUeOTeotyJ-XDNHusjeJyVzy8p2kjEF&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-872078782%3A1703812763042489&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2Q1SPipu7GiJH7zNIBoMxKUdZGP-K071sZt7pgu8qGjAEehK6TcAWHsrjGPHv5CMgiA7Tg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1442932359%3A1703812763044057&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.doubleclick.net
cdn.discordapp.com
cm.g.doubleclick.net
dlh8c15zw7vfn.cloudfront.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gladthereis.org
googleads.g.doubleclick.net
i0.wp.com
ib.adnxs.com
m.exactag.com
pagead2.googlesyndication.com
pixel.wp.com
pogothere.xyz
robloxexploit.net
robloxexploits.net
robloxscripts.net
s0.2mdn.net
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
use.fontawesome.com
withdedukication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
104.21.70.127
142.250.184.198
142.250.185.98
142.250.186.130
162.159.129.233
172.64.133.28
185.89.210.180
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.230
2600:9000:2090:6600:15:9ced:b8c0:21
2606:4700:3031::6815:44fd
2606:4700:3034::ac43:c918
2606:4700:e2::ac40:8d0d
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c02::54
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
52.222.214.70
85.14.248.91
0545f27ba8edc9e3343e6cf00fd98585f90c6af18a9857235ef0fc198e28896e
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950
07a15cb778fd35290ee6949422605e80525668618bb6567b22e51f4bf9c0cfd0
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
163adf926e11f38baf5b238eeef7756a6fc46ea435d12a4ddd77039c71f26f42
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2302f0e347573e5d0286b6b13ef6430b17d99d2ed0f12568899f972250f55549
26e020ebe6f3a524d471f871ee25665bed74ad50d12dd216e2b0de9d7f7b09d5
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d81d5489bf028fd09f6e0358faa7254cba0a2bdc69c4ac708d60fd4ba7fc590
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3908ef5efb68a966ccbea59558b303788cff6470e7451bfb6a6eae9742bd070f
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
402b33aedef532331ad11608226b71d791b63ca688a20c1b90cf9b90e96aa38a
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
451763f38c07ca6765fb0dfc81a046df11124035914f2cdbe6af0891c6a9be12
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
55225177e951f130f18f083ca3a825ec67df44fa99c6ffbe037ef08c2e2821ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d29d1b10a6da0e25ff1bba88b0701b5c05c6544969ed31aac4eae3ed3bd075d
5dcf2ecc8fcdc01d1f390be9c1599b74c9e39162a692aa0da5bb1e40e0701ff2
60ae6fbb6fc504c5bf17d7a06f91eb0baa6e930f401f3c8f1892881623ba19f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6448529832fe7d052996546e748663b7d116c694692511018c1212d4e50df779
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2
7210ffae4ea7badc94c99bdc514077bd4ee217433338bd11bff22201ac35294c
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550
7cb05fe22ae35f11c9e28c7997a1f1f2da06418c0de2f580782088130b894604
7cf2535ac3543aee266535cd5ef42dd5df15d9c1013ecb3c831d0924ba20e9e1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f9e71867451eb9ba7d043f150718bd3a4f908304500221664961a9d364e8085
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90221ffe84a937bace0ff97febc9b9c00ada4c2d505fab8171691d453189c5af
90628502cb1a48f11dc4f6fc164333280cb8f9129d6fcacbcef45458fc1554b1
90a78da4c7333ca631c5ccc3a0e032856db38592c0a54767476e8f1b817c4c62
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
992ee60e2a5686760238ab6f2fb415bc6aa7b90bf7862389a71519faa58f9043
99d4c42638c3f0d4cd4d2891abec4cf56681abf61ea8644fb66d2cd93d08b014
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7817c1465e3cc79c837667eda0dddcf0cb1903fc085b337790721a1be0c1bba
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b125cff90ac87816331fe204b6cd17fd2aabc044bc1f50bcee1652e117e143dd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b68ae28314855f2fbf9bdc105f49e69d1a5a53bee61d40156b444a113c9d88f2
b8b44c9128abdce2345e601b2546cca99f2516eb9310f669d980a5fd24413a7c
be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4e5d6a39db3b04fdddc5ec221157b7baf9628721c80adb3c2c61d34c258eb36
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d11b3f88e8e03d8a37e85cea00c18e02f588570c061663dbd6befbcd58943bab
d4377645a2cf1841ffdaafc7d796688342339c3660af2e186073fb110f9f813c
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
da4a0879dd78602b8a4f4e6d99585ab01b350b1ecaf3f804f95d26f7edfe25db
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db59a6c8bb3ca2124938bb7f0970619e51ffc094595351015a4a61dc1ba10f10
e00ef8d8e4494291e3e1041bef75833e7948ad3cc8e30748e0cbe55704ae3168
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a5f09ee92cc06d2567a4c1a34431fffaaa025299765cace91c872d1e6ba93
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8138fe504e37a39c2b87803d864db3815e709ee799b539962b25a97160681a3
e8df7bd495d8fc2c7e9a7676c3aa105e1f913a2a1776bf5d01652aeb697f2bef
e9034cb5c93deabdf13ad27110fdbb73bed2f480f38fd00e0ba4dd2c71c6f97e
e9885e4aea54f587ccabce165b42e0b3cd097030a72d4153b6eff6362d4f9bc4
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ca40b0db476cf46f6b4ad254f649cc6c25475cc4a759f9ea70ca62dc75d918
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

robloxscripts.net Open in urlscan Pro 192.0.78.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

93 %HTTPS

53 %IPv6

22 Domains

30 Subdomains

29 IPs

4 Countries

4002 kBTransfer

7296 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

robloxscripts.net Open in urlscan Pro
192.0.78.230 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

93 %
HTTPS

53 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

4002 kB
Transfer

7296 kB
Size

16
Cookies

136 HTTP transactions
2 data transactions