robloxexploits.net Open in urlscan Pro
2606:4700:3036::ac43:a949 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://robloxscripts.net/
Effective URL:
https://robloxexploits.net/
Submission: On July 29 via api (July 29th 2022, 2:00:25 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 21 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3036::ac43:a949, located in United States and belongs to CLOUDFLARENET, US. The main domain is robloxexploits.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2022. Valid for: a year.

This is the only time robloxexploits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3034::ac43:ccad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3036::ac43:a949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:214... 2600:9000:214f:ec00:3:62b:d240:21	16509 (AMAZON-02) (AMAZON-02)
10	52.219.177.129 52.219.177.129	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	162.159.135.233 162.159.135.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	142.251.36.130 142.251.36.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
104	25

2 2606:4700:3034::ac43:ccad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

robloxscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3036::ac43:a949 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sapi.robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:ec00:3:62b:d240:21 (United States)

ASN16509 (AMAZON-02, US)

d3oy68whu51rnt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.219.177.129 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.159.135.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rnoddenkn.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

chedstimaarr.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.130 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cheatermad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	378 KB
11	robloxexploits.net robloxexploits.net sapi.robloxexploits.net	230 KB
10	amazonaws.com s3.us-east-2.amazonaws.com	7 MB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	77 KB
6	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 118 adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	1 KB
6	freychang.fun freychang.fun — Cisco Umbrella Rank: 26410	303 KB
6	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 3405	2 MB
5	chedstimaarr.pics chedstimaarr.pics	2 KB
5	rnoddenkn.asia rnoddenkn.asia	7 KB
5	cloudfront.net d3oy68whu51rnt.cloudfront.net	240 KB
3	gstatic.com www.gstatic.com	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	86 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 893	103 KB
2	robloxscripts.net 1 redirects robloxscripts.net	1 KB
1	cheatermad.com cheatermad.com	40 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	647 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	41 KB
104	21

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	robloxexploits.net pagead2.googlesyndication.com googleads.g.doubleclick.net robloxscripts.net tpc.googlesyndication.com www.googletagservices.com
10	s3.us-east-2.amazonaws.com	robloxexploits.net
9	robloxexploits.net	robloxexploits.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com robloxscripts.net googleads.g.doubleclick.net
6	freychang.fun	d3oy68whu51rnt.cloudfront.net
6	cdn.discordapp.com	robloxexploits.net
5	chedstimaarr.pics	robloxexploits.net d3oy68whu51rnt.cloudfront.net
5	rnoddenkn.asia	d3oy68whu51rnt.cloudfront.net
5	d3oy68whu51rnt.cloudfront.net	robloxexploits.net s3.us-east-2.amazonaws.com rnoddenkn.asia
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com robloxexploits.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sapi.robloxexploits.net	robloxexploits.net
2	accounts.google.com	robloxexploits.net
2	unpkg.com	robloxexploits.net unpkg.com
2	robloxscripts.net	1 redirects
1	cheatermad.com	robloxexploits.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	robloxexploits.net
1	www.googletagmanager.com	robloxexploits.net
104	25

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.rnoddenkn.asia GTS CA 1P5	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.chedstimaarr.pics E1	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-07` - `2022-08-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cheatermad.com E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://robloxexploits.net/
Frame ID: AAD20F6353055468275D79A2B676C8B5
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: 008EADE40465BBB77F4B2600A9BD4744
Requests: 1 HTTP requests in this frame

Frame: https://rnoddenkn.asia/MFBSMzZRMjFeCVFtMBVDQjxvFgR2dWB1UgM/KwUORzgnBgdCPiYdVVw/J1dQQj88RxheNSYWBHYFM1gHBTFgUHx5ODF9YXJkOXtgajUKAF55BxRpe3onPXZ1YiAlfHUEBQJdUWQXPnp3dBMlcXJYPxFrTgg0Fl10egQDQHp5KGdkZ2FoOHRaagcGcEFUEwRDU1EnYlF1cRYlckEENhBZUWQYOnJQfDxqVnRcMzV1XnUfEFpzaQQ+ZkVVFjZRZ1w4a2ZkRx8QcF1nGBBhZlZgOXVzAGl3AXBjBiJrZHhhMWR1ZgA0A11TFDVhAWQFZ2Z9dzgeZE4JMzdlG3IfBGVZQxMAQHp0Kj1QdWEnFnxgSAobZQ8VYhBnXWYFCnRefAdiC3R6AWJ0dQBpdwFwfztnZWFZFQNyd3oANANdfRE1WFt2OxhwYXhgM3JOZRYbcU5/BgFLDmMGOnlhXR4fZAd2MQsDXmkFYgoTAhYBYVF3FBFEenE7GGp1ACgLZnNidWBxYgBgAWUFSBsFX3RpNhcGU2VhKgpnZmEDZlgEdjhAWV4gb3JzQwRnWUcFOhNmXFkgHQ
Frame ID: 67BC272DCE1EC6E09EE1CE10712760B6
Requests: 2 HTTP requests in this frame

Frame: https://rnoddenkn.asia/amVocDQLBwsdCwtYClZBGAlVVQYsQFo2UFkKEUYMHQ0dRQUYCxxeVwYKHRRSGAoGBBoEABxVBiwCCxt5WgEwH2YmIwckZjs8GSVxAiE6Q20uND06YSEwCxFyKy9NQnYzVT05cTsnXDRgJz0uJwAiIREiWDskUBVgWSg7N2YZBiIxWD4tEAdTKTA6E3ETAT8jcV8wJkBlCyA9SAE/NFgndhMJKjFTUjcyJXE/NxBIRz4NHyd8Ayw6Ik4SLQohZjs2LTpGOx0fJXIDHSwyWFMkC0FbKD1YMk4oMD4lZQc8ID4FUyQLQHkJIy0iBy8wMURiWSAtNGESIgkYGSwtOxh5EDcqG1IoNjInfAIoLypTMx88QHJaIgMqeTxWLTVsOCAJPgUBPzBAdSsgPRR/IgwYFnEsXCkTBSc0LyJfGS0+Mn07DCoTdhIwDjpcLC04NXoQJ1kEfzItMTVlWhULE1MOJzBAdhA3ECFXLx8uFGEvAlgUUw4mPjVyWyAPMnw7Vik2ZQENLBR1LCc8NX5dJAM6dzs0ThpHBQsYTWNaFwszeBIsDSZuGBA+
Frame ID: DA966276D24D14092AF738F6140F8F2B
Requests: 2 HTTP requests in this frame

Frame: https://rnoddenkn.asia/RjN1T2onURYiVScOF2kfNF9IalgAFkcJDnVcDHlSMVsAels0XQFhCSpcACsMNFwbO0QoVgFqWABpIBgCN2otDhMERCQHPj9mNwsGPnkvCVsVZUUZWQdbHgAiL3UjABIlCiU1LwJ8Nx0EBHICGToVZkAbKBN4Oxk8J2ENOB0EVEQsPCxiMgw8PnEROAEJckV+BhJbQR0iPEMjBx1+ZjsOXgJ3DRpbEltNDj4SRD0KKyFQJR4GFmYPFQEUXwUKOyt1NAc7IVY7HgkidhkZABFyJBk8EX0sGFsAViwaWxx6RBkAEXFFBiIrVxYbWw9KEQkaJ3QgFQYXZlh2Phd3NBYtIQMjBQ12ejYnASpnIygEFGQ/KTgAeTIrLDZSJh0Zc3s0LCQQZDg9Pnd9NB87A3E3CTwsZDR/LwNJGgc7dmE2Fjs1cDA3Un53IHY+CF43Fj0TCjQpW3dSI38oYwEzGDwqZSMYJB90JA49C3EaCzgDei0XPCpkLSIgI2c3HSQfdQEtPC15Ehdbf2UnIiwXazMVIx9UUyUZKV0FcjswfhsWAx9XQyMMMn4BHg
Frame ID: 5FFF488F60AE2D988FD2D4594597E65C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1659103218&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frobloxexploits.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659103218377&bpp=3&bdt=833&idt=271&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6153425023421&frm=20&pv=2&ga_vid=2025273185.1659103219&ga_sid=1659103219&ga_hid=275378548&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068622%2C21065725&oid=2&pvsid=2795691057951708&tmod=1253391901&uas=0&nvt=1&ref=https%3A%2F%2Frobloxscripts.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: 28921BBBAFD846C2BAFF2F857C5CE3B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
Frame ID: 457796701C5EAF1C0AB98E5141CE560A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3BB349F29C3D9B7F34DC76813EEDB1FD
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: F09E193FDEE7A17E7A7EA19582D606B1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 20E544ABD82F7DE3D2C16F88A1D77E60
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: AEDAC363259D9B0E477A0F77FE5CDA2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: AA8CAFFBA973FBC9E4A015C328CFADCE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE5F85462532D7E5AB4FA278EB44C171
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4E5981CB29AA4CD190C94BCA4EABFF2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ROBLOXEXPLOITS - Roblox Exploits, Hacks, Scripts & Cheats!

Page URL History Show full URLs

http://robloxscripts.net/ HTTP 301
https://robloxscripts.net/ Page URL
https://robloxexploits.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

104
Requests

100 %
HTTPS

83 %
IPv6

21
Domains

25
Subdomains

25
IPs

6
Countries

10349 kB
Transfer

12471 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://robloxscripts.net/ HTTP 301
https://robloxscripts.net/ Page URL
https://robloxexploits.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://robloxscripts.net/ HTTP 301
https://robloxscripts.net/

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

104 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
robloxscripts.net/
Redirect Chain

http://robloxscripts.net/
https://robloxscripts.net/

354 B
774 B

345ms
326ms

Document
text/html

2606:4700:3034::ac43:ccad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ccad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e9052bbfeba7f1eee9399874963d553bc554c1f7ebfbd0295809caf92f04c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 732661417bc69177-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Jul 2022 14:00:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sat, 16 Apr 2022 18:40:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfVsBXYtLwPTR0fB2PYUyu6q7wKhvx4UmWHvMWclGEypHDnntEfi13%2BYEVQhBh5CiqYzWLwZAq1zzebqa7gpumK1G51Sf6fUM6YbJrEo76WR9goptc1i4Akd7wVpmX%2BM6vxKqsOitoPEOCCk1TKK7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 732661413825903c-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 29 Jul 2022 14:00:16 GMT
Expires: Fri, 29 Jul 2022 15:00:16 GMT
Location: https://robloxscripts.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y67PpXqXYQTUeznFETPXBclbnmwgVtWTuzc%2BTQCqPK5YawRU6cypc45Qm2hYbPRJ%2BtOfIatEth22eBLYVIlQlUKkJ%2BoXcsvc9dVHR7OpD8SpwItMqQ8R0ly93HNim1IHFwAiZiDimuaEAyOkybmZvw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
robloxexploits.net/ 53 KB
15 KB 283ms
255ms Document
text/html 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f4e57b536259784052a2132c50f382f6bb144c55c5cd24e8b31f0c6bbe5d2db

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 732661440aa5bb38-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 14:00:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkgVCBBgznWrbyb7CakKQbfWrjQtJvliL57lO01XD8uErZRV47JP9zIhhobPH%2F5KvecVqo1Ugcs6956xkkaA1c67S%2FMXZ1m%2BDsA%2FtWITz9rWRi%2FWDc%2FidR2cOloXI3OJz5tCuj3s8E%2Bn2qrEh03q8SM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
ssl-offloaded: 1
vary: Accept-Encoding
x-forwarded-port: 443
x-forwarded-proto: https

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.0.7/css/ 62 KB
11 KB 47ms
17ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13043645
fly-request-id: 01FX0CS9WZ5S337N9BKFA0FBG3-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"f703-kEpTqbib37RBQP2PIpppYa/VnfU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73266145fa3f9ba0-FRA

GET
H2 200 / Show response
d3oy68whu51rnt.cloudfront.net/ 368 KB
119 KB 200ms
171ms Script
text/plain 2600:9000:214f:ec00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ec00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d0452cc7bcefb2c8ae6db41d80640db4ec93a6d1b39d7e68b988169239a46919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 121042
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: RGDAu5M49MvUOZbTwDyjF-QynOUkJ1P2QuPJZrQk3DEhHXD78Phudg==

GET
H/1.1 200
OK adblock.js Show response
s3.us-east-2.amazonaws.com/robloxexploits.net/ 64 KB
64 KB 516ms
140ms Script
application/javascript 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/adblock.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 369a6a49db93c6e064521a21f5a633f84c3169953ad0ba205a7b97b67b34e91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:19 GMT
Last-Modified: Sat, 16 Apr 2022 16:58:21 GMT
Server: AmazonS3
x-amz-request-id: M123GAWJ5F7RP02H
ETag: "cd9c5ec9b29e09bf6da07d23c6ea9b53"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 65187
x-amz-id-2: fSXMR4cuu6xBb+gMiaqNNaFOJOGWh2n6mTFWqr8T2GoRQM6q5Q9J2dLcvmnrz6BVOF1NuPwq77s=

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 61ms
32ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

469e4c031a7cb66429b730d35318b5f3555cdc467bde7c6745aa2c3c412475f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Origin: https://robloxexploits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56648
x-xss-protection: 0
server: cafe
etag: 8158604129523636437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:00:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-170951207-1

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08de4774a914b51f747630b27570472e2691ab19a66db0cc932271bf5b1c822d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41838
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 14:00:17 GMT

GET
H2 200 8dd1330.js Show response
robloxexploits.net/_nuxt/ 3 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/8dd1330.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77193286bc4db44dc90a6f5dd275573c117394e7f0de7cf9679178e1b588c86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 73266145cd43bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"a37-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iv9WIHPCRhg2YuGTinjr9RqVDQPUnJhT%2BmnD1huXE9IrEKW2e8IQKtgQziljOaChjocY7kc%2BW26HD%2BWKlwxAa44DtxLWx%2Bbo%2FwIw6qohmnBMTvSpj%2FKdwywxmARA7735QMUkUTBrfBwUVKKDaR19P5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 2d7f587.js Show response
robloxexploits.net/_nuxt/ 228 KB
80 KB 28ms
26ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/2d7f587.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32c109e490a356a57ad4d3b998bb9ece8b36e1a2c4ee6f4a2948b9dcc561f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6366825
cf-ray: 73266145cd44bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 21:25:40 GMT
server: cloudflare
etag: W/"38ee8-180cec33135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiJvcJgBiyw9t00Lsb8yqj0Gzl%2B70j1YUxL3PfXFw6oLh1fjjn7zWvjTcFQQ4h47m%2FYg%2BND5bHCXs6Z8BJd81SBnToQdxQ4ZvUvvhDxSa6KemHuIP0sERvdRe5WNEgB12bJsjkma%2B0Z%2Fg1yE0R57auw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 9efe949.js Show response
robloxexploits.net/_nuxt/ 158 KB
48 KB 27ms
26ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/9efe949.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc98c6bd67b93c2771347b78dc879dfc943daf402102ece567d7c565fa4ce3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 73266145dd46bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"27736-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9BiK4%2BNEYLpjRWcBF1ZrtgY2rQwGk4jRJhFmaQ%2BpXV9vSjBh%2BcYXFnbLFaFEHDR%2Fbb4%2BOAj8oa0Yuml%2BpwyG1uYyEXDUNmuQNOf2Qj%2B6aT9YBPXf83HFLBM%2B4V%2Fz0b1itqlcp018o30pxy3EJ2WHgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 98b75eb.js Show response
robloxexploits.net/_nuxt/ 100 KB
26 KB 19ms
18ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/98b75eb.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47cccd57deb2e51ef0359e10512d66d16b3bb10ea9264706ff92724cbe7f58be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 73266145dd47bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"190d7-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIY9Lz7dzWSLRC%2FVlbjzDM23QHEnykV0c7OVUp03AwMJ235%2BCq%2BkbGfhZG%2FmwBx%2B3TwA0NtoNH%2BIOHGds5J9gebLBv7wfxmLcqZBx5VcSwiZYAxy2sxhumOBslaZt2esTdwZJPixMuFwcmsFYADcdZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 431604d.js Show response
robloxexploits.net/_nuxt/ 13 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/431604d.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e09ae6bc007d831e5fca3b3772d06f072d082d45d441af143e1e00fe5dcc8012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 73266145dd48bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"3557-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D24IqWyEoEypek6tTq1fYHV1sLX5fvAz9C4XTMNahmx3WhJP6cw877LB742K8Kqv3Nu9kGFPKekB0xF9mtq9LI4UE141eY41ERHES4oUM%2F5lnrHtPqyJBLyRsqFkUOkIBlFRdCgHuG%2F3V2yokIBEYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 f9fbfe4.js Show response
robloxexploits.net/_nuxt/ 100 KB
35 KB 20ms
19ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/f9fbfe4.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58aacc560f9d43566d184c2ee69ad8efc9d820f762cfe5e4441d220927cb12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6315107
cf-ray: 73266145dd49bb38-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 11:31:32 GMT
server: cloudflare
etag: W/"190b1-180d1c99a72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y10yIXDtIBw0Zsad8odHqP4%2BLYtTLaB2QtlTB6c%2FewdXZSr3SYimWFHfYyicjp8j%2FKgHJga2X9ImnoiHNnqvmKvBQYCdlUkmTMWNNPW%2BmblNUqBEULdwr9z8QRTFBrECaOhsca%2BeWHEeI37CCLhSiAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 PNG_WHITE.png
cdn.discordapp.com/attachments/866425921661042718/872477577560870943/ 48 KB
49 KB 52ms
25ms Image
image/png 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/866425921661042718/872477577560870943/PNG_WHITE.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44119507501add5c3071d961e28f2c4522572dd68fcb2588092edced4a71ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=hZbj2Q==, md5=UrIbbG03jDqdwDugZGU5nw==
date: Fri, 29 Jul 2022 14:00:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1707946
x-guploader-uploadid: ADPycdu_7j0iFYd7CUMmBZcmpaMbfNOjYsydKhEQ0WJPaEpgo9LgPMntgk19cJbatRmtjcpTUu4Oa6qayZA0YIxjK40RiQ
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48995
last-modified: Wed, 04 Aug 2021 13:54:24 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "52b21b6c6d378c3a9dc03ba06465399f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZ8GaCF%2BRkYWxuPfKVDz%2FnRu1BXWwtEuTZUr1AV3fX3cgIRpJCFHB8XTXfbbJ7Mn%2BRJzHChKkvcNXVVwAAcz2f%2FUgosN45AQS3ECMwXTj7ZfNJ%2BKo9Fj%2FcoK7afdv5VB1jp7jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628085264376742
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 48995
accept-ranges: bytes
cf-ray: 732661482bb19b70-FRA
expires: Sat, 29 Jul 2023 14:00:17 GMT

GET
H3 200 xd.png
cdn.discordapp.com/attachments/857197028190584833/962610919995748392/ 58 KB
59 KB 35ms
25ms Image
image/png 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/857197028190584833/962610919995748392/xd.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce5af5b0ba07c8704e9d7d12e9ab2d535ce88476ea34ca0ca208e92e66e6890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=aPB4Hg==, md5=P8x8IRdga9KsEMfvbFqRkA==
date: Fri, 29 Jul 2022 14:00:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103754
x-guploader-uploadid: ADPycdsXwE2CMZGaiXxCOS_owh3hj0VH1Z7Mca4EoTOq3bKe9IKc_81gNRQ4Ey_f1XVK9GlcUxZxb0yjD3rnKGtBDOeWhgAe7huA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59395
last-modified: Sun, 10 Apr 2022 07:12:07 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "3fcc7c2117606bd2ac10c7ef6c5a9190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xruKnE%2BYjHwmVDlShdeXyr7HYTwDp9PEJOv30z9gms3XHE9dAeQkKJM7KPN6%2FDs7eyJU6PE8X348H37d%2FOOAH1w5xKnd4y2X37mCLeCdSKaPvJIi0LB2i%2FQx5jjFmjuEJ%2BSXbA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649574727809238
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 59395
accept-ranges: bytes
cf-ray: 732661485de79078-FRA
expires: Sat, 29 Jul 2023 14:00:17 GMT

GET
H3 200 AKedOLTGUVMiLfCqcu6Q9Lo0vxExvqgWNBsKmFTvHy_vSQ3Ds900-c-k-c0x00ffffff-no-rj.png
cdn.discordapp.com/attachments/830503517399416892/876823113273339924/ 720 KB
721 KB 23ms
23ms Image
image/png 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/830503517399416892/876823113273339924/AKedOLTGUVMiLfCqcu6Q9Lo0vxExvqgWNBsKmFTvHy_vSQ3Ds900-c-k-c0x00ffffff-no-rj.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0d157c4ea23f4392a3fb4d1f2b0e3292a9d60809219b912cded188650018bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=7vrJMA==, md5=eA86gTye2cJhEt4BZ093Sg==
date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709077
x-guploader-uploadid: ADPycdu0-kNYVkJufArG4-e2MpDXc-1ejmjLEoEBFjQkA8k0xl9gEcwCaMEtVTo4fIL1Iln0dV3un9-MbyGXF5Npq306pH6RoCaJ
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 737344
last-modified: Mon, 16 Aug 2021 13:42:00 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "780f3a813c9ed9c26112de01674f774a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eKIaZd0QxcsMi4YRbDVDSzwMDbe6B9UtiHMazvdXqD6bxET2IVyiai5PjuffQZofaUGleDxid3QoVCjyOyTBaJ0f5ljrhtRIM06KfHzfEJ%2FYAmol8iQ5eVYneNkv2jWmWC27A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629121320847034
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 737344
accept-ranges: bytes
cf-ray: 732661489e469078-FRA
expires: Sat, 29 Jul 2023 14:00:18 GMT

GET
H3 200 unnamed.jpg
cdn.discordapp.com/attachments/929421642235519037/983338386662244432/ 2 KB
3 KB 32ms
32ms Image
image/jpeg 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/983338386662244432/unnamed.jpg
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387fb9ef8d5d6ca50b902dcf02c4881b1317c780726ed29372b90cde6cb21c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 691885
x-guploader-uploadid: ADPycdtX5PB7WSsE4GhIos_Wncyp5NKq_RQybu5EpymqTaWndEbLDoh44aezeQD8uF0kyJ-XXpJH2W2SnhBRnfRpysAp8w
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDlfltVoGy0oDfSY5kxk7jpBIkMDEFhl1%2BxKFFqnJ9ULw9Pr9B5gfchUeQH58vaI5cbuJuk4xwbDOw6yWPqMP84b1LvcmEAc%2Fd%2B1lOmiNLC%2BQTk%2BHQ565lcYcDlmYy9y3nBnMg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1932
cf-ray: 73266148febc9078-FRA
last-modified: Mon, 06 Jun 2022 11:55:40 GMT
server: cloudflare
etag: "758cf97c5feb91949efff044e825464e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=rf9UlA==, md5=dYz5fF/rkZSe//BE6CVGTg==
x-goog-generation: 1654516540962747
content-type: image/jpeg
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1932
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Sat, 29 Jul 2023 14:00:18 GMT

GET
H3 200 unknown.png
cdn.discordapp.com/attachments/888735800454434858/983337937343238164/ 681 KB
682 KB 20ms
19ms Image
image/png 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/888735800454434858/983337937343238164/unknown.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b81502b702906c2cfc0f8e81a5341fbf63b2033de9b35eed3fb1f4c8c0f54c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=rKEcmw==, md5=idH/CMNmXX5k6Yy/79YGlw==
date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165310
x-guploader-uploadid: ADPycdseWYdaO-vQWQiNIxouM5fqAoLJxLOAcHL2BRICE54nzUiBZ3hXOLB-M459nx0bAK0lZDyWXly7qeShMuO-VCTssw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 697116
last-modified: Mon, 06 Jun 2022 11:53:53 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "89d1ff08c3665d7e64e98cbfefd60697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qIF9SQmbyLEdLDpcwVOiunu7PETapTeRDFdGfn%2FBTXY202NfRXrTkTzQ6L9c0J1%2FKE9LepVe7gA8IEWRusFTB5rZRRojxWiHoLxNoYUAg9OVARw1v10decabv%2BxvojQ%2BD24dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654516433840030
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 697116
accept-ranges: bytes
cf-ray: 732661492efd9078-FRA
expires: Sat, 29 Jul 2023 14:00:18 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 52ms
24ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jul 2022 12:36:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZHU6tkF1aTCyUo6PY%2BqTvxcp9WhTO75APzhoiX1SaTAVVXmdNdLvZVqO0Unb%2FreJjKkEwM3IrISQMTCLlWENMIXn%2BhfJD9kMafBuAUjGfiHG0hEgUD9RGgjBBfz535PX8P1p%2FIE76ZTppZF"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://robloxexploits.net
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 732661476b2e9261-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
366 B 138ms
111ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2af9b2bd531431b0ce48639f213f446ca3c289661ed3f9c90684c9c55816c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7rkhzXrc97s8thw%2BVHdkqjbTvRWJpnt%2BYOTd01fR0Xl4aqzWrRvabYMDjOesz0ch2bbZSwSPUqSkVL7T%2BLkTjpdZ4yJL7Plgj0TjsvoTQ1yjLvbG8ayFkCQgpnwOy2YbfhCoTjR9%2FgPXE8b"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 732661476b2f9261-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
rnoddenkn.asia/ 0
733 B 131ms
104ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rnoddenkn.asia/utx?cb=y3BPcpoQz0Qu&top=robloxexploits.net&tid=955131
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX7ey8UuI9FnjXZtcK9UYSx0TI0N%2F0VjFhVpx4T1Lsbm5XjMh2lGYHnT8%2Fjw2FPnVtdT9jpkcxga3wyAm8v7P1PTDlQMrLBH29%2FtYxBLXd7%2FNSCcRairI5WSqc8qewEd6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxexploits.net
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
cf-ray: 732661476eabbb83-FRA
content-type: text/plain
server: cloudflare

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 57ms
37ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jul 2022 12:36:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HS1OXmvlYs%2BpKrCo0F5AgqJrzGnwu7b0fI9Ipc6jES9dUbH8%2FQZyhfrnEW2ZQvVh6CaYTnk67lKYwHF5u14OG3oH5rS6WqXRa5jhykvYgxnEB54W0tcwqbNL97SU9aVxw1boQdKJkzPyIyHE"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://robloxexploits.net
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 732661476b349261-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
386 B 130ms
111ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5a403af32c95c65ca17bbe042ca18a7c581f5d77b375295492b3a68e3999de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WykHy89cnrqwx5Z7qBrZ3Lutu9emEV8lI9qzqP8cKENiGFpACEuloLGtVjm6ocGvmwdtwd4mI%2FS4TWHsTow4i%2FdGXR%2FG%2Bs%2F2LFEzg5jrOOk9g9SPNR8Im0nu5i507q8NjHqkBXFD%2FIcnRIK"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 732661476b319261-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
rnoddenkn.asia/ 0
251 B 124ms
104ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rnoddenkn.asia/utx?cb=52CI8Tn0taYx&top=robloxexploits.net&tid=955748
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUG40o5KZ8lfhMr4IwLk8KqC2fcGtSt%2BC9se7VKzOvEt3W44acgc7fo%2FO3ZrzooiqCnKPiLuO2tCeeDzS0oDmIKrEqJR5dn23x2nMApFhL3wdRvC5RprADQTxnsY4At4IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxexploits.net
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
cf-ray: 732661476eacbb83-FRA
content-type: text/plain
server: cloudflare

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 29ms
17ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jul 2022 12:36:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57vrdLM10Ie2ypUxVuIKv%2BXFPXVmsSXFIFhBytF11cII9PIw2OnJ1%2F%2Bms9NGRaHGVvn7bLwtWPrremR3TW894U8ccdeD99mx%2BJ%2FpOoF3vY4lFE%2B2AwrAZE8TJUpCrrq6OpwNxznsERZntmbN"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://robloxexploits.net
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 732661476b329261-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
368 B 125ms
113ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c406d7a0ee4f18e3651932027da7b8280171e76c42466e44da48530a2ec0b37e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ7iwXRYYQxoNbNsqXmQ1LxtlidR6JJ%2F%2F8FcFZZrjvcvzvJkOf%2F7cgL9BoIDd%2FOdlMSfcwySHTso75kOBNkvUIjDN3yZUAdhfVu2H12aOsV8GAHPqWRKscwNrae%2BeNasuBZyXz%2Bgu1GDYLPo"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 732661476b339261-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 UjNEV2J9DCckXzYDHiAzBl8MMQk+Bwc8NGFgDBIgA3seHQYTA2IjCzYOfWJXYwB1cRI7V3lmRCFHJSMXIQ51cQs8VStqRCQOdXlRZh12b0xiFTFqU3RHNDYFbwJiJxYmX3lmVGcKdWdRYAJzYFth
chedstimaarr.pics/ 0
266 B 598ms
108ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chedstimaarr.pics/UjNEV2J9DCckXzYDHiAzBl8MMQk+Bwc8NGFgDBIgA3seHQYTA2IjCzYOfWJXYwB1cRI7V3lmRCFHJSMXIQ51cQs8VStqRCQOdXlRZh12b0xiFTFqU3RHNDYFbwJiJxYmX3lmVGcKdWdRYAJzYFth
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fdw7feEKOigk86Jt0XU1BYy5Uv9rP63Xrk8UTChE%2FGAjwHB3R3nMaThYS2NPMFHrjfQapkPlzB2jE40K3wJ3bQHQj%2Fy0qiyFsbNa0WHtQfChVlkL270tS8WZ7BDuMTo7TsI%2F1XFA11sjOLp7SWHIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7326614c7d5a9124-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 532ms
222ms Image
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 385ms
82ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 411ms
108ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 popunder.gif
chedstimaarr.pics/ 35 B
642 B 322ms
21ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chedstimaarr.pics/popunder.gif
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2022 17:46:27 GMT
server: cloudflare
age: 159231
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FsjoXv5gXP56rmDeag%2BWKUvvPPbmDjbcH0WwTennKXJdMB61%2BV%2FlrBnjZyRSt3onZCuUbrSsPh0D5Yi4gsSortQ%2FhAL8AiOh8MbqQS9M2TxR1RPDcChYMMpv1om0J5oGt4ZcDIblkATiScBTKG1GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7326614c7d5b9124-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ejNyQ3BVDBEwTSxrJBMTLQIcEUMKdSouJjtWQhEqIFgkdyMsXFQ3GR4OS3ZFTQdKZQATV09yVglHEzcFCQ5DZRkUVR1+VgwOQ21DTh1Ae15KFQd+QVxHAiIXRwJUMwQOX09yRk8KQ3NDSAJFe0BL
chedstimaarr.pics/ 0
273 B 406ms
105ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chedstimaarr.pics/ejNyQ3BVDBEwTSxrJBMTLQIcEUMKdSouJjtWQhEqIFgkdyMsXFQ3GR4OS3ZFTQdKZQATV09yVglHEzcFCQ5DZRkUVR1+VgwOQ21DTh1Ae15KFQd+QVxHAiIXRwJUMwQOX09yRk8KQ3NDSAJFe0BL
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDIu381fh6S1azDijcSXzf8KgO7WPwTTkSif45xwEB1BAwZXnBP7yxqbZTmDL71zbWuoVtSTg5Pq4g%2BvNBtEXM0qq%2FR%2BP0LioL4uTv9GPk6iMbDyOc4pKiFVqEa2dvKiDTUeMwqFRyiQwjuaI80phw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7326614c7d5d9124-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 c0hteG5cdw4LUyJ7Kys7NwoXKikhIy4gPDYSADUqEA0FEjcyI0sMBxd1VE1bS35YXh4aLFBLW1U7GRkaBjtQSUgaJgsXU1U+UEhAQWZfS0BDbhhFX1U8HRkJTnlLCBoHJFBJWEZxXEhdQXlaQF5F
chedstimaarr.pics/ 0
262 B 410ms
109ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chedstimaarr.pics/c0hteG5cdw4LUyJ7Kys7NwoXKikhIy4gPDYSADUqEA0FEjcyI0sMBxd1VE1bS35YXh4aLFBLW1U7GRkaBjtQSUgaJgsXU1U+UEhAQWZfS0BDbhhFX1U8HRkJTnlLCBoHJFBJWEZxXEhdQXlaQF5F
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7I4pRDjU1oHPZDW5BhvIWR7JZbjP6ej%2FITYofygTOVtsSxN3l7xApxVeRD07hEY%2FOBr3Rr6Iw5E0eg2j%2BgUBFkggvnFs4M2HccocfoH0ds3X29lnlz253z1l7Rgh7uyLqkotydyhnSlzqZS3oi2rA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7326614c7d5e9124-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
d3oy68whu51rnt.cloudfront.net/ 368 KB
119 KB 186ms
169ms Fetch 2600:9000:214f:ec00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/adblock.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ec00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 278a43b67ab2c1cd09cd314c4e4517733b392879269e9763bcd1f0cc4b48aa62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://robloxexploits.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 121045
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
x-amz-cf-id: wL69wqreR18gUbbfgz5mKm9lW06CRjad_A6OA6mDoUCKN4qKmtfaXA==

GET
H2 200 boxicons.woff2
unpkg.com/boxicons@2.0.7/fonts/ 91 KB
92 KB 31ms
16ms Font
font/woff2 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/fonts/boxicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css
Origin: https://robloxexploits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13038121
fly-request-id: 01FX0J2ASR71QF9PXRHDNS1X6H-fra
vary: Accept-Encoding
content-length: 93260
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: "16c4c-pVld0x4LunUHF9iDN+x/LvuPssw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7326614aaaf09bec-FRA

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/ 341 KB
120 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2249257918045069&plah=robloxexploits.net&bust=31068622

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206e5c7991ada97f5774b71bd572d504096d81da601d330b0570728df319e8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123176
x-xss-protection: 0
server: cafe
etag: 14702231922437212024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:00:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame 008E 10 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 19:53:13 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 19:53:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 172ms
8ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170951207-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3498
date: Fri, 29 Jul 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 15:02:00 GMT

GET
H2 200 all Show response
sapi.robloxexploits.net/api/v1/public/ 30 KB
10 KB 268ms
152ms XHR
application/json 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sapi.robloxexploits.net/api/v1/public/all

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/2d7f587.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2f479c2fb175d8cb3a6ddd52107fe17e71b8ae35be758923450a72be18bb25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
cross-origin-resource-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: W/"7917-/NyY/YzFlvp8zlTGU9j9thMdgBA"
expect-ct: max-age=0
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CknapIani4YHlIhGyTnoj8fyj6DTW1lcVBKUBoAgADufVMTRU1c7PqfSgjgYnRWkHRZ9Nrphs0dMgd1IgsZEXobOzTgktR3X0r8EnsJxkixFG%2BCHPR5mKLq%2F1xIOFdhWn6Mzq32xXCWipq20DOBdbaK8Czc4TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
origin-agent-cluster: ?1
x-forwarded-port: 443
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 7326614c7d298fca-FRA

GET
H2 200 any Show response
sapi.robloxexploits.net/api/v1/public/ 13 KB
4 KB 261ms
145ms XHR
application/json 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sapi.robloxexploits.net/api/v1/public/any?skip=1&limit=8&sort=recent

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/2d7f587.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55670852df03bd1c31cf6a51c0e81af8f330f835eb2130c5c1f34de00ae2580d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
cross-origin-resource-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: W/"35e5-Bf68onOq2pq2uhxkwqWiZLdCNwg"
expect-ct: max-age=0
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE1tKq6zmsSvyIAtPaTuGyP0dd6lsdCjWGvDWT1ZI8ViG7UjJUg71B%2FmO77lfqzBCYZLmVqY6mjmpaTlY1C7sQtQVfMC8lNeSnhWJp5nGSEHRqLVHlNcUwyucA%2FnussAU59jzdg7tEerJ0OFK1mjjWANmVEOGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
origin-agent-cluster: ?1
x-forwarded-port: 443
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 7326614c7d2b8fca-FRA

GET
H3 200 BgFLDmMGOnlhXR4fZAd2MQsDXmkFYgoTAhYBYVF3FBFEenE7GGp1ACgLZnNidWBxYgBgAWUFSBsFX3RpNhcGU2VhKgpnZmEDZlgEdjhAWV4gb3JzQwRnWUcFOhNmXFkgHQ Show response
rnoddenkn.asia/MFBSMzZRMjFeCVFtMBVDQjxvFgR2dWB1UgM/KwUORzgnBgdCPiYdVVw/J1dQQj88RxheNSYWBHYFM1gHBTFgUHx5ODF9YXJkOXtgajUKAF55BxRpe3onPXZ1YiAlfHUEBQJdUWQXPnp3dBMlcXJYPxFrTgg0Fl10egQDQHp5KGdkZ2FoOHRaag... Frame 67BC 3 KB
2 KB 149ms
132ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rnoddenkn.asia/MFBSMzZRMjFeCVFtMBVDQjxvFgR2dWB1UgM/KwUORzgnBgdCPiYdVVw/J1dQQj88RxheNSYWBHYFM1gHBTFgUHx5ODF9YXJkOXtgajUKAF55BxRpe3onPXZ1YiAlfHUEBQJdUWQXPnp3dBMlcXJYPxFrTgg0Fl10egQDQHp5KGdkZ2FoOHRaagcGcEFUEwRDU1EnYlF1cRYlckEENhBZUWQYOnJQfDxqVnRcMzV1XnUfEFpzaQQ+ZkVVFjZRZ1w4a2ZkRx8QcF1nGBBhZlZgOXVzAGl3AXBjBiJrZHhhMWR1ZgA0A11TFDVhAWQFZ2Z9dzgeZE4JMzdlG3IfBGVZQxMAQHp0Kj1QdWEnFnxgSAobZQ8VYhBnXWYFCnRefAdiC3R6AWJ0dQBpdwFwfztnZWFZFQNyd3oANANdfRE1WFt2OxhwYXhgM3JOZRYbcU5/BgFLDmMGOnlhXR4fZAd2MQsDXmkFYgoTAhYBYVF3FBFEenE7GGp1ACgLZnNidWBxYgBgAWUFSBsFX3RpNhcGU2VhKgpnZmEDZlgEdjhAWV4gb3JzQwRnWUcFOhNmXFkgHQ
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b37ebd9a70cfab52ef04bc256230494125daf53dad5d6facbd6fda42cf21eed

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7326614c894d9bc4-FRA
content-encoding: gzip
content-length: 1256
content-type: text/html
date: Fri, 29 Jul 2022 14:00:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NID DSP ALL COR"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9Ab6lU6QzmkDDItHyMkTGGlPPJHd8ujYNByRfOqPDIoZJ4wAKSZ3ETSMGBvOw6f4fwit8jdGPcBWy5G0vl%2BTwRfDXiqR3Ds%2FG5Ka6nlrT%2BjcsM9k1Cv5%2BQjxFleRHoYWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 IgwYFnEsXCkTBSc0LyJfGS0+Mn07DCoTdhIwDjpcLC04NXoQJ1kEfzItMTVlWhULE1MOJzBAdhA3ECFXLx8uFGEvAlgUUw4mPjVyWyAPMnw7Vik2ZQENLBR1LCc8NX5dJAM6dzs0ThpHBQsYTWNaFwszeBIsDSZuGBA+ Show response
rnoddenkn.asia/amVocDQLBwsdCwtYClZBGAlVVQYsQFo2UFkKEUYMHQ0dRQUYCxxeVwYKHRRSGAoGBBoEABxVBiwCCxt5WgEwH2YmIwckZjs8GSVxAiE6Q20uND06YSEwCxFyKy9NQnYzVT05cTsnXDRgJz0uJwAiIREiWDskUBVgWSg7N2YZBiIxWD4tEAdTKT... Frame DA96 3 KB
2 KB 132ms
116ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rnoddenkn.asia/amVocDQLBwsdCwtYClZBGAlVVQYsQFo2UFkKEUYMHQ0dRQUYCxxeVwYKHRRSGAoGBBoEABxVBiwCCxt5WgEwH2YmIwckZjs8GSVxAiE6Q20uND06YSEwCxFyKy9NQnYzVT05cTsnXDRgJz0uJwAiIREiWDskUBVgWSg7N2YZBiIxWD4tEAdTKTA6E3ETAT8jcV8wJkBlCyA9SAE/NFgndhMJKjFTUjcyJXE/NxBIRz4NHyd8Ayw6Ik4SLQohZjs2LTpGOx0fJXIDHSwyWFMkC0FbKD1YMk4oMD4lZQc8ID4FUyQLQHkJIy0iBy8wMURiWSAtNGESIgkYGSwtOxh5EDcqG1IoNjInfAIoLypTMx88QHJaIgMqeTxWLTVsOCAJPgUBPzBAdSsgPRR/IgwYFnEsXCkTBSc0LyJfGS0+Mn07DCoTdhIwDjpcLC04NXoQJ1kEfzItMTVlWhULE1MOJzBAdhA3ECFXLx8uFGEvAlgUUw4mPjVyWyAPMnw7Vik2ZQENLBR1LCc8NX5dJAM6dzs0ThpHBQsYTWNaFwszeBIsDSZuGBA+
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c261e247ed151c101972ffd204c50e19438d7e12ffe33a4d8a57f6e07d3712

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7326614c894c9bc4-FRA
content-encoding: gzip
content-length: 1252
content-type: text/html
date: Fri, 29 Jul 2022 14:00:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NID DSP ALL COR"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfYqSa%2B%2BJcrPETOcgedmO1WVs4KRxYajy3I9kLiJpmnZYBAHfZelnru2MEGbwviuaAuP4zBjmRnn6x%2FU3dz%2FIl0WNjB0s6OW5wieEHGraH2gbPLLY6KA9DM7IGHbFVNE6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 LwNJGgc7dmE2Fjs1cDA3Un53IHY+CF43Fj0TCjQpW3dSI38oYwEzGDwqZSMYJB90JA49C3EaCzgDei0XPCpkLSIgI2c3HSQfdQEtPC15Ehdbf2UnIiwXazMVIx9UUyUZKV0FcjswfhsWAx9XQyMMMn4BHg Show response
rnoddenkn.asia/RjN1T2onURYiVScOF2kfNF9IalgAFkcJDnVcDHlSMVsAels0XQFhCSpcACsMNFwbO0QoVgFqWABpIBgCN2otDhMERCQHPj9mNwsGPnkvCVsVZUUZWQdbHgAiL3UjABIlCiU1LwJ8Nx0EBHICGToVZkAbKBN4Oxk8J2ENOB0EVEQsPCxiMgw8Pn... Frame 5FFF 3 KB
2 KB 126ms
109ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rnoddenkn.asia/RjN1T2onURYiVScOF2kfNF9IalgAFkcJDnVcDHlSMVsAels0XQFhCSpcACsMNFwbO0QoVgFqWABpIBgCN2otDhMERCQHPj9mNwsGPnkvCVsVZUUZWQdbHgAiL3UjABIlCiU1LwJ8Nx0EBHICGToVZkAbKBN4Oxk8J2ENOB0EVEQsPCxiMgw8PnEROAEJckV+BhJbQR0iPEMjBx1+ZjsOXgJ3DRpbEltNDj4SRD0KKyFQJR4GFmYPFQEUXwUKOyt1NAc7IVY7HgkidhkZABFyJBk8EX0sGFsAViwaWxx6RBkAEXFFBiIrVxYbWw9KEQkaJ3QgFQYXZlh2Phd3NBYtIQMjBQ12ejYnASpnIygEFGQ/KTgAeTIrLDZSJh0Zc3s0LCQQZDg9Pnd9NB87A3E3CTwsZDR/LwNJGgc7dmE2Fjs1cDA3Un53IHY+CF43Fj0TCjQpW3dSI38oYwEzGDwqZSMYJB90JA49C3EaCzgDei0XPCpkLSIgI2c3HSQfdQEtPC15Ehdbf2UnIiwXazMVIx9UUyUZKV0FcjswfhsWAx9XQyMMMn4BHg
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d3dc9d9e4a99a93fb4f31e300a2506a80bbf80e5bc4ca88247c130d2c51bb2

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7326614c894e9bc4-FRA
content-encoding: gzip
content-length: 1256
content-type: text/html
date: Fri, 29 Jul 2022 14:00:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NID DSP ALL COR"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve5hTXwWzKhXrA4tgVE%2FzREMDE6ymGylo3pWcSClBmECvj4XVHwzT8TlYRl5vnfGfh9lwxccieQSgEV99sV5ErZg%2BfcfjfIYOP0hVhSBylkxlBGraXpQyeH2Ul%2BsCC32eg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 57ms
41ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 9dc0416.js Show response
robloxexploits.net/_nuxt/ 11 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/9dc0416.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/8dd1330.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba82f0aa82d77c1ee1841958f6580a5c9341007008039eb844938a96fc0001e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 7326614bdaca91e1-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"2ce9-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2R9TIbyMkYwcxV4gr0ytkinDSaULunVVlREczaPN24oYnLxEOr87qTJzqK1RNB8bWZ2V04XIXXOOT7MRR%2B8S0do7ge4P6EXSxw4PZ6dfi7pbjv4etY%2FqpoUe8ZhY2BgMXe3tCfi9famSTwC5hMVq7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H3 200 2fa7f9b.js Show response
robloxexploits.net/_nuxt/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/2fa7f9b.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/8dd1330.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fb493d62a6bbedc80908d6016d6c556ce3576d9366523e1fe8a9265ed6e6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781775
cf-ray: 7326614bdacc91e1-FRA
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 12:48:24 GMT
server: cloudflare
etag: W/"1f31-1821ba6fcfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P10PhIZtHi7iuT08rYMvkLeMYphurUBg%2FfyCKxQP2sgopTuB%2BXQngtjo3TdeznJyF5LSPZCXkUpmn7W2uxSaKr8XGAkQqukkvZ2I96tmrH4hwk%2B3m2FEvkf7%2BCRCTjQZM%2FLgJlF1iU14DaqqNNo68H0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
647 B 100ms
30ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=robloxexploits.net&callback=_gfp_s_&client=ca-pub-2249257918045069

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2249257918045069&plah=robloxexploits.net&bust=31068622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a6107b952d5b0034cb65b28048e9320d5a7d171e0bb572024bca2f386e102cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 52ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2892 240 KB
63 KB 928ms
913ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1659103218&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frobloxexploits.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659103218377&bpp=3&bdt=833&idt=271&shv=r20220727&mjsv=m202207210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6153425023421&frm=20&pv=2&ga_vid=2025273185.1659103219&ga_sid=1659103219&ga_hid=275378548&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068622%2C21065725&oid=2&pvsid=2795691057951708&tmod=1253391901&uas=0&nvt=1&ref=https%3A%2F%2Frobloxscripts.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36f4a133cc75fa860860dd3663e5b6147c13b2973528706345a4d13269bf66d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 14:00:19 GMT
expires: Fri, 29 Jul 2022 14:00:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=275378548&t=pageview&_s=1&dl=https%3A%2F%2Frobloxexploits.net%2F&dr=https%3A%2F%2Frobloxscripts.net%2F&ul=en-us&de=UTF-8&dt=ROBLOXEXPLOITS%20-%20Roblox%20Exploits%2C%20Hacks%2C%20Scripts%20%26%20Cheats!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1576955917&gjid=75156046&cid=2025273185.1659103219&tid=UA-170951207-1&_gid=2000075674.1659103219&_r=1&gtm=2ou7r0&z=277852836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=275378548&t=pageview&_s=2&dl=https%3A%2F%2Frobloxexploits.net%2F&dr=https%3A%2F%2Frobloxscripts.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=ROBLOXEXPLOITS%20-%20Roblox%20Exploits%2C%20Hacks%2C%20Scripts%20%26%20Cheats!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=2025273185.1659103219&tid=UA-170951207-1&_gid=2000075674.1659103219&gtm=2ou7r0&z=2052509527

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 23:31:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52135
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WVlVVWNYGQAWMBoDREIXXVlWXmJeTBRNYFtbVkJgX19VRmFQXFZIYg Show response
d3oy68whu51rnt.cloudfront.net/ZUWhqYXAyBwQHTyUBDlxJZF1SV0V3AhkOHiFVOxc9PzEDOBRnBAwVPSU5TBUKNVVaRxwwBg1cVjQGCVxBdwkOA01lTh4RHzpVHw8UNA4DDxU1Th8ATTwHEAgcPQlPUzZkRlpEQmFAHQgeNQcdElVjWAQVVWNYW1FeYU1ZI1... Frame 5FFF 795 B
801 B 155ms
154ms Script
text/plain 2600:9000:214f:ec00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/ZUWhqYXAyBwQHTyUBDlxJZF1SV0V3AhkOHiFVOxc9PzEDOBRnBAwVPSU5TBUKNVVaRxwwBg1cVjQGCVxBdwkOA01lTh4RHzpVHw8UNA4DDxU1Th8ATTwHEAgcPQlPUzZkRlpEQmFAHQgeNQcdElVjWAQVVWNYW1FeYU1ZI1VjWB0IHmdcT1IydFpaGUZlQU-9TQDAYGg0VJg0IChklTVgnRWJfRFJGdFpaSRs5HAcNVWMrT1NAPQEBBFVjWA0EEzoHQ0RCYQsCEx88DU9TNmBYWU9Af11aV0B/WVlVVWNYGQAWMBoDREIXXVlWXmJeTBRNYFtbVkJgX19VRmFQXFZIYg
Requested by: Host: rnoddenkn.asia
URL: https://rnoddenkn.asia/RjN1T2onURYiVScOF2kfNF9IalgAFkcJDnVcDHlSMVsAels0XQFhCSpcACsMNFwbO0QoVgFqWABpIBgCN2otDhMERCQHPj9mNwsGPnkvCVsVZUUZWQdbHgAiL3UjABIlCiU1LwJ8Nx0EBHICGToVZkAbKBN4Oxk8J2ENOB0EVEQsPCxiMgw8PnEROAEJckV+BhJbQR0iPEMjBx1+ZjsOXgJ3DRpbEltNDj4SRD0KKyFQJR4GFmYPFQEUXwUKOyt1NAc7IVY7HgkidhkZABFyJBk8EX0sGFsAViwaWxx6RBkAEXFFBiIrVxYbWw9KEQkaJ3QgFQYXZlh2Phd3NBYtIQMjBQ12ejYnASpnIygEFGQ/KTgAeTIrLDZSJh0Zc3s0LCQQZDg9Pnd9NB87A3E3CTwsZDR/LwNJGgc7dmE2Fjs1cDA3Un53IHY+CF43Fj0TCjQpW3dSI38oYwEzGDwqZSMYJB90JA49C3EaCzgDei0XPCpkLSIgI2c3HSQfdQEtPC15Ehdbf2UnIiwXazMVIx9UUyUZKV0FcjswfhsWAx9XQyMMMn4BHg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ec00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e47a92dda1c8fc625dc0793022d4b1945a51e7193b5face98068f025df0c1bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rnoddenkn.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 523
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: DCuzmx2lFoc4bt_Dpq5LVCXLqjEBC5BOE77S-ZV3wxD5zhcYlgbtrw==

GET
H2 200 gckM0dXoRLFoTRQYqUEhDR3YDQUJUKUcaFAJ+Y0UIEQB4DTMXFW4HDyRlQA8eT3MSGRscJAlTHxwgCURcEydWSE5UN0QaEU85UQ0WBylBAg8RZUEURx8sThwWHiIRRzxHbQRQSEJrQxwUFixDBl9Ac1oBX0BzBUVUQmYHN19Ac0McFER3EUY4V3EEDUxGah-FHShM... Show response
d3oy68whu51rnt.cloudfront.net/ Frame DA96 798 B
867 B 163ms
163ms Script
text/plain 2600:9000:214f:ec00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/gckM0dXoRLFoTRQYqUEhDR3YDQUJUKUcaFAJ+Y0UIEQB4DTMXFW4HDyRlQA8eT3MSGRscJAlTHxwgCURcEydWSE5UN0QaEU85UQ0WBylBAg8RZUEURx8sThwWHiIRRzxHbQRQSEJrQxwUFixDBl9Ac1oBX0BzBUVUQmYHN19Ac0McFER3EUY4V3EEDUxGah-FHShMzRBkfBSZWHhMGZgYzT0F0GkZMV3EEXREaN1kZX0AAEUdKHipfEF9Ac1MQGRksHVBIQiBcBxUfJhFHPENzB1tKXHYEQ0pccgdBX0BzRxQcEzFdUEg0dgdCVEF1EgBHQ3AFQkhDdAFBTEJ7AkJCQQ
Requested by: Host: rnoddenkn.asia
URL: https://rnoddenkn.asia/amVocDQLBwsdCwtYClZBGAlVVQYsQFo2UFkKEUYMHQ0dRQUYCxxeVwYKHRRSGAoGBBoEABxVBiwCCxt5WgEwH2YmIwckZjs8GSVxAiE6Q20uND06YSEwCxFyKy9NQnYzVT05cTsnXDRgJz0uJwAiIREiWDskUBVgWSg7N2YZBiIxWD4tEAdTKTA6E3ETAT8jcV8wJkBlCyA9SAE/NFgndhMJKjFTUjcyJXE/NxBIRz4NHyd8Ayw6Ik4SLQohZjs2LTpGOx0fJXIDHSwyWFMkC0FbKD1YMk4oMD4lZQc8ID4FUyQLQHkJIy0iBy8wMURiWSAtNGESIgkYGSwtOxh5EDcqG1IoNjInfAIoLypTMx88QHJaIgMqeTxWLTVsOCAJPgUBPzBAdSsgPRR/IgwYFnEsXCkTBSc0LyJfGS0+Mn07DCoTdhIwDjpcLC04NXoQJ1kEfzItMTVlWhULE1MOJzBAdhA3ECFXLx8uFGEvAlgUUw4mPjVyWyAPMnw7Vik2ZQENLBR1LCc8NX5dJAM6dzs0ThpHBQsYTWNaFwszeBIsDSZuGBA+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ec00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ddb731e256825f477354ebbd124730d2e8f91f683d1ae37feb7100d83439bd26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rnoddenkn.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 590
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: sTnqdIIkvkymoz4TU6efEQ7j052aJ5Fa9EvLg7qXws8arZfBLysXIw==

GET
H2 200 SRgGDCwLAkJYC0xYUER+T00SV3xKWlBYfE5eU1x9QV1QUn4 Show response
d3oy68whu51rnt.cloudfront.net/Uak15a2cJIhcNWB4kHVZeX3hIWFZMJwoECRpwOC4UPngTGlIADCwBDhoCXx8dDnBJTQsLIx5WQQ8jGlZWTCwdCVpeaw0bCAFwAw4fBjgTHhAfLl8eBlcgFhEOBiEYTlUseFdbQlh9URwOBCkWHBRPf0kFE09/SVpXRH1cWC... Frame 67BC 767 B
842 B 166ms
166ms Script
text/plain 2600:9000:214f:ec00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/Uak15a2cJIhcNWB4kHVZeX3hIWFZMJwoECRpwOC4UPngTGlIADCwBDhoCXx8dDnBJTQsLIx5WQQ8jGlZWTCwdCVpeaw0bCAFwAw4fBjgTHhAfLl8eBlcgFhEOBiEYTlUseFdbQlh9URwOBCkWHBRPf0kFE09/SVpXRH1cWCVPf0kcDgR7TU5UKGhLWx9ceV-BOVVosCRsLDzocCQwDOVxZIV9+TkVUXGhLW08BJQ0GC09/Ok5VWiEQAAJPf0kMAgkmFkJCWH0aAxUFIBxOVSx8SVhJWmNMW1FaY0hYU09/SRgGDCwLAkJYC0xYUER+T00SV3xKWlBYfE5eU1x9QV1QUn4
Requested by: Host: rnoddenkn.asia
URL: https://rnoddenkn.asia/MFBSMzZRMjFeCVFtMBVDQjxvFgR2dWB1UgM/KwUORzgnBgdCPiYdVVw/J1dQQj88RxheNSYWBHYFM1gHBTFgUHx5ODF9YXJkOXtgajUKAF55BxRpe3onPXZ1YiAlfHUEBQJdUWQXPnp3dBMlcXJYPxFrTgg0Fl10egQDQHp5KGdkZ2FoOHRaagcGcEFUEwRDU1EnYlF1cRYlckEENhBZUWQYOnJQfDxqVnRcMzV1XnUfEFpzaQQ+ZkVVFjZRZ1w4a2ZkRx8QcF1nGBBhZlZgOXVzAGl3AXBjBiJrZHhhMWR1ZgA0A11TFDVhAWQFZ2Z9dzgeZE4JMzdlG3IfBGVZQxMAQHp0Kj1QdWEnFnxgSAobZQ8VYhBnXWYFCnRefAdiC3R6AWJ0dQBpdwFwfztnZWFZFQNyd3oANANdfRE1WFt2OxhwYXhgM3JOZRYbcU5/BgFLDmMGOnlhXR4fZAd2MQsDXmkFYgoTAhYBYVF3FBFEenE7GGp1ACgLZnNidWBxYgBgAWUFSBsFX3RpNhcGU2VhKgpnZmEDZlgEdjhAWV4gb3JzQwRnWUcFOhNmXFkgHQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ec00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a5c42418fc441ec645e218a11442c22ffdba09863f68ed8de3387ebcf009598d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rnoddenkn.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 565
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: kwieGxzjvrEAcDLW18pb4vlNinUgQUo8nM4-hIrQoSxJPyTndlDfdw==

POST
H3 204 aUxDQmVGcyAxWAshCjg0WRYgFyQzfycUUDEOcBgcMRoKBwBaCWU2DA1xendQXnh7ZBUAKH5zQxo4IjYQGnFwclVYaiosAwZxc3JVWGo1f1RHf3dsV1Fic2QQVH1wc1JbfXR3UV98e3RSUX9lNhUIK35zQxk4Ny5YWHp2e1RZf3FzXVF5cA
chedstimaarr.pics/ 0
515 B 124ms
106ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chedstimaarr.pics/aUxDQmVGcyAxWAshCjg0WRYgFyQzfycUUDEOcBgcMRoKBwBaCWU2DA1xendQXnh7ZBUAKH5zQxo4IjYQGnFwclVYaiosAwZxc3JVWGo1f1RHf3dsV1Fic2QQVH1wc1JbfXR3UV98e3RSUX9lNhUIK35zQxk4Ny5YWHp2e1RZf3FzXVF5cA
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEfoOqSF%2BMZ2y4y9j0PORwe5ik9w4ADUR3aKAbHXA4%2Fy9vAoNwfNVqJv0fMvOzVYv6Nafa7abVk11j%2B%2BCa9dXs4paAdTaNm5EBOKeS1T7Dda76SUbziCYjjPnsd38E768fySvlmKogATEpFgN%2FQdrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7326614dfeca6993-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1659034631638-Png.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 570 KB
571 KB 130ms
130ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1659034631638-Png.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ed3b04635bf8fb375aa173d1371734d07cb472a5cf495bcb65e86f0c6b54356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:19 GMT
Last-Modified: Thu, 28 Jul 2022 18:57:12 GMT
Server: AmazonS3
x-amz-request-id: M12F0793WWK6F5W8
ETag: "a7937a476af6d3c8c787bb74032da4c8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 583889
x-amz-id-2: blxclg4jdSlQhkFldX2u12ct73aKUg4zr2b0okCniSxcQP71AaF620UjuuP/OyJ3UOQgYD5wJw8=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1658759256385-tatakai.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 1 MB
1 MB 443ms
128ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1658759256385-tatakai.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 44e7ca8a4c249be4e868a95163b4d86912b807e871f39a50a01500e6dca45fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Mon, 25 Jul 2022 14:27:37 GMT
Server: AmazonS3
x-amz-request-id: KTSPEYXMXPSRQP0N
ETag: "6780ab047f72c16f6c8d9f1eb2303251"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1048954
x-amz-id-2: N6iZS9BTHQ0EqBPcIjULgQM8SkHX+pH9VfH/Un/s2LHmGb69ga+aJP5WUenRWop1y21x7cO6yh8=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1658179558648-slayerfarm.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 1 MB
1 MB 439ms
124ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1658179558648-slayerfarm.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 946699809e55837d18f050e2b1119c5bf3b57cf358cf0bb2d6fa8b9be0c96c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Mon, 18 Jul 2022 21:25:59 GMT
Server: AmazonS3
x-amz-request-id: KTSTBJWGZE7XM15K
ETag: "f42ed63b930c9a49aa8e7d5fcfdae2c4"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1116098
x-amz-id-2: mxwewdd2tmqf86e7K/7kevELBo3ZVxwKU4Y3OJIulgPui5kdQAgUknSQ03kfD/C3h/ku8g9aNzU=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1657906217568-gft.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 844 KB
844 KB 736ms
131ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1657906217568-gft.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8eabb3afd19d809c6d3bed9bbf48216965eaa51a359787386b78057217bd63e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Fri, 15 Jul 2022 17:30:18 GMT
Server: AmazonS3
x-amz-request-id: KTSQR2YXKNWXAK11
ETag: "1320b5c6c32a0e5bc5d822d3081044fc"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 864367
x-amz-id-2: 1X8HCaBFdQWP1zAo3HR6KphVjQDeH289V9TKQUGdw2/PQp5y1Gp9LBV2HbW/JgZqfqbAlfzeoY4=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1657737241650-sWt9bQTuvuw-HD.jpg
s3.us-east-2.amazonaws.com/robloxexploits.net/ 171 KB
171 KB 862ms
115ms Image
image/jpeg 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1657737241650-sWt9bQTuvuw-HD.jpg
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81c0bed2642566f44b5175ab2b669ae66d255dd1da31739e8ef19fcbb629f1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Wed, 13 Jul 2022 18:34:02 GMT
Server: AmazonS3
x-amz-request-id: KTSTGPB9GPDB1SQY
ETag: "98659b94206075bbd033eb2ea4027924"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 175138
x-amz-id-2: FJLM87p8M9MrhvDy4QH0FpjOpUTDCLA3VDG9ZcOwYcmm9+YMgsgzJSf0rruroz+0gdA94D73xVU=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1657553187333-dsoul.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 1 MB
1 MB 1185ms
115ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1657553187333-dsoul.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4995daae2b79c3449402d59591ff3b9ad618be12f7faf2412c334438ee467db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:21 GMT
Last-Modified: Mon, 11 Jul 2022 15:26:28 GMT
Server: AmazonS3
x-amz-request-id: PTYHEXFZQ5RNNAQA
ETag: "cdcdcada2d030152700c0b9e0d185833"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1270999
x-amz-id-2: ke7iYa2Vh5wURZoYPU//OgbGrU3BfCJo7HZevUEacNJ8YH7ws/e7Z6R5vkE1qQUZ+WTOTG5wPGY=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1658673795318-ms2main.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 1 MB
1 MB 430ms
127ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1658673795318-ms2main.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 484b4673d27f5169b3f7a618582e690e9f2053f8cf12a8be0ef77a3ed64fa057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Sun, 24 Jul 2022 14:43:16 GMT
Server: AmazonS3
x-amz-request-id: KTSG0MB55QE7K23Y
ETag: "5ecb19cc148980d97ede5535b8f93113"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1076246
x-amz-id-2: /Jkdh/Lsy1QQRvox2dsUXLATYsTk0adcBo+npCcAHz0XSL88ZRCt8Iq+tMYwUKjaAVb1eaF/ois=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1658324800612-aadv1.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 1 MB
1 MB 428ms
124ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1658324800612-aadv1.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9298f8c535eb4e0098c0f5703852fa08dbef7b93eb1a18e38c301b8769ba5b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Wed, 20 Jul 2022 13:46:41 GMT
Server: AmazonS3
x-amz-request-id: KTSKG98PTW8HW7QM
ETag: "9a2403229364c525b7053d1678f26a82"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1074253
x-amz-id-2: 90ESMIm85Zs7kUkYpJLfBOlF4mq+3gROkviU8ukuIOb/bS9WNIosdv56YghAz3ZsTZsIseBFCUk=

GET
H3 200 unknown.png
cdn.discordapp.com/attachments/888735800454434858/988117473045913680/ 54 KB
55 KB 37ms
37ms Image
image/png 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/888735800454434858/988117473045913680/unknown.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6286b1170e5014e191a04da402addc2b41d047461887e173ae0f1369deb76b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=vAaJow==, md5=16JClyMk8tdJJP6D4HSIMw==
date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026347
x-guploader-uploadid: ADPycduTYcqXfoWQC5IIF50Y2awCywWreLYQcOY-yGJ7_nZzQ_sjfoC__R2FEFlSnrDp2jI6i0jQRTl1VWW2rZOLmtrP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55323
last-modified: Sun, 19 Jun 2022 16:26:03 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "d7a242972324f2d74924fe83e0748833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y805eMZsBmaGvUSZyyuaKM1zaYPtA6SIyW1bISkQIQAcWXLM4oxmKYp4jGl3vbkVrNDooX5zeb3dk1Y0vk1ES398KIId2SMtLUi%2BTOWgL3QxzJnf8EjBPzAhxPuLOxUxycQ0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1655655963947680
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 55323
accept-ranges: bytes
cf-ray: 7326614e3c979078-FRA
expires: Sat, 29 Jul 2023 14:00:18 GMT

GET
H/1.1 200
OK 625456dc5bdb81f6e62a45dd-1654954789864-Ready.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 128 KB
128 KB 411ms
122ms Image
image/png 52.219.177.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625456dc5bdb81f6e62a45dd-1654954789864-Ready.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.177.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4773de38bb1e22d9615c06959965d9eed4046d7de8232a47668efd13ff0fb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Last-Modified: Sat, 11 Jun 2022 13:39:51 GMT
Server: AmazonS3
x-amz-request-id: KTSNYM8QFKSRY5X0
ETag: "cfaf6ad90c2946cb3783e4363cfb7c58"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 130633
x-amz-id-2: AY+8G0Uknf5iSToQEV9Rh5wC2zc5npOPKSpn4RrtIWsycQ1gxnseHiRBeq5uulnGREwn/b4luTA=

GET
H2 200 image-2.png
cheatermad.com/wp-content/uploads/2022/04/ 40 KB
40 KB 53ms
23ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cheatermad.com/wp-content/uploads/2022/04/image-2.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e99ca1b80367835421100d03c0d6c98ddd02d88d50e6f52cedd30db925aaac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3227589
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40536
last-modified: Mon, 18 Apr 2022 09:49:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FU4M1PLT53UBarLw10ftgtafTEzS59WGElS9wCarq%2FwPrFqMIt%2BF2tU4zPJARaPdL5QZOATu5L1NDF17PoGvB9yyOlMZ%2FsV2uGAKG%2B6hi9uHfplLIoL%2BII50ZwWkXwix%2BUrbmuE8sAUcuXqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=10368000
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 7326614e6b88bbfb-FRA
expires: Thu, 20 Oct 2022 05:27:09 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/ 149 KB
53 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/reactive_library_fy2019.js?bust=31068622

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5936517d0167560d14a4f82030ca71812bed28bd49203de805ac8906e549a790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54523
x-xss-protection: 0
server: cafe
etag: 3646028860894146648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/ Frame 4577 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:30:45 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 16:30:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/ Frame 3BB3 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:30:45 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 16:30:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4577 4 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 12:52:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 14:00:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4577 205 B
295 B 30ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 10:24:07 GMT
x-content-type-options: nosniff
age: 12972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Jul 2023 10:24:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4577 604 B
1 KB 29ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:55:06 GMT
x-content-type-options: nosniff
age: 313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Jul 2023 13:55:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame 4577 23 KB
10 KB 46ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9690
x-xss-protection: 0
server: cafe
etag: 12381306461416256465
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:55:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BB3 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeSwr8ufjYtyRK-zN1fAPwJGM2AzzuPS-a6jE6NbcD8viwObKHRABIP7mpWtglZKhgrAHoAHl0um2AsgBAqgDAcgDyYSAAqoE1QFP0Kirt0PWNmtgUDzuAEg90gb-OfUuONjNI4eYQ7VqsHdL_Hw5QYC1kLpoS9MnUpedVes60J1Gc5RTdvfWq6w-S5sa-zMdIoObY1HdghqyIyk3WJOFrlxmY-L05qDGEHofW2SAoB_FOw74TV3fY3gTOJ90FIxeyTmT2fdTJFPKv71Sjps_gZuP_aOdL4-9myibZXTiG2_i_sq6eJA4WMoSXr-ckWQk5rrRdj9HcwztuWe5E1IsH9AT-vgGbEDtT5sBaRS9HoALwnvvoAJkfZemPM7x-bXABL_MlMuJBJIFBAgEGAGSBQQIBRgEoAYCgAeDrZbJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ6CBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYAA&sigh=CW6x_jSQcRM&uach_m=[UACH]

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 29 Jul 2022 14:00:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame 3BB3 23 KB
9 KB 41ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9504
x-xss-protection: 0
server: cafe
etag: 17733382080043146658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:50:52 GMT

GET
H2 200 9473838726846222626
tpc.googlesyndication.com/daca_images/simgad/ Frame 3BB3 26 KB
26 KB 48ms
18ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9473838726846222626

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e5181ff4cf17b7600109fd8001aec01c53836ba0ce8d92a6becc6749fa4324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 12:30:54 GMT
x-content-type-options: nosniff
age: 437365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26505
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 19:54:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Jul 2023 12:30:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 3BB3 3 KB
1 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:29:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BB3 139 KB
43 KB 131ms
87ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 3BB3 18 KB
8 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:40:50 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 3BB3 31 KB
13 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12a034d04873317b8e5350dd7eddf0aec800f2d81ae84cac26d896f67d3f1515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
server: cafe
etag: 8668416481684956370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 12:37:01 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2249257918045069&plah=robloxexploits.net&bust=31068622
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame F09E 6 KB
672 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 13:22:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 14:00:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame F09E 2 KB
902 B 24ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:37:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame F09E 23 KB
9 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9504
x-xss-protection: 0
server: cafe
etag: 17733382080043146658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:38:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame F09E 3 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:37:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F09E 139 KB
43 KB 149ms
147ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 14:00:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame F09E 18 KB
7 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 13:24:09 GMT

GET
H3 200 ab4c532c1fbaba50606c7d3c45560ace.js Show response
www.gstatic.com/mysidia/ Frame F09E 30 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 23:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12814
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 22:38:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 23:14:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20E5 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 13:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
39ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 14:00:19 GMT
expires: Fri, 29 Jul 2022 14:00:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 14:00:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3BB3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82967d6ed6a7a3224755f0fff13250134d933562f56ab032ac3e6d5c5019f308

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame AEDA 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 12:58:49 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame AA8C 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 12:58:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 26ms
26ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42570a670f67a9f171bbec15da66f3d2cbdf3cc4b5cb8b546f9278809a03e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Jul 2022 14:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10691
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 14:00:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE5F 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 12:23:03 GMT
expires: Sat, 29 Jul 2023 12:23:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4E5 783 B
536 B 36ms
18ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

152f219da489510ee7e7622a60a90ef31afbab143d957442adb1f78450be99f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xh0TkNgjdNLwXxfcp7_qZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Xh0TkNgjdNLwXxfcp7_qZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 14:00:21 GMT
expires: Fri, 29 Jul 2022 14:00:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame EE5F 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 12:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 12:58:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BB3 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPpSfH2CI5K_fCU-Rji7pbtanMlMiycwsMVtnU3lRjTrZo8DhUpanYhOBrqlU9BXeK8Ck_T73ddullrjwQ-7OsU7ztqgxyVdxpsBaCIAabmpBNCBp3kZ4Vjjlid7fTBRTUouEcjxU97Jhs&sai=AMfl-YRrNUHr23-4e1DG7ETqqRApX7tJ_khw58MpJklKqOMa3JtJeglP9yCRRnT3lCGz_tN0iWxHkByDnyi1&sig=Cg0ArKJSzKHrdJwR-egbEAE&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=0,685,1002,1208,1324&tos=0,685,317,206,116&v=20220727&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659103219674&rpt=226&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4E5 0
0 105ms
105ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=2795691057951708&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EE5F 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TufZNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
108ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=2795691057951708&bg=!VlWlVRHNAAacadVKvGk7ACkAdvg8Wpa9TMTurQGz41ts0zUPAsDV0-M4LJhmDW94YCtwdprAK9u4cQIAAABVUgAAAAJoAQcKAAu8NKxCoQbGQuxa45kCndH5XoeHAGWAeFL67AUphXmDDh7L_ouOBpEL7kNYlRVz63NtUQnViGkgiyascDRL-uvg-Zk6gT9tZlyWSSEoonTl73W4b2fyPXPx6zjqMmBARyneju1kTWQucneVliE5-n6dYrj3A-Y76nUiehQBmFYlVH--rpVRLqPtXpYzSYc9cI7c982T5oefGIQZ_WQH5G-lTCQeZqFc4zYJAeLY4waFmCDpgGiAbQeAJhgdU0DcBwyM60SOXs3X2zZ8AyJYAuNyjzX6OLP-V5SmZ4Ja7fz09iIlZbQZkXkp6FgcpdlHhO47L0PeiHLf9-NeZS-GKfEBSv2Hs6b9vM9OCku-l37j4X1Gny88apJn6Bq8v7gD9GTVWWeudMOjXYD_Un1SSt-7S8nHHasXRxKDkAoiVklYMDk9XOa5GsGbLw6FtOizst2HPt3RhksMv69Y7UW20g3kYn0VpH0z__ykffQs1iu2CEANeVank8G_QseJD7cUm2d0LmRJNEtDBqHkYbw4rka400MOw4_wUmxx2ixHK6J3nFDCOLxeW49AVojHdo_lPot-71JY_dr3UMmNaImq1ux9re7P-TtLvco3YQ6nm-vZFzNAD81cNa85gNTjScPSQmtDio3hDDKesOIMBAKCoc4EqUGFCvYs0pnnZZ7VNTXm6sWmhPnjimZQ04RA8eD5Wl1lqVs7JRbxI_6ly3eMhl1NzfciSLR2DfYmSgLKSY1BlQHkZCsYbWd8votjodX16YZuLxADv5CImnJDtLCLKYwfhUst6A1mOrvNnKaqKHu_s4zMa_We1Hx_OY7ZOxy3JEq-HT4Y7VoRE6rPVFzm79IIxOfl6n-4eF1Im6B5ExEJ7DgD1leFNm8pLXWfrsmy3Y1PUZRPIHPx82nVdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
robloxexploits.net/	1969-12-31 23:59:59	Name: auth.strategy Value: local
freychang.fun/	1970-01-20 13:30:07	Name: csu Value: 1317217546086783@1@1659103217
.robloxexploits.net/	1970-01-20 22:22:55	Name: _ga Value: GA1.2.2025273185.1659103219
.robloxexploits.net/	1970-01-20 04:53:09	Name: _gid Value: GA1.2.2000075674.1659103219
.robloxexploits.net/	1970-01-20 04:51:43	Name: _gat_gtag_UA_170951207_1 Value: 1
.robloxexploits.net/	1970-01-20 14:13:19	Name: __gads Value: ID=4558ff4531d4dbcc-22f02b13dfcd0018:T=1659103218:RT=1659103218:S=ALNI_MYBWYWBgmOrs6ru_l8cf0cent4DGg
.doubleclick.net/	1970-01-20 14:13:19	Name: IDE Value: AHWqTUmVEwQXwS2VuhqAmAtS0JbLfiNKZqBsKeg2bV1aiHiF93psBtB929bgPHAmlhA
.doubleclick.net/	1970-01-20 04:51:46	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
cdn.discordapp.com
cheatermad.com
chedstimaarr.pics
d3oy68whu51rnt.cloudfront.net
fonts.googleapis.com
freychang.fun
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
rnoddenkn.asia
robloxexploits.net
robloxscripts.net
s3.us-east-2.amazonaws.com
sapi.robloxexploits.net
tpc.googlesyndication.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.36.130
162.159.135.233
188.114.97.3
2001:4860:4802:32::178
2600:9000:214f:ec00:3:62b:d240:21
2606:4700:3030::6815:2dcf
2606:4700:3034::ac43:ccad
2606:4700:3036::ac43:a949
2606:4700::6810:7baf
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::200d
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4014:80b::2002
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
52.219.177.129
08de4774a914b51f747630b27570472e2691ab19a66db0cc932271bf5b1c822d
0f4e57b536259784052a2132c50f382f6bb144c55c5cd24e8b31f0c6bbe5d2db
11e5181ff4cf17b7600109fd8001aec01c53836ba0ce8d92a6becc6749fa4324
12a034d04873317b8e5350dd7eddf0aec800f2d81ae84cac26d896f67d3f1515
13e99ca1b80367835421100d03c0d6c98ddd02d88d50e6f52cedd30db925aaac
152f219da489510ee7e7622a60a90ef31afbab143d957442adb1f78450be99f7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19e9052bbfeba7f1eee9399874963d553bc554c1f7ebfbd0295809caf92f04c9
1b81502b702906c2cfc0f8e81a5341fbf63b2033de9b35eed3fb1f4c8c0f54c7
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
206e5c7991ada97f5774b71bd572d504096d81da601d330b0570728df319e8ba
278a43b67ab2c1cd09cd314c4e4517733b392879269e9763bcd1f0cc4b48aa62
369a6a49db93c6e064521a21f5a633f84c3169953ad0ba205a7b97b67b34e91e
36f4a133cc75fa860860dd3663e5b6147c13b2973528706345a4d13269bf66d9
387fb9ef8d5d6ca50b902dcf02c4881b1317c780726ed29372b90cde6cb21c97
42570a670f67a9f171bbec15da66f3d2cbdf3cc4b5cb8b546f9278809a03e4a1
43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35
44e7ca8a4c249be4e868a95163b4d86912b807e871f39a50a01500e6dca45fe2
469e4c031a7cb66429b730d35318b5f3555cdc467bde7c6745aa2c3c412475f4
4773de38bb1e22d9615c06959965d9eed4046d7de8232a47668efd13ff0fb73e
47cccd57deb2e51ef0359e10512d66d16b3bb10ea9264706ff92724cbe7f58be
484b4673d27f5169b3f7a618582e690e9f2053f8cf12a8be0ef77a3ed64fa057
4995daae2b79c3449402d59591ff3b9ad618be12f7faf2412c334438ee467db0
4b0d157c4ea23f4392a3fb4d1f2b0e3292a9d60809219b912cded188650018bc
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
4ce5af5b0ba07c8704e9d7d12e9ab2d535ce88476ea34ca0ca208e92e66e6890
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55670852df03bd1c31cf6a51c0e81af8f330f835eb2130c5c1f34de00ae2580d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
5936517d0167560d14a4f82030ca71812bed28bd49203de805ac8906e549a790
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5ed3b04635bf8fb375aa173d1371734d07cb472a5cf495bcb65e86f0c6b54356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6286b1170e5014e191a04da402addc2b41d047461887e173ae0f1369deb76b29
69d3dc9d9e4a99a93fb4f31e300a2506a80bbf80e5bc4ca88247c130d2c51bb2
6a5a403af32c95c65ca17bbe042ca18a7c581f5d77b375295492b3a68e3999de
6b37ebd9a70cfab52ef04bc256230494125daf53dad5d6facbd6fda42cf21eed
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77193286bc4db44dc90a6f5dd275573c117394e7f0de7cf9679178e1b588c86f
81c0bed2642566f44b5175ab2b669ae66d255dd1da31739e8ef19fcbb629f1c1
82967d6ed6a7a3224755f0fff13250134d933562f56ab032ac3e6d5c5019f308
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eabb3afd19d809c6d3bed9bbf48216965eaa51a359787386b78057217bd63e5
946699809e55837d18f050e2b1119c5bf3b57cf358cf0bb2d6fa8b9be0c96c07
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2af9b2bd531431b0ce48639f213f446ca3c289661ed3f9c90684c9c55816c23
a44119507501add5c3071d961e28f2c4522572dd68fcb2588092edced4a71ddf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c42418fc441ec645e218a11442c22ffdba09863f68ed8de3387ebcf009598d
a6107b952d5b0034cb65b28048e9320d5a7d171e0bb572024bca2f386e102cea
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b8fb493d62a6bbedc80908d6016d6c556ce3576d9366523e1fe8a9265ed6e6a9
ba82f0aa82d77c1ee1841958f6580a5c9341007008039eb844938a96fc0001e7
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c406d7a0ee4f18e3651932027da7b8280171e76c42466e44da48530a2ec0b37e
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
cbc98c6bd67b93c2771347b78dc879dfc943daf402102ece567d7c565fa4ce3a
d0452cc7bcefb2c8ae6db41d80640db4ec93a6d1b39d7e68b988169239a46919
d8c261e247ed151c101972ffd204c50e19438d7e12ffe33a4d8a57f6e07d3712
ddb731e256825f477354ebbd124730d2e8f91f683d1ae37feb7100d83439bd26
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e09ae6bc007d831e5fca3b3772d06f072d082d45d441af143e1e00fe5dcc8012
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a92dda1c8fc625dc0793022d4b1945a51e7193b5face98068f025df0c1bfa
e58aacc560f9d43566d184c2ee69ad8efc9d820f762cfe5e4441d220927cb12b
e9298f8c535eb4e0098c0f5703852fa08dbef7b93eb1a18e38c301b8769ba5b9
eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32c109e490a356a57ad4d3b998bb9ece8b36e1a2c4ee6f4a2948b9dcc561f8a
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
ff2f479c2fb175d8cb3a6ddd52107fe17e71b8ae35be758923450a72be18bb25

robloxexploits.net Open in urlscan Pro 2606:4700:3036::ac43:a949 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

83 %IPv6

21 Domains

25 Subdomains

25 IPs

6 Countries

10349 kBTransfer

12471 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

robloxexploits.net Open in urlscan Pro
2606:4700:3036::ac43:a949 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

83 %
IPv6

21
Domains

25
Subdomains

25
IPs

6
Countries

10349 kB
Transfer

12471 kB
Size

8
Cookies

104 HTTP transactions
1 data transactions