robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://robloxexploits.net/
Effective URL:
https://robloxscripts.net/
Submission: On April 02 via api (April 2nd 2023, 2:14:10 pm UTC) from US — Scanned from NL

Summary HTTP 130 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 130 HTTP transactions. The main IP is 192.0.78.139, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is robloxscripts.net.
TLS certificate: Issued by R3 on February 18th 2023. Valid for: 3 months.

This is the only time robloxscripts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.0.78.139 192.0.78.139	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2600:9000:249... 2600:9000:2490:a00:15:9ced:b8c0:21	16509 (AMAZON-02) (AMAZON-02)
22	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	162.159.130.233 162.159.130.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	172.64.173.27 172.64.173.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	13.225.78.108 13.225.78.108	16509 (AMAZON-02) (AMAZON-02)
8	104.21.42.211 104.21.42.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
130	28

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.78.139 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

robloxscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:a00:15:9ced:b8c0:21 (United States)

ASN16509 (AMAZON-02, US)

dlh8c15zw7vfn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.130.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-108.fra2.r.cloudfront.net

peopleshouldthin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.42.211 (None, )

ASN13335 (CLOUDFLARENET, US)

admiredinde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	wp.com i0.wp.com — Cisco Umbrella Rank: 3491 s0.wp.com — Cisco Umbrella Rank: 7474 stats.wp.com — Cisco Umbrella Rank: 2973 pixel.wp.com — Cisco Umbrella Rank: 2697	546 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	342 KB
11	google.com 5 redirects accounts.google.com — Cisco Umbrella Rank: 87 adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	5 KB
11	robloxscripts.net robloxscripts.net	194 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 pix.eu.criteo.net — Cisco Umbrella Rank: 9255 csm.eu.criteo.net — Cisco Umbrella Rank: 7853	68 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	58 KB
8	admiredinde.com admiredinde.com	2 KB
8	peopleshouldthin.com peopleshouldthin.com	9 KB
8	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 24393	403 KB
5	cloudfront.net dlh8c15zw7vfn.cloudfront.net	182 KB
3	gstatic.com www.gstatic.com	23 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13528 ads.eu.criteo.com — Cisco Umbrella Rank: 7796 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9585	45 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 14602	818 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2408	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1034	26 KB
2	robloxexploits.net 1 redirects robloxexploits.net	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	610 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109
130	20

	Domain	Requested by
22	i0.wp.com	robloxscripts.net
11	pagead2.googlesyndication.com	robloxscripts.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	robloxscripts.net	robloxscripts.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	admiredinde.com	robloxscripts.net dlh8c15zw7vfn.cloudfront.net
8	peopleshouldthin.com	dlh8c15zw7vfn.cloudfront.net
8	pogothere.xyz	dlh8c15zw7vfn.cloudfront.net
6	static.criteo.net	ads.eu.criteo.com
6	accounts.google.com	4 redirects robloxscripts.net
5	dlh8c15zw7vfn.cloudfront.net	robloxscripts.net peopleshouldthin.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	pixel.wp.com	robloxscripts.net
2	cdn.discordapp.com	robloxscripts.net
2	use.fontawesome.com	robloxscripts.net
2	robloxexploits.net	1 redirects
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	robloxscripts.net
1	stats.wp.com	robloxscripts.net
1	s0.wp.com	robloxscripts.net
130	30

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
*.robloxexploits.net GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
tls.automattic.com R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
peopleshouldthin.com Amazon RSA 2048 M01	`2023-03-28` - `2024-04-25`	a year	crt.sh
*.admiredinde.com GTS CA 1P5	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://robloxscripts.net/
Frame ID: D49C3057866A33985CDFFFDE39C9DBAE
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 40DE84C1CCE8E42C2C9ABEDD2F07BD1B
Requests: 1 HTTP requests in this frame

Frame: https://peopleshouldthin.com/ZG5QMUIFDDNcfQVTMhc3FgJtFHAiS2J3JggGaFJzURQnBjQCAH5SLgsbNFcwCwAkHywBGnUDBC4NF1kIMzY/ZQAdDXUDBDY/AXMOMzwUYxRVWjFaNjMvOl5wIi8SZw0MOyB4NTFaHlhyLDk3aGdWKAFLKQMMKQEDIigGBCQcNwJzK1EFCHMXIyU9Yw4yCTtFDVQKFWUoVB4WYzYyIgRoASIvYEQLJSMXdAVcHRcBciIkOXwWLC8BXiQhCWJpFQAeCAEIPTcDBRYsCSdcDgMCBmYsD10UXRQFCwdZCTwCOEIjDgYGZiwPGxVJdwEICEkIKQVhBiM1JBdpBUksaGIHJSQfYikzKAIJMSsWFWsKIxYiYQcyDDZfJi48OwB1BTgZUwMgXmB3LjIPE186LT8RYCUpBmlnFQoFdQMALBYddQgKLDZgLgMfHWAlAiwDSXo3KgprJyMGBWAHPlYydDogPD5ZNjAoBlAnNwEydyUPWR13eyciPkkzMDhlUyRXVgBlFAgWMloqJTYYRTIwOzxSJDNfG2MuJUg6Qi0KHm1CDjc9PUAtMxlifiRdJxg
Frame ID: 5E65A6D4ADB7174E333DE0322C7C7F6C
Requests: 2 HTTP requests in this frame

Frame: https://peopleshouldthin.com/RzFXMTUmUzRcCiYMNRdANV1qFAcBFGV3UStZb1IEcksgBkMhX3lSWShEM1dHKF8jH1siRXIDczd/AXdFJWQFZmUgUhtUBQIFE2d3fnAQY1AQaSBlej9eFHpeEUIeSGA9ZRRkWgtJM2NRPwEPeHQvWQNGcCtmLWtgFEgRU3grYzRoWRYAFAB3MHQuZG8GWG94exZoAXhzBgMSc2Q+ZQ9SVgN5O2hlL3wSenMsRgN3DQRwHwhvFHkOd1AVBRJ6WQIUZXN9LwQ/cwcCeRBmcA9oAVlRJlYBAWIuCD9zBwJUFXJaA2sCSVAFWRVbYhVnLnBtL3wPAmcSeAUcXgV4AngFBEYORWQfYzV6BgJ2DVpRIlI/c18QZAJHbRRkEnBiAnkSWk0hVRFaAQZWP1l3dXQYcnYjVAdadw5VMGRMBmNvQ2IDYxppQg50DnddA1UVRV4fdyMCcnVzM2YHAnkOY1oKeDtgXwZ0PwNWdWM2Zlgodg0BDR5UBmNFH11uAXQQfw1mW3dzDWcEI1IwARMtQjhfRXp7H0ZMM3AVYlE
Frame ID: E39CA912E233A001C48F8B27D4D012CA
Requests: 2 HTTP requests in this frame

Frame: https://peopleshouldthin.com/Q3JPOFkiECxVZiJPLR4sMR5yHWsFV31+PS8ad1todgg4Dy8lHGFbNSwHK14rLBw7FjcmBmoKHy0WI1BtJ0Eebhc7Kx1rLgoKB30pDSN9CRgSJwlpFCQBFn8+GR4CQj46PR4NFgEIBgwfOjc4dSEnAQ5UHAI2C0AfEUMGWRYRKx5rDwJLCVALCSB8DAMGChV0OwVGC3obKAgdaRAiNyUIPAsaIGwJBUYMfgwwQwlPaSc1JWkDFhkWTzsVKAdtDBEdGnkYJzULTwECMytsOCgVFXkfDQMcfQMGJQhQPRE2FWw4KBUOcAsrBxt+Ews8BwkSEQU3eTsFXwlrCygrensYICsKQWEnNB0APw80fn4UKDw9bGgvOh5waAggfk89DjM4WR4FPD53aAk1HVIIEToNfg0iGShpHBEnNX5odiAdfz4hOjhhAw0gfmsLKTA/awwZEx1WAw0jJHIfJxkjfAgvPD5rGBIkCnwyCDojfhwLGX59CHIaPWw1BjAcCjUCIwpiHiE3P3AIc0s8bBwNNx5/GGUYPFc3M08Edx8MJHlIHw09Fn8eIkY1
Frame ID: FBC643E23FD8628B37C9CA3AC231DD6A
Requests: 2 HTTP requests in this frame

Frame: https://peopleshouldthin.com/eTJiZncYUAELSBgPAEACC15fQ0U/F1AgExVaWgVGTEgVUQEfXEwFGxZHBgAFFlwWSBkcRkdUMR1mJSA6IGYvEDMQeyoiMx57KSAAMldTDlJLcDc3AwhxGF44IWYaBTgBZBM2IzQHL1QiH3kzMD8rSDsgFC93NC82OFsgAUIIcCEvND1cUy47KGQwBSEvQyQzOhNxDCMiIWEFIzweWgYtJi9DJCA9AXYhKxUuWyMoOyxjICUbK1s3NC1cACAzIChlNQ8+P3saPDYYZCxeM0lWEjNEAWMjVD0rUzQsDxhkLF4xFV0LMEQRdyMnQjxUDiA7HF40CiU4dFonM1RFMD4OEmUpNzkgeDAwBywBNFMiF0YyJz8JdwQKMht4FQ1DPXRbFiIOCycnLw58KDcHLlM0KE87XjsQNBB8KyAZTGAuERs7exURBytzJy0iMQMzLi8BYgcwJj9UUl9OL2M0FiJKRTEzHhZzMgEQLlQLAkIsVTAPIhdCKjQZP2MGIC47VCQwUktwNzclSGQ6DiE4ARI8URNBDQgHREUWPwYrRzAwJDF7
Frame ID: F4AA2D0DAEA33CA6B0103C4D170FB649
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1680444674&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842969&bpp=12&bdt=514&idt=341&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7067503595945&frm=20&pv=2&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367
Frame ID: 0A086AFD67122CA8887DF6EC4C1CE156
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842981&bpp=3&bdt=525&idt=362&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kwDkD5z4up&p=https%3A//robloxscripts.net&dtd=367
Frame ID: D313F7256A1AB1BF86805FFE32E030E5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2681833890&adf=2981778012&pi=t.aa~a.2191923801~rp.2&w=1170&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1170x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444843870&bpp=1&bdt=1414&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eef34f5f71f0cbc-22b0bb407edd000c%3AT%3D1680444843%3ART%3D1680444843%3AS%3DALNI_MY5XSajRhshNUZzHxjVhlEohG2guw&gpic=UID%3D00000bcf4f3795c7%3AT%3D1680444843%3ART%3D1680444843%3AS%3DALNI_MbU7mSBqr1TfH0XrW6WScOf1njLoA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IIzM6jhu1n&p=https%3A//robloxscripts.net&dtd=9
Frame ID: 009AFD9986EC299E234CD91AD247166A
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCmNqwAG70AFKPjjAAG5oDfu2_7q_lICqY09_g&u=%7Cr2vxigZXMG8i8cdHSbA6%2Bs%2Bab2C%2BLLWeuxwXR5cZFfQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPnGOmSqSG4eCj4olmutZVpbdnTLYPO8H3L8RqUsBzlsqwgYg1mmwQjLa539ugmx_1VjZz1PS12sddjPl5UJU-PzjTNqVLMoBjtMVoXtEd75rMi9ofDhaNHGqfyvax2YnkUBM7VFRweiDj2RPUM1TKwOqnYUjr_hv5SBswpxlltFlrdoBZxazY4SmCg1VF51hQCkW-atz32Uqv6A3bJI47iIwB1jnZZ0179--wTKL9Wu28STvEupLMisgQF9dEO6HGyuSVqjqThc-R5BBD_dtkFkHQuVs2UHNELkr3jZJUrIAXukvFkcZMbyUBBzDXLg2n0VzGPVCRyMOM7DJCcGLJ3DgW6agvBG-tsqxQabFON1lvbLjHnXw_NANsOYqvNpVMqP_M53JZ8IB2iNIy8o04k-iSukEfwZUHKVEWuJwUPYeF53D6XNuUMk7XjTDub7SRTlxUOI3gTbbcpA4BkylcABRDPpjnKKlRpReJRLK63gxGgFahs04rLtMt0RFRmyqEY9nPMoqHrhEMxwR1igok4vEeSxza1i8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaxEWq40pZMDeG-Pxo9kPoPOGqA7JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjQ5MjU3OTE4MDQ1MDY5yAEJqQLnoxjtiS-yPqgDAaoEyAFP0J9KZdkjeGnJnUT0W_zWjWG50VR9rHF5gG9E0akHtq1_eGBT92EvI9zWBIeDWePqEK_csJEL2LwXUHvasvZCY51YVMOTpZ878LKFVIZP75bNKX0PwLe0PEsMStkCw85AJhMxJs5E5MxDnGimNteA9lRHGhqQ7BGu8V4CS6Wrf7mgdemN9a4gHJalC61SXV4YXREi3z-kaqmVQoNleKRXrrdL59-W40JLk1hPIgnwwcu_xHGM8PZ9akdTrEkktkYviNlxigpjS4AGpuLh_9bAirWIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1KLYyccEDQTmR8hJmhpfVDfJcC4g%26client%3Dca-pub-2249257918045069%26adurl%3D
Frame ID: A1186196669D4934C2000E24FDDE7138
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: 27D4A2B3A3CB5702900C52B78F4DEC51
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C93E5AEAC265DDDB214358B32FF93542
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
Frame ID: EB893D28C7E855CD72831D437438E768
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D499CA9B7C295902D4FCC18AAE72484
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8EDF50D7FE8216D99F2623619A3BCF02
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Scripts - The best website for Roblox Scripts & Executors!

Page URL History Show full URLs

http://robloxexploits.net/ HTTP 301
https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

68 %
IPv6

20
Domains

30
Subdomains

28
IPs

4
Countries

2004 kB
Transfer

4196 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://robloxexploits.net/ HTTP 301
https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://robloxexploits.net/ HTTP 301
https://robloxexploits.net/

Request Chain 38

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7RaHTIGv1dGK6-pXTfuzhsncA0Lm8Dofc5e91ULt87BivVR_i4xOMpOtGzeGJ4bueDwrfSfpA HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-33159685%3A1680444843062422&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Rr7LYO4bx85sTNq5zszDld7n_may1Ss2KHihZsFUELRIQtXS6FI-BlFzaydG2LC2LSeJtt&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 39

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7TSSewWzw-Ktrnfkn-AY68ZfDSFQGQ6kX_y61AHPVUlSYO6E4itgkLkNJzjSXSGrHeTYao HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1609978214%3A1680444843098134&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TWEHiZUrUHsyMD9_gJm5qqoiedhC_VV6Rj-aFLYS3-2wAFJQtpE2cUWOC1SWcV1Qu376BD&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

130 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
robloxexploits.net/
Redirect Chain

http://robloxexploits.net/
https://robloxexploits.net/

353 B
701 B

399ms
340ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b19ad04aca3b97b-AMS
content-encoding: br
content-type: text/html
date: Sun, 02 Apr 2023 14:14:02 GMT
last-modified: Sun, 02 Oct 2022 13:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InsVLooibUCVhmr4Jf%2Ft%2BvOPhS8TIDPgHxT4znQW6Otb7TQLL9Gw25iSNI5yb6hdC%2BFjwPnvW4KHx4fm48wJXnde5r0LO0B9Ven2d1D%2BZ1r1nv0ttqlnTpzcaCoAWhrmOWCNtDLPs3qQn5m7FGByz8E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 7b19ad040dd6b8b4-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 02 Apr 2023 14:14:01 GMT
Expires: Sun, 02 Apr 2023 15:14:01 GMT
Location: https://robloxexploits.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaRTAK8Xy8hlwdxidcBi9Hh17i0qeN6Ym48latNakbk2X4kiKdhv2%2BISXkk%2FQoQyq1Li9lPDdd%2FQ84n0g5H3BWl0tkt29A9HwfdjApewDLNaLy3oMVTo0r7MtnPj5w%2FwlH3hewC5yhnJBsg%2F8et6%2FDI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
robloxscripts.net/ 126 KB
30 KB 242ms
167ms Document
text/html 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f67169d6d088015e27c05032d62da4f3637c1be1b9d1cabcbde80d3b5842b581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=132, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 14:14:02 GMT
host-header: WordPress.com
last-modified: Sun, 02 Apr 2023 14:11:14 GMT
link: <https://robloxscripts.net/wp-json/>; rel="https://api.w.org/" <https://robloxscripts.net/wp-json/wp/v2/pages/299>; rel="alternate"; type="application/json" <https://wp.me/PebEFq-4P>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 5.ams _atomic_ams BYPASS
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-nananana: Batcache-Hit

GET
H2 200 /
robloxscripts.net/_static/ 439 KB
64 KB 189ms
186ms Stylesheet
text/css 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

729ca28d20f1c7fbc11b1896ecd671ef7be9e732781f03b2d33efcd285885e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 31 Mar 2023 19:30:45 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"af848b9da56cb036ec159650682125d5"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.2/css/ 99 KB
21 KB 93ms
34ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/all.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NB8JP726WAFT1SM3
age: 1233144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ppbmlTCPe5RJsVl2HrTaw3FTOkYmAHm5UztAE4P42ujhln/9rsfSc3s3HGfULmeCIyy7IlFzHsU=
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
server: cloudflare
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yemUcmlCgmVwwZdZYcd1GsMvV1z33TmxgufQwUnAZ3YQ7080x6kIMQSJqiCitOtx%2BAubvYFh9WjaJtQg6jXtJ26CQCo%2FNiE6RmXwfmWwfdffXCcdf9RQyJmUrAdOuYh4DH63n7bp9DAr%2BqkYhAkL%2BVq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b19ad09eac60a55-AMS

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 99ms
41ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QR0VTW89N4TWCTVP
age: 283530
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: whckH96aAG2U4839IfnzSFwdHztT/+ucqEL6UPMOqD0oPU2UkO+otr6JbpNBQzluB9PYXfwFOjSg5mhNlfyXmg==
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
server: cloudflare
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbXU%2BC9x9hhfu9aqGvTP0er4MsaK3VIPzwoKnGqEEC1JEl%2FfDZsBxjKcnF%2BjpI96iBWZDZ7ZuvxY%2BjIIlf%2BnnVWWf%2FYWAq2jQ0oITCiWfNllrjI%2F8uXFSifFgsH%2BJQCMwnhxXb4e7RpI3jKNMjn5YAmV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b19ad09eac80a55-AMS

GET
H2 200 token-bridge.js Show response
robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/ 10 KB
4 KB 156ms
154ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?ver=0.13.0

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5891c67601020cabaf90ed5ddda027b085f57af3ab6c669cdeadd85ddd1f62a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 20 Feb 2023 21:09:24 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
etag: W/"63f3e184-26ca"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
robloxscripts.net/wp-includes/js/jquery/ 88 KB
31 KB 165ms
163ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
etag: W/"6408d5ed-15ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 18 KB
6 KB 162ms
160ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1675717155

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5f599b949ea5d982ae3e387d454c4cbc1295dec9697180267ffd563ff20eee17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"a95ef286d19d6474a3b8698bb1250bfc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 169ms
95ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92ed922d41ec64a53c890015a86b67219b062ac45e8935510d6c3ded5dfade13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48490
x-xss-protection: 0
server: cafe
etag: 16854915264094044592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:02 GMT

GET
H2 200 / Show response
dlh8c15zw7vfn.cloudfront.net/ 564 KB
179 KB 165ms
54ms Script
text/plain 2600:9000:2490:a00:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a00:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c3dc82de7b7b0e1d9d677e2c93e4d510dbd7aca98a56ae55d3c4a5dc63b756e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 13:55:40 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1102
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 182699
x-amz-cf-id: F_Thv1ARG_w8I6FsVpaXs2lHWBf8FvReO1ldpe9QfMJt3l1aAsyIZw==

GET
H2 200 625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 1 KB
2 KB 92ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp?fit=705%2C396&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0c301dc66ca221e1ff5dd32596a27b436ce626deab149e66b2baab3251bb09ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:03:25 GMT
server: nginx
etag: "5981bd0dc6778308"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp>; rel="canonical"
content-length: 1346
expires: Fri, 21 Mar 2025 05:03:25 GMT

GET
H2 200 625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 1 KB
1 KB 92ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg?fit=1200%2C675&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

84cf62a36645e4d32ebc59a22c7b669efbb64fe46fda77b752662dfb79cf8eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:21 GMT
server: nginx
etag: "726d2c2c5c703269"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg>; rel="canonical"
content-length: 1178
expires: Fri, 21 Mar 2025 05:04:21 GMT

GET
H2 200 ezgif.com-gif-maker-2023-02-02T003653.527.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 904 B
1 KB 92ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-02T003653.527.webp?fit=1200%2C675&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d309c0ee6e820f9b45cdf88cd79e58e28d8973a6da13cfa427ad75529ad46c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "e08e8b40e5a7c023"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-02T003653.527.webp>; rel="canonical"
content-length: 904
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 Capture_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/04/ 716 B
882 B 92ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/04/Capture_16x9.png?fit=875%2C492&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6c0d57d86670285a7f29129e820a6576208b5c6dea894a56e7bb240fe477f289

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 02 Apr 2023 03:22:34 GMT
server: nginx
etag: "60b5b82955aa3dae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/04/Capture_16x9.png>; rel="canonical"
content-length: 716
expires: Tue, 01 Apr 2025 15:22:34 GMT

GET
H2 200 kiwi_x_thumb.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 856 B
977 B 92ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp?fit=1200%2C675&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

525222732848000d7e9a744bbb1b0c3ca36dbce4dd7bc44ae346304d105f2b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "460b6f8e314e125d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp>; rel="canonical"
content-length: 856
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 ezgif.com-gif-maker-36.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 1 KB
1 KB 113ms
49ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ezgif.com-gif-maker-36.webp?fit=1200%2C675&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9adf3bc5bffd46e75b6133c2fbe8ffed320f3d3764bb85cad36de5738f0020f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "8de574ee531d0700"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/ezgif.com-gif-maker-36.webp>; rel="canonical"
content-length: 1122
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 milk_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 1 KB
1 KB 27ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/milk_16x9.webp?fit=916%2C515&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f8e28de2aaed90f2ac69d51c5b2c951caa476dec71c621b7b464a7cbd978737e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "c207d80aa45fe450"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/milk_16x9.webp>; rel="canonical"
content-length: 1342
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 image_16x9-12.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 738 B
858 B 28ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/image_16x9-12.png?fit=779%2C438&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0c963a5c78c1dbde226771055692c6f8d456e293216cef6ed44db48d3ecd1443

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "5d706e796a06c15f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/image_16x9-12.png>; rel="canonical"
content-length: 738
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 Zee_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 808 B
934 B 29ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Zee_16x9.png?fit=711%2C400&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3d9d8999b53fd90eefc8e8e2451d958266d841cbeb20ac009b86c5709159f462

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 17:04:23 GMT
server: nginx
etag: "f0dbf2ae2d6d6289"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Zee_16x9.png>; rel="canonical"
content-length: 808
expires: Fri, 21 Mar 2025 05:04:23 GMT

GET
H2 200 Entity-Spawner.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/01/ 234 B
411 B 30ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/01/Entity-Spawner.webp?fit=494%2C278&ssl=1&resize=40%2C40

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e3da66758ee51b7f1dfe7a7488b5351e18dd5797838f5cdd5bd67ba58083d582

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sun, 02 Apr 2023 14:14:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Mar 2023 23:05:22 GMT
server: nginx
etag: "1951b67c2ff0e5dc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/01/Entity-Spawner.webp>; rel="canonical"
content-length: 234
expires: Mon, 24 Mar 2025 11:05:22 GMT

GET
H2 200 discord.svg
cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/ 1 KB
2 KB 111ms
43ms Image
image/svg+xml 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/discord.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 622878
x-guploader-uploadid: ADPycdtih_8INMN7RX3uOYGhOc1uDGJkPaSKS8mz2b5oyJbQ_FBppjA9BxZO1dnBPzb9VDCzAeZqXX0xofVNahHiucSftpkU07Ms
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=discord.svg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:56:01 GMT
server: cloudflare
etag: W/"ff7fb5235b904fea50cedf072826782d"
vary: Accept-Encoding
x-goog-generation: 1661954161504978
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=Mb61zA==, md5=/3+1I1uQT+pQzt8HKCZ4LQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1wwA11J%2BVlwE3PzSapay45pQOI8MNGBgEW6vYza5RxFF15Lhq5A2NPfsla9zM2IDPaF0iQwHj3R3z9lO1quh2MLmUPJM8D%2BXyGLH93oPEY4FyXMT2Anb6eAhMZc8C8vu3I3tA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1270
cf-ray: 7b19ad0bc857b98e-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Mon, 01 Apr 2024 14:14:02 GMT

GET
H2 200 icons8-youtube.svg
cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/ 702 B
1 KB 113ms
45ms Image
image/svg+xml 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/icons8-youtube.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 622878
x-guploader-uploadid: ADPycdtRSkbLR-BVf_vSDmzZ0thmEobf16jb95UvbYcQtUYpFpi6m8zFYrTVW9Pc_Xerd7DnKp5PfKtYh6m-fS7AI8Yhp64nO7vo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=icons8-youtube.svg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:57:21 GMT
server: cloudflare
etag: W/"382c3ebffb19403d05359a5ec7554298"
vary: Accept-Encoding
x-goog-generation: 1661954241540175
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=mHmx0g==, md5=OCw+v/sZQD0FNZpex1VCmA==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri5VZqCbtE6tboyMJ8lCROTkCJjnyvIZZ9%2Fzbo4%2FMhcV4Ryf07oLIHJopyGjXaltDB%2BIEbPRn4eyG5SRUvdzFseW96rrgLk9w%2F%2FoykUDdE4yNwg%2BR7GVnm0vFg%2BU0inDTVp9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 702
cf-ray: 7b19ad0bc859b98e-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Mon, 01 Apr 2024 14:14:02 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 7 KB
3 KB 92ms
24ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202313
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
x-ac: 4.ams _dfw MISS
server: nginx
etag: W/"63bbf1d2-1a69"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Mar 2024 00:00:00 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 102 KB
25 KB 161ms
160ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytktFOwzAMRX8ILxsCBA+IT5nSxOu8pk6I3Yby9WSsiGpoCBBPSRzdY+telwQusiKrSWFoicUcUJN1ndkSO9MMFLxJ+6iR52PVE68OclW+Suc3jIRF4HnAPIFlD54kBTtBiqKQbIsmDU0gZ6wIam1ZpeMFZi1pRvbE7UkvgTzmd24h36IuKEWTFDjBz3i6xx7FMDFCE2K7rUPZJqBfyKWjBIG4g110g8COXv5AYTtSa5XiuU0/Ede2GvsLXnxEM5/bsfoSs7FDlVjVauj8A8G+TkB9tVpM7aKGKikLuuNYEBvBPGL+/zaLwuU8M0qKLDRivbrjwiyCXcZRU+y+WbdfoEpKYt3nZjz1j5u7+/X1w2Z9c/sGRUgnxg==

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8f74583882ff0305c98aa4ad45370838bfb68e46cb5f286afa7074cb8bd219c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 31 Mar 2023 19:30:45 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"335716fabf6bfe51708c5cc873bf6415"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 e-202313.js Show response
stats.wp.com/ 9 KB
3 KB 97ms
29ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202313.js
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams
date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 25 Mar 2024 01:33:07 GMT

GET
H2 200 wp-emoji-release.min.js Show response
robloxscripts.net/wp-includes/js/ 18 KB
5 KB 156ms
154ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 5.ams _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 100ms
32ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 02 Apr 2023 12:34:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB%2FqmrbgprIxdENqyAS5d%2FdHX%2BWvDG%2BK8d4YhPa0LKlGTB6isHBMkSSiDffbs5sqzBxC4uhiDQFc1RKxTNJ1E16rihgQyKgqE8bETTgCaHTh7LfGVe2LMOjXe2L%2FSeuD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f6d1c92-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
358 B 276ms
208ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a57a0890de8fde70b151bf015b90192c7780426048069d4bbbaf1ccc51a59c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4O0yG1oWZob%2BHhhm8mGBg7OZZZHw9w4uNlAEntJ7VdkHPDB5EwcIa%2Bgvwt3NlDmICBp8RcC0fh0qjgoXgd7l8GWJRBqMnQwMNGmt2IMKW%2BG%2BFUf%2F4Ap3M%2Bo%2Ffcc%2BRK2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f6f1c92-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
peopleshouldthin.com/ 0
540 B 222ms
134ms XHR
text/plain 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/utx?cb=FDEZNoAL4LBQ&top=robloxscripts.net&tid=955131
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:02 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: A8-RqIKIOPXMrJ1Pi4ZsTIt20xzhpOSM2UaRSyJWxf_YjPWBIemKDg==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 123ms
62ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 02 Apr 2023 12:34:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ogLib4BKAM3S5K2h1GlDXKsmre2ekrWPPKs%2BL3dXH1xrbvXt60INGdH1DIQA4etzgYV3kh7Zr3QgA0O8HBrSra2ybLFDQihqkFT35Ewb94z1a6J3jE4ZGevLd1coGNC"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f701c92-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
349 B 269ms
209ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8576b2ea463d7825253e47afdb1a9f52b8bb879fe449b0ba2967a9d47552b212

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C90jgIuoNpbKDmd1Dqg8y9o%2B4d3ooK0eUcHcLYTe7jqm5km96Fs8kqwqyRwTw0fDqWOVFCvNVLNJsZbwuhkDjTdlB07kl5ZA0rMtpXxRW5JeMRwO%2BskhZ3Qkq9r6SyUU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f711c92-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
peopleshouldthin.com/ 0
538 B 219ms
137ms XHR
text/plain 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/utx?cb=cNyO4C40daE5&top=robloxscripts.net&tid=955748
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:02 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 22P_mdayVBOCrpb_79fkrh4W5BJoYCqwgB886FRjM6Q599ESJ65-KA==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 114ms
61ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 02 Apr 2023 12:34:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl6rvqD%2FkBSpOeKli2lOievKmQmu6p6lxLthMr1ctoGGYVA0cY3rD8XApYI%2FWkeefwrG80fsknyp3oxRKjHrZt52DwS6CGuVnF19y%2FRaoAPGkSoIy4YHYo504i9uMKxK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f721c92-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
377 B 183ms
130ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b61b9e35ef05dbacdc0115a26c447f904015355129a1d7c4422cd4b5f41889

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDCiVzG4LvjdeV2bleIdfEGmfkNk8IaPMAzBh415wYoPt3QiLfJWccz%2Bgy%2FVRNWi3BPKCq7onmSEWITVk7VTeknfr2B%2B0cgPVfddzWbI3uLzVwlanCE1klHhcERxaz6k"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f731c92-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 111ms
62ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 02 Apr 2023 12:34:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dhH0BjAvJr3sd2Qg6AMH7APeH32rSEeERmYMUIvkaUKOfvYFL9RMmqV6NJ37NFVfeZ34RYtgG4pXr2GMW3GGfeRmnrB7lANiPet0BAUprNLyIRsxbqtbgiYpaFAuk%2BW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f741c92-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
347 B 180ms
131ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175a26031246bc664e5f8531be5926a33957da2a4d54052716fefc5ff193eaed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyzbtRI%2FcUY2lSw3DmfO6V0NJAFZs%2BV7SUB3vevAs6w5qOFB3IMJ07OwzLSaLqmL3enbFfSysBIXshn79PWPK1xgmGeAE6e1YKaq1NX4scRa3phF9QL8VcaaJMZwHjrw"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7b19ad0b9f761c92-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
peopleshouldthin.com/ 0
538 B 204ms
134ms XHR
text/plain 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/utx?cb=tsZRT8mjMINM&top=robloxscripts.net&tid=979208
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:02 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: dybH19BsUjJG045dbyaMlP_wPMRw33BXCGEhlWjGwoLiLapAEeyD0Q==

GET
H2 204 cnlaSXpdRjk6RxETGBwvQh0cC0g4CzkMOzMjDQsDIR4QJCAcOHw9ExZEY3xPQ0prbwobHWd4XAENOz0PAURrbxMcHzV0XAREa2dJRldpe1RAXy90S1QNKigdT0h8OQ4GFWd4TEpJbn1OSk1ofklC
admiredinde.com/ 0
244 B 203ms
132ms Image
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/cnlaSXpdRjk6RxETGBwvQh0cC0g4CzkMOzMjDQsDIR4QJCAcOHw9ExZEY3xPQ0prbwobHWd4XAENOz0PAURrbxMcHzV0XAREa2dJRldpe1RAXy90S1QNKigdT0h8OQ4GFWd4TEpJbn1OSk1ofklC
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqqRNNIM%2FOeja7Cc0YYGV1bNHFZehcbQgFY5tusDxBa8w4qZYn90KyROCG7VG4utReyCqTewA%2BgfLtAmz7A3x0QRrQI283r4ZEVeOP8eZwcsJlqFSOw6aYvp49p3iEpzbLw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0c5aef0e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 209ms
138ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7RaHTIGv1dGK6-pXTfuzhsncA0Lm8Dofc5e91ULt87BivVR_i4xOMpOtGz...
https://accounts.google.com/v3/signin/identifier?dsh=S-33159685%3A1680444843062422&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Rr7LYO4bx85sTNq5zszDld7n_may1Ss2KHihZsFUELRIQ...

0
0

248ms
246ms

Image
text/html

2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-33159685%3A1680444843062422&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Rr7LYO4bx85sTNq5zszDld7n_may1Ss2KHihZsFUELRIQtXS6FI-BlFzaydG2LC2LSeJtt&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Server: 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-EI3PpI1ZZdMb1xhpkWZUaA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-33159685%3A1680444843062422&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Rr7LYO4bx85sTNq5zszDld7n_may1Ss2KHihZsFUELRIQtXS6FI-BlFzaydG2LC2LSeJtt&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7TSSewWzw-Ktrnfkn-AY68ZfDSFQGQ6kX_y61AHPVUlSYO6E4itgkL...
https://accounts.google.com/v3/signin/identifier?dsh=S-1609978214%3A1680444843098134&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TWEHiZUrUHsyMD9_gJm5qqoiedhC_VV6Rj-aFLYS3-...

0
0

114ms
113ms

Image
text/html

2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1609978214%3A1680444843098134&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TWEHiZUrUHsyMD9_gJm5qqoiedhC_VV6Rj-aFLYS3-2wAFJQtpE2cUWOC1SWcV1Qu376BD&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aND_4bMu372ADyFAx8In5w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1609978214%3A1680444843098134&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TWEHiZUrUHsyMD9_gJm5qqoiedhC_VV6Rj-aFLYS3-2wAFJQtpE2cUWOC1SWcV1Qu376BD&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
admiredinde.com/ 35 B
548 B 107ms
38ms Image
image/gif 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/popunder.gif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Apr 2023 14:14:02 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 11:08:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11144
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ8iTccpB%2FkoRARfyUAylFilnIjCHNbGlVzbaG8MIBMbwMZ6NAZa0G65vWfSnTzw5JUIrXK9ZaV1kA%2BynctUhnIAyo71DyVFWohnYS3VT6lOlzp48pjNss1GdZM6QTNClwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7b19ad0c5af30e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 Y09bDGxhU0YKZCdcWR42IgAPBXN0ERxMLm9QXgByZlVcAHZgVlsP
admiredinde.com/OEJSYWgXfTESVXVxC1MMVAsaMDkBCggGMn4AOSMGe3IXKTkKF3QVAVx/a1RdD3ZqRxhRJm9QTks2MxUdS39jRwFWJD1cTk5/ 0
243 B 185ms
134ms Image
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/OEJSYWgXfTESVXVxC1MMVAsaMDkBCggGMn4AOSMGe3IXKTkKF3QVAVx/a1RdD3ZqRxhRJm9QTks2MxUdS39jRwFWJD1cTk5/Y09bDGxhU0YKZCdcWR42IgAPBXN0ERxMLm9QXgByZlVcAHZgVlsP
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Phh86ZHx1xEBLZyeWefxW2Wt2ZgrTId6xR%2Bf1H3bt9cbbL0B3cTIQtzgEd6QebSD16JdTstDNqKWnzFqAyRWk87j3EsUl2nVCNwQJpAwmBQQc24UwMSqzCEe49bAWqYtXQA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0c5af80e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 RkFXNFJpfjRHbyMVO203ATUdcAU2Dw8EIQcYAnYLFwBuXAYQdXFAOyJ8bgFnfndiEiIvJWoHZ2AyI1UmMzJqBXQvLzFbb2A3agR8cm9iGmJgNGoFdDIxNlNvd2cnQCYqfGYCanZ1YwBqcnNgAGE
admiredinde.com/ 0
245 B 184ms
134ms Image
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/RkFXNFJpfjRHbyMVO203ATUdcAU2Dw8EIQcYAnYLFwBuXAYQdXFAOyJ8bgFnfndiEiIvJWoHZ2AyI1UmMzJqBXQvLzFbb2A3agR8cm9iGmJgNGoFdDIxNlNvd2cnQCYqfGYCanZ1YwBqcnNgAGE
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkY%2FWNjzNcBo8cKvRW8aj%2FCcAO85OiHmnJn%2BrpDjG9vuXaHq6cecV3Xo4UAK59ic2uXAUDelbRmyqQu8ceinVxELzNl56SDTLoDLOVwFZb3lK8s8MUetwXYxFrIuWxPpmDA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0c5af60e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 dU5JQjNacSoxDjsIOQBkLRcPIHsZOB0lAgEqJDJjNAkldlEeB282WhFzcHUKR35xZEMcKnRxAVM9PSNHAD10cxUcIC8tDlM4dHIdTGB4bAZTO3RzFQE+KCUORGg5NkcZc3h0C0V6fXYLQXx+dgs
admiredinde.com/ 0
281 B 173ms
125ms Image
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/dU5JQjNacSoxDjsIOQBkLRcPIHsZOB0lAgEqJDJjNAkldlEeB282WhFzcHUKR35xZEMcKnRxAVM9PSNHAD10cxUcIC8tDlM4dHIdTGB4bAZTO3RzFQE+KCUORGg5NkcZc3h0C0V6fXYLQXx+dgs
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkdES44LFv%2B%2BasIr7dtoms5MD8SZV5V%2BvYYA8ZN%2BTBqtDlcv6jbh5k6n1I0Z70nvDVcC9dWFtquS%2BSATfZaZ7rJJgJOU8lzqxZyVlOJ%2FdIg1eM9z9PZQO60WgW8ILs8hPOs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0c5afe0e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 Q1VbCHtFVlsJ
admiredinde.com/d2FvME9YXgxDciQ3JQYbIw1bago9Vi5oDRs1NwQOETYpdCoQUUlEJhNcVgd2RVFXFj8eBVIDfVESG1E7AhJSAn9HVklZIREOUgFpAVxfHnZZUEEFaQJcXhY7BwAIDX5RERtEI0pQWQh/ 0
242 B 124ms
124ms Image
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admiredinde.com/d2FvME9YXgxDciQ3JQYbIw1bago9Vi5oDRs1NwQOETYpdCoQUUlEJhNcVgd2RVFXFj8eBVIDfVESG1E7AhJSAn9HVklZIREOUgFpAVxfHnZZUEEFaQJcXhY7BwAIDX5RERtEI0pQWQh/Q1VbCHtFVlsJ
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nVFVyk%2FutcBvozpb22tlfc9S5lKk9gSNXlA41XbqOiMX0w10A8a2K47ynD2XtAcnBZtu0a3oGqehpGY8fYjHvrevEg9ERJt4NeI%2FIbty5JU2f8Uh03k9yMYjDoq%2BetCato%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0c6b080e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 157ms
157ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ecc"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7884
expires: Sun, 09 Apr 2023 14:14:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 286ms
286ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1f40"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8000
expires: Sun, 09 Apr 2023 14:14:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 156ms
155ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:02 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ea0"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7840
expires: Sun, 09 Apr 2023 14:14:02 GMT

GET
H2 200 ajax-loader.gif
robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ 4 KB
4 KB 159ms
154ms Image
image/gif 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ajax-loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNrRV3Q/Eo6B8eMHUTbM4WdW3x+uGKBMDhPjRJnZyl/PZY1JuiAVi0YlqwMj6EqsjwsjqUCFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x3tZ7sYP1r2srE273djdg7dtu2ls05oV+PW+hW3TbHbWtdeody2hSmghB20rkteWBtcpQptNnjSXieBv0PIC/U2oVDnUokJG//kNjI6qB9avrHvwaICERpDL4GQSZEUQjJvue4w/ouVsGX+Jmd0lsRqdmsXz8tp1BZLKwGmIjEeQrTs1dG4cE3rIy55JxnX/QfTp9LvWSKpkiB5jWHLNUzaiD1CWtGNJPKrzrN1ifIWSjOt0P/hK4hZhJ/8vRZzN0xEjKJmJ8CxzbSyBX745Dwv/HvptudfiziWyLkOay78htCYajGc9vdS+S/ZAP/GfhF/2p6tP/eO6aVcPu/Vqs30DpgZ71w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
last-modified: Tue, 28 Mar 2023 07:30:44 GMT
server: nginx
etag: "642297a4-1052"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
expires: Sun, 09 Apr 2023 14:14:02 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
118 KB 193ms
101ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11ecbf6fdacbbe274fbc613cf17cf4ab80790608e6ef36895abdfff88efb556d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119837
x-xss-protection: 0
server: cafe
etag: 14063838634900126881
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 40DE 10 KB
5 KB 199ms
62ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 41136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 02:48:27 GMT
etag: 2378337311435320485
expires: Sun, 16 Apr 2023 02:48:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 38ms
32ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=209646640&post=299&tz=2&srv=robloxscripts.net&hp=atomic&ac=2&amp=0&j=1%3A12.0-a.7&host=robloxscripts.net&ref=https%3A%2F%2Frobloxexploits.net%2F&fcp=723&rand=0.39070254556488027
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:14:03 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 AXMOMzwUYxRVWjFaNjMvOl5wIi8SZw0MOyB4NTFaHlhyLDk3aGdWKAFLKQMMKQEDIigGBCQcNwJzK1EFCHMXIyU9Yw4yCTtFDVQKFWUoVB4WYzYyIgRoASIvYEQLJSMXdAVcHRcBciIkOXwWLC8BXiQhCWJpFQAeCAEIPTcDBRYsCSdcDgMCBmYsD10UXRQFCwdZC... Show response
peopleshouldthin.com/ZG5QMUIFDDNcfQVTMhc3FgJtFHAiS2J3JggGaFJzURQnBjQCAH5SLgsbNFcwCwAkHywBGnUDBC4NF1kIMzY/ZQAdDXUDBDY/ Frame 5E65 3 KB
2 KB 128ms
127ms Document
text/html 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/ZG5QMUIFDDNcfQVTMhc3FgJtFHAiS2J3JggGaFJzURQnBjQCAH5SLgsbNFcwCwAkHywBGnUDBC4NF1kIMzY/ZQAdDXUDBDY/AXMOMzwUYxRVWjFaNjMvOl5wIi8SZw0MOyB4NTFaHlhyLDk3aGdWKAFLKQMMKQEDIigGBCQcNwJzK1EFCHMXIyU9Yw4yCTtFDVQKFWUoVB4WYzYyIgRoASIvYEQLJSMXdAVcHRcBciIkOXwWLC8BXiQhCWJpFQAeCAEIPTcDBRYsCSdcDgMCBmYsD10UXRQFCwdZCTwCOEIjDgYGZiwPGxVJdwEICEkIKQVhBiM1JBdpBUksaGIHJSQfYikzKAIJMSsWFWsKIxYiYQcyDDZfJi48OwB1BTgZUwMgXmB3LjIPE186LT8RYCUpBmlnFQoFdQMALBYddQgKLDZgLgMfHWAlAiwDSXo3KgprJyMGBWAHPlYydDogPD5ZNjAoBlAnNwEydyUPWR13eyciPkkzMDhlUyRXVgBlFAgWMloqJTYYRTIwOzxSJDNfG2MuJUg6Qi0KHm1CDjc9PUAtMxlifiRdJxg
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ccf4db04ff2011f4c1fc91bebb010b1727227aa33a7e0378487031cde373d24d

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1259
content-type: text/html
date: Sun, 02 Apr 2023 14:14:03 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: OqZCrCwRWQm6KZlc9hSDN0GbvI11qMNK7v74UyfNEk-48TSV3zjjiQ==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 c18QZAJHbRRkEnBiAnkSWk0hVRFaAQZWP1l3dXQYcnYjVAdadw5VMGRMBmNvQ2IDYxppQg50DnddA1UVRV4fdyMCcnVzM2YHAnkOY1oKeDtgXwZ0PwNWdWM2Zlgodg0BDR5UBmNFH11uAXQQfw1mW3dzDWcEI1IwARMtQjhfRXp7H0ZMM3AVYlE Show response
peopleshouldthin.com/RzFXMTUmUzRcCiYMNRdANV1qFAcBFGV3UStZb1IEcksgBkMhX3lSWShEM1dHKF8jH1siRXIDczd/AXdFJWQFZmUgUhtUBQIFE2d3fnAQY1AQaSBlej9eFHpeEUIeSGA9ZRRkWgtJM2NRPwEPeHQvWQNGcCtmLWtgFEgRU3grYzRoWRYA... Frame E39C 3 KB
2 KB 128ms
127ms Document
text/html 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/RzFXMTUmUzRcCiYMNRdANV1qFAcBFGV3UStZb1IEcksgBkMhX3lSWShEM1dHKF8jH1siRXIDczd/AXdFJWQFZmUgUhtUBQIFE2d3fnAQY1AQaSBlej9eFHpeEUIeSGA9ZRRkWgtJM2NRPwEPeHQvWQNGcCtmLWtgFEgRU3grYzRoWRYAFAB3MHQuZG8GWG94exZoAXhzBgMSc2Q+ZQ9SVgN5O2hlL3wSenMsRgN3DQRwHwhvFHkOd1AVBRJ6WQIUZXN9LwQ/cwcCeRBmcA9oAVlRJlYBAWIuCD9zBwJUFXJaA2sCSVAFWRVbYhVnLnBtL3wPAmcSeAUcXgV4AngFBEYORWQfYzV6BgJ2DVpRIlI/c18QZAJHbRRkEnBiAnkSWk0hVRFaAQZWP1l3dXQYcnYjVAdadw5VMGRMBmNvQ2IDYxppQg50DnddA1UVRV4fdyMCcnVzM2YHAnkOY1oKeDtgXwZ0PwNWdWM2Zlgodg0BDR5UBmNFH11uAXQQfw1mW3dzDWcEI1IwARMtQjhfRXp7H0ZMM3AVYlE
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 613cc9a8f303bfa75f842f326d8fa9884d050e7dce9cf7ea6b45f849582b6408

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1245
content-type: text/html
date: Sun, 02 Apr 2023 14:14:03 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: CTJqBBcsRoWmQCq0TgzgT4cu9wxpeHgq48o_Hylg21R6fUAxHyWFhw==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 GGUYPFc3M08Edx8MJHlIHw09Fn8eIkY1 Show response
peopleshouldthin.com/Q3JPOFkiECxVZiJPLR4sMR5yHWsFV31+PS8ad1todgg4Dy8lHGFbNSwHK14rLBw7FjcmBmoKHy0WI1BtJ0Eebhc7Kx1rLgoKB30pDSN9CRgSJwlpFCQBFn8+GR4CQj46PR4NFgEIBgwfOjc4dSEnAQ5UHAI2C0AfEUMGWRYRKx5rDwJL... Frame FBC6 3 KB
2 KB 126ms
126ms Document
text/html 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/Q3JPOFkiECxVZiJPLR4sMR5yHWsFV31+PS8ad1todgg4Dy8lHGFbNSwHK14rLBw7FjcmBmoKHy0WI1BtJ0Eebhc7Kx1rLgoKB30pDSN9CRgSJwlpFCQBFn8+GR4CQj46PR4NFgEIBgwfOjc4dSEnAQ5UHAI2C0AfEUMGWRYRKx5rDwJLCVALCSB8DAMGChV0OwVGC3obKAgdaRAiNyUIPAsaIGwJBUYMfgwwQwlPaSc1JWkDFhkWTzsVKAdtDBEdGnkYJzULTwECMytsOCgVFXkfDQMcfQMGJQhQPRE2FWw4KBUOcAsrBxt+Ews8BwkSEQU3eTsFXwlrCygrensYICsKQWEnNB0APw80fn4UKDw9bGgvOh5waAggfk89DjM4WR4FPD53aAk1HVIIEToNfg0iGShpHBEnNX5odiAdfz4hOjhhAw0gfmsLKTA/awwZEx1WAw0jJHIfJxkjfAgvPD5rGBIkCnwyCDojfhwLGX59CHIaPWw1BjAcCjUCIwpiHiE3P3AIc0s8bBwNNx5/GGUYPFc3M08Edx8MJHlIHw09Fn8eIkY1
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ff103e3bb705cac3b556b54639a1602fa2531f50463ad4a90aea5e4b3b4a55b7

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1256
content-type: text/html
date: Sun, 02 Apr 2023 14:14:03 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: 8EIefcqSbVYFJh3d1YFsDgjxrymSfHXNrLqMa7S5_Sh9wYm5m2FrpA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 F1AgExVaWgVGTEgVUQEfXEwFGxZHBgAFFlwWSBkcRkdUMR1mJSA6IGYvEDMQeyoiMx57KSAAMldTDlJLcDc3AwhxGF44IWYaBTgBZBM2IzQHL1QiH3kzMD8rSDsgFC93NC82OFsgAUIIcCEvND1cUy47KGQwBSEvQyQzOhNxDCMiIWEFIzweWgYtJi9DJCA9AXYhK... Show response
peopleshouldthin.com/eTJiZncYUAELSBgPAEACC15fQ0U/ Frame F4AA 3 KB
2 KB 125ms
124ms Document
text/html 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/eTJiZncYUAELSBgPAEACC15fQ0U/F1AgExVaWgVGTEgVUQEfXEwFGxZHBgAFFlwWSBkcRkdUMR1mJSA6IGYvEDMQeyoiMx57KSAAMldTDlJLcDc3AwhxGF44IWYaBTgBZBM2IzQHL1QiH3kzMD8rSDsgFC93NC82OFsgAUIIcCEvND1cUy47KGQwBSEvQyQzOhNxDCMiIWEFIzweWgYtJi9DJCA9AXYhKxUuWyMoOyxjICUbK1s3NC1cACAzIChlNQ8+P3saPDYYZCxeM0lWEjNEAWMjVD0rUzQsDxhkLF4xFV0LMEQRdyMnQjxUDiA7HF40CiU4dFonM1RFMD4OEmUpNzkgeDAwBywBNFMiF0YyJz8JdwQKMht4FQ1DPXRbFiIOCycnLw58KDcHLlM0KE87XjsQNBB8KyAZTGAuERs7exURBytzJy0iMQMzLi8BYgcwJj9UUl9OL2M0FiJKRTEzHhZzMgEQLlQLAkIsVTAPIhdCKjQZP2MGIC47VCQwUktwNzclSGQ6DiE4ARI8URNBDQgHREUWPwYrRzAwJDF7
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: de55b8b2871d661402f3134069cbcdd3d8197a9d94f4580ec4829baaa30c4427

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1247
content-type: text/html
date: Sun, 02 Apr 2023 14:14:03 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: zbyFjyhCqENFoAWimzX0zQeMrwsWk6GtvnoUD37X2ha0LWTDCLNZyA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

POST
H2 204 MWszR28eVFA0UmcBcT0LeQddBQRFKGIQV3k5diMuaAx9DD4BWxUzBlVWCnBWA1sLYR9YDw50XRcYRyYbRBgOdV8BXBUuAVcEDnZJR1YDaVYfWh1ySURWAn9YA1sHdV8GUgdzWwFdC2EbQQpUel4XG0czAwxaBX9fBV8Hf1sCWwd2
admiredinde.com/ 0
248 B 141ms
120ms Ping
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admiredinde.com/MWszR28eVFA0UmcBcT0LeQddBQRFKGIQV3k5diMuaAx9DD4BWxUzBlVWCnBWA1sLYR9YDw50XRcYRyYbRBgOdV8BXBUuAVcEDnZJR1YDaVYfWh1ySURWAn9YA1sHdV8GUgdzWwFdC2EbQQpUel4XG0czAwxaBX9fBV8Hf1sCWwd2
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KB9HGFdcKm1%2FU2h0Z57gDjXs7ij4QWXEb7OfXq0DmZiTDmu9jKX%2BE0XNvmCmFIF1y0BGs6zFsHxhSFOzm7TLyMMWZqnvcrPj%2FOpKVECqjX1Mq1ejYRBxJmakqFenJiX4JE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0d3c310e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 205 floater Show response
peopleshouldthin.com/ 0
567 B 243ms
223ms XHR
text/plain 13.225.78.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://peopleshouldthin.com/floater?cs=djFlREVHB11yfU8GUnd8QgJcc3E&abt=0&red=1&sm=90&k=best%20website%20browse%20large%20collection%20free%20provide%20with%20both%20quantity%20quality%20posting%20daily%20basis%20executors%20roblox%20scripts&v=0.9.1.5&sts=0&prn=0&emb=0&tid=979208&rxy=1600_1200&u=1872042079444068&agec=1680444842&fs=1&m=1&ns=1&ndp=1&asi=1&mbkb=507.61421319796955&ref=https%3A%2F%2Frobloxscripts.net%2F&osr=robloxexploits.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F111.0.5563.146%20safari%2F537.36&tzd=0&uloc=&if=0&aa=lbnt__oi0_&_KdH0=1680444843042&crc=1
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-108.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:03 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://robloxscripts.net
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 05jHBPzDOXwD9j_scVW1K-gyS7Vk6zVAXjXDK7ZCwEJqR4YWAjIYYw==

GET
H2 200 pnj-rs-w-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 3 KB
3 KB 36ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png?fit=504%2C355&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2022 09:25:37 GMT
server: nginx
etag: "816555f217c0a7d9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png>; rel="canonical"
content-length: 3194
expires: Wed, 04 Sep 2024 21:25:37 GMT

GET
H2 200 kiwi_x_thumb.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 82 KB
83 KB 38ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Dec 2022 17:13:52 GMT
server: nginx
etag: "63a95ab5ce3ee8ab"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp>; rel="canonical"
content-length: 84354
expires: Sat, 21 Dec 2024 05:13:52 GMT

GET
H2 200 625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 101 KB
101 KB 59ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Sep 2022 13:13:18 GMT
server: nginx
etag: "8474043a546cdd97"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg>; rel="canonical"
content-length: 103030
expires: Tue, 10 Sep 2024 01:13:18 GMT

GET
H2 200 625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 70 KB
71 KB 61ms
55ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp?fit=705%2C396&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 14:56:29 GMT
server: nginx
etag: "af6314a22d84a3a4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp>; rel="canonical"
content-length: 72050
expires: Sat, 07 Sep 2024 02:56:29 GMT

GET
H2 200 Capture_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/04/ 21 KB
21 KB 60ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/04/Capture_16x9.png?w=875&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ff30ce3dfba9ac624dada16dc501035788ee8b9a7ffc00e7b30e55f714593420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 Apr 2023 21:09:27 GMT
server: nginx
etag: "59a259c83bada978"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/04/Capture_16x9.png>; rel="canonical"
content-length: 21516
expires: Tue, 01 Apr 2025 09:09:27 GMT

GET
H2 200 image_16x9-12.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 40 KB
41 KB 60ms
56ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/image_16x9-12.png?w=779&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

d4091abc19d770c258eee9d560bd957ade9ae297d88516311322146f85161795

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Mar 2023 18:50:59 GMT
server: nginx
etag: "369418f60ec9f354"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/image_16x9-12.png>; rel="canonical"
content-length: 41408
expires: Sat, 15 Mar 2025 06:50:59 GMT

GET
H2 200 Zee_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 26 KB
26 KB 61ms
56ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Zee_16x9.png?w=711&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a7c9142e108a2f7eefa13926acf8550e2f5668a6415fa9bc896fac7b7412b3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:43:35 GMT
server: nginx
etag: "37917e308a542679"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Zee_16x9.png>; rel="canonical"
content-length: 26256
expires: Tue, 11 Mar 2025 04:43:35 GMT

GET
H2 200 Saki_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 21 KB
21 KB 62ms
57ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Saki_16x9.png?w=552&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5ef0ed69dbd8e108fcc264310ef1fc9a3093352b4935b2b4e98b1aa943fcb92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:43:35 GMT
server: nginx
etag: "648bfe76235eee7a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Saki_16x9.png>; rel="canonical"
content-length: 21156
expires: Tue, 11 Mar 2025 04:43:35 GMT

GET
H2 200 Makima_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 107 KB
108 KB 61ms
57ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Makima_16x9.png?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

f0e6d54c3ec25deba52f50589c125408913a4856fba84cd5d012fa7664780343

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:42:16 GMT
server: nginx
etag: "25278b6ea855b3a8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Makima_16x9.png>; rel="canonical"
content-length: 109986
expires: Tue, 11 Mar 2025 04:42:16 GMT

GET
H2 200 Destiny_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 17 KB
17 KB 62ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Destiny_16x9.png?w=661&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

3070e06f07f216509fef12f16848d99aa29a00b8ba27da92db659854d4b76595

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:42:16 GMT
server: nginx
etag: "604ad6d48b432e14"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Destiny_16x9.png>; rel="canonical"
content-length: 17564
expires: Tue, 11 Mar 2025 04:42:16 GMT

GET
H2 200 Atomic_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 19 KB
19 KB 63ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Atomic_16x9.png?w=711&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

2ddcba54e5ed4c3d6a7dad0dfaf53484b40323b12bdc3e4c2609577bd982bac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:37:26 GMT
server: nginx
etag: "3fe012deb99fde3e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Atomic_16x9.png>; rel="canonical"
content-length: 19712
expires: Tue, 11 Mar 2025 04:37:26 GMT

GET
H2 200 Madox_16x9.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/ 20 KB
20 KB 61ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/03/Madox_16x9.png?w=585&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

436f8a80292d7c1d93cd6e84f8bbadc2527338ac1ece4356a240d12082deba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Mar 2023 16:37:25 GMT
server: nginx
etag: "a7f7c73a9a4be165"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/03/Madox_16x9.png>; rel="canonical"
content-length: 20042
expires: Tue, 11 Mar 2025 04:37:25 GMT

GET
H2 200 Qzkgby0AFFV5fxYRBi5kXBUGKmRLVgktO0dETj0pFRtVLTYCFA0uIAMGEG8sG00FJiMTHAQofEg2XWdpX0JYYS4THgwmLglVWnk3DlVaeWhKXlhsajhVWnkuEx5efXxJMk17aQJGXG-B8SEAJOSkWFR8sOxEZHGxrPEVbfndJRk17aVIbAD00FlVaCnxIQAQgMh9V... Show response
dlh8c15zw7vfn.cloudfront.net/JcGhJWXoTByc/RQQBLWRDRV14aktWAjo2FABVOhUpIwU4Ni0HWgY/ Frame 5E65 863 B
887 B 186ms
185ms Script
text/plain 2600:9000:2490:a00:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/JcGhJWXoTByc/RQQBLWRDRV14aktWAjo2FABVOhUpIwU4Ni0HWgY/Qzkgby0AFFV5fxYRBi5kXBUGKmRLVgktO0dETj0pFRtVLTYCFA0uIAMGEG8sG00FJiMTHAQofEg2XWdpX0JYYS4THgwmLglVWnk3DlVaeWhKXlhsajhVWnkuEx5efXxJMk17aQJGXG-B8SEAJOSkWFR8sOxEZHGxrPEVbfndJRk17aVIbAD00FlVaCnxIQAQgMh9VWnk+HxMDJnBfQlgqMQgfBSx8SDZZeGhUQEZ8bExDRnhtTFVaeSobFgk7MF9CLnxqTV5bf38PTVlxbkhAXHtpTUlcfW1KRlA
Requested by: Host: peopleshouldthin.com
URL: https://peopleshouldthin.com/ZG5QMUIFDDNcfQVTMhc3FgJtFHAiS2J3JggGaFJzURQnBjQCAH5SLgsbNFcwCwAkHywBGnUDBC4NF1kIMzY/ZQAdDXUDBDY/AXMOMzwUYxRVWjFaNjMvOl5wIi8SZw0MOyB4NTFaHlhyLDk3aGdWKAFLKQMMKQEDIigGBCQcNwJzK1EFCHMXIyU9Yw4yCTtFDVQKFWUoVB4WYzYyIgRoASIvYEQLJSMXdAVcHRcBciIkOXwWLC8BXiQhCWJpFQAeCAEIPTcDBRYsCSdcDgMCBmYsD10UXRQFCwdZCTwCOEIjDgYGZiwPGxVJdwEICEkIKQVhBiM1JBdpBUksaGIHJSQfYikzKAIJMSsWFWsKIxYiYQcyDDZfJi48OwB1BTgZUwMgXmB3LjIPE186LT8RYCUpBmlnFQoFdQMALBYddQgKLDZgLgMfHWAlAiwDSXo3KgprJyMGBWAHPlYydDogPD5ZNjAoBlAnNwEydyUPWR13eyciPkkzMDhlUyRXVgBlFAgWMloqJTYYRTIwOzxSJDNfG2MuJUg6Qi0KHm1CDjc9PUAtMxlifiRdJxg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a00:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 476f0da8db500a67325d873352ea02699c2c9cdacef05cb7e67f260cca859f61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://peopleshouldthin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 610
x-amz-cf-id: -oYv13eXYObtU3ShHRtNmCu1C1m_68BVkfLt_LZkyqvm6HA5oMSNIA==

GET
H2 200 pNVFpbURWPgcLe0E4DVB9AGReWXwTOxoCKkVsIyUzTCUoLxdRdx0XIAhhTwElWzZUSyFbMlRcYlQ1C1BwEyUZAi8INQYVIFA2EBQyTXccDHlYPhMEKFkwTF8CAH9ZSHYFeR4EKlE+Hh5hB2EHGWEHYVhdagV0Wi9hB2EeBCoDZUxeBhBjWRVyAXhMX3RUIR-kBIUI... Show response
dlh8c15zw7vfn.cloudfront.net/ Frame E39C 877 B
882 B 175ms
175ms Script
text/plain 2600:9000:2490:a00:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/pNVFpbURWPgcLe0E4DVB9AGReWXwTOxoCKkVsIyUzTCUoLxdRdx0XIAhhTwElWzZUSyFbMlRcYlQ1C1BwEyUZAi8INQYVIFA2EBQyTXccDHlYPhMEKFkwTF8CAH9ZSHYFeR4EKlE+Hh5hB2EHGWEHYVhdagV0Wi9hB2EeBCoDZUxeBhBjWRVyAXhMX3RUIR-kBIUI0CwYtQXRbK3EGZkdechBjWUUvXSUEAWEHEkxfdFk4AghhB2EOCCdePkBIdgUyAR8rWDRMXwIEYFhDdBtkXFt3G2BdW2EHYRoMIlQjAEh2c2RaWmoGZ08YeQRpXl90AWNZWn0BZV1dcg0
Requested by: Host: peopleshouldthin.com
URL: https://peopleshouldthin.com/RzFXMTUmUzRcCiYMNRdANV1qFAcBFGV3UStZb1IEcksgBkMhX3lSWShEM1dHKF8jH1siRXIDczd/AXdFJWQFZmUgUhtUBQIFE2d3fnAQY1AQaSBlej9eFHpeEUIeSGA9ZRRkWgtJM2NRPwEPeHQvWQNGcCtmLWtgFEgRU3grYzRoWRYAFAB3MHQuZG8GWG94exZoAXhzBgMSc2Q+ZQ9SVgN5O2hlL3wSenMsRgN3DQRwHwhvFHkOd1AVBRJ6WQIUZXN9LwQ/cwcCeRBmcA9oAVlRJlYBAWIuCD9zBwJUFXJaA2sCSVAFWRVbYhVnLnBtL3wPAmcSeAUcXgV4AngFBEYORWQfYzV6BgJ2DVpRIlI/c18QZAJHbRRkEnBiAnkSWk0hVRFaAQZWP1l3dXQYcnYjVAdadw5VMGRMBmNvQ2IDYxppQg50DnddA1UVRV4fdyMCcnVzM2YHAnkOY1oKeDtgXwZ0PwNWdWM2Zlgodg0BDR5UBmNFH11uAXQQfw1mW3dzDWcEI1IwARMtQjhfRXp7H0ZMM3AVYlE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a00:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fcda48e7ab7751e4d8c640c0c05150f79e669eb960c224a6ef373417ad5cf8b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://peopleshouldthin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 605
x-amz-cf-id: EtV41y6Q086SaDYPTO_0MhdV_xxlndaxkBqp6ugg3vlHwx8ve3x0Iw==

GET
H2 200 ndlh4d3QVNxYRSwIxHEpNQ21AQUFQMgsYGgZlMzgyOQ5OBzI4FyEwMxdsAlEADDxFR1IaORYQSVA9FhRJR34ZExZLbF4DBBkzRQIaEj0eHhoTPF4CFUs1Fw0dGjQZUkYwbVZHUURoUAAdGDwXAAdTakgZAFNqSEZEWGhdRDZTakgAHRhuTFJHNH1KRwxAbF-FSRkY... Show response
dlh8c15zw7vfn.cloudfront.net/ Frame FBC6 768 B
803 B 177ms
177ms Script
text/plain 2600:9000:2490:a00:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/ndlh4d3QVNxYRSwIxHEpNQ21AQUFQMgsYGgZlMzgyOQ5OBzI4FyEwMxdsAlEADDxFR1IaORYQSVA9FhRJR34ZExZLbF4DBBkzRQIaEj0eHhoTPF4CFUs1Fw0dGjQZUkYwbVZHUURoUAAdGDwXAAdTakgZAFNqSEZEWGhdRDZTakgAHRhuTFJHNH1KRwxAbF-FSRkY5CAcYEy8dFR8fLF1FMkNrT1lHQH1KR1wdMAwaGFNqO1JGRjQRHBFTakgQERUzF15RRGgbHwYZNR1SRjBpSUZaRnZNQkJFdklDQlNqSAQVEDkKHlFEHk1EQ1hrTlEBS2lAQEZGbEpHQ09sTENEQGA
Requested by: Host: peopleshouldthin.com
URL: https://peopleshouldthin.com/Q3JPOFkiECxVZiJPLR4sMR5yHWsFV31+PS8ad1todgg4Dy8lHGFbNSwHK14rLBw7FjcmBmoKHy0WI1BtJ0Eebhc7Kx1rLgoKB30pDSN9CRgSJwlpFCQBFn8+GR4CQj46PR4NFgEIBgwfOjc4dSEnAQ5UHAI2C0AfEUMGWRYRKx5rDwJLCVALCSB8DAMGChV0OwVGC3obKAgdaRAiNyUIPAsaIGwJBUYMfgwwQwlPaSc1JWkDFhkWTzsVKAdtDBEdGnkYJzULTwECMytsOCgVFXkfDQMcfQMGJQhQPRE2FWw4KBUOcAsrBxt+Ews8BwkSEQU3eTsFXwlrCygrensYICsKQWEnNB0APw80fn4UKDw9bGgvOh5waAggfk89DjM4WR4FPD53aAk1HVIIEToNfg0iGShpHBEnNX5odiAdfz4hOjhhAw0gfmsLKTA/awwZEx1WAw0jJHIfJxkjfAgvPD5rGBIkCnwyCDojfhwLGX59CHIaPWw1BjAcCjUCIwpiHiE3P3AIc0s8bBwNNx5/GGUYPFc3M08Edx8MJHlIHw09Fn8eIkY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a00:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 749d38528a9c6c8a51293223f1a6f9d984e4bf9ec6767738fbeb4af7da861dfd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://peopleshouldthin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 526
x-amz-cf-id: nmSI8lcQEnPwtWKwFn8HVGYTNdjOWSa1V2KfzavEn-Ueubo9V3j4kg==

GET
H2 200 dTGFMYTMvDiIHDDgIKFwKe1h+UQtqCz8OXTxcOxVqPTM5M2UfKQVHRzYFcVEVIAAiBg5qBCICDn1HLQVRcVVqFUMjCnEUXSgEKghdKQVqFFJxDCMbWiANLUQBClRiURZ+UWQWWiIFIxZAaVN8D0dpU3xQA2JRaVJxaVN8FloiV3hEAA5EflFLelVlRAF8AD-wRXyk... Show response
dlh8c15zw7vfn.cloudfront.net/ Frame F4AA 435 B
623 B 180ms
180ms Script
text/plain 2600:9000:2490:a00:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/dTGFMYTMvDiIHDDgIKFwKe1h+UQtqCz8OXTxcOxVqPTM5M2UfKQVHRzYFcVEVIAAiBg5qBCICDn1HLQVRcVVqFUMjCnEUXSgEKghdKQVqFFJxDCMbWiANLUQBClRiURZ+UWQWWiIFIxZAaVN8D0dpU3xQA2JRaVJxaVN8FloiV3hEAA5EflFLelVlRAF8AD-wRXykWKQNYJRVpU3V5UntPAHpEflEbJwk4DF9pUw9EAXwNJQpWaVN8BlYvCiNIFn5RLwlBIwwpRAEKUH1QHXxPeVQFf099VQVpU3wSUioAPggWfid5UgRiUnpHRnFQdFYBfFV+UQR1VXhVA3pZ
Requested by: Host: peopleshouldthin.com
URL: https://peopleshouldthin.com/eTJiZncYUAELSBgPAEACC15fQ0U/F1AgExVaWgVGTEgVUQEfXEwFGxZHBgAFFlwWSBkcRkdUMR1mJSA6IGYvEDMQeyoiMx57KSAAMldTDlJLcDc3AwhxGF44IWYaBTgBZBM2IzQHL1QiH3kzMD8rSDsgFC93NC82OFsgAUIIcCEvND1cUy47KGQwBSEvQyQzOhNxDCMiIWEFIzweWgYtJi9DJCA9AXYhKxUuWyMoOyxjICUbK1s3NC1cACAzIChlNQ8+P3saPDYYZCxeM0lWEjNEAWMjVD0rUzQsDxhkLF4xFV0LMEQRdyMnQjxUDiA7HF40CiU4dFonM1RFMD4OEmUpNzkgeDAwBywBNFMiF0YyJz8JdwQKMht4FQ1DPXRbFiIOCycnLw58KDcHLlM0KE87XjsQNBB8KyAZTGAuERs7exURBytzJy0iMQMzLi8BYgcwJj9UUl9OL2M0FiJKRTEzHhZzMgEQLlQLAkIsVTAPIhdCKjQZP2MGIC47VCQwUktwNzclSGQ6DiE4ARI8URNBDQgHREUWPwYrRzAwJDF7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a00:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c48437b4c688d7aff7c9ce46a5173ce1bab60d20f1d200090e120661ecdefadb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://peopleshouldthin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 345
x-amz-cf-id: _iKTrkIFRyVJWTkCOutcQ4DvEP7esBw7t_dPDYFUY9bUjLNzKe0aVg==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
610 B 112ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=robloxscripts.net&callback=_gfp_s_&client=ca-pub-2249257918045069

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c9e93690adfb92fee107efe1d56e046ccf98f1726f6b8d2a9c88cd5dc9ce78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 201ms
68ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 119ms
44ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A08 119 KB
38 KB 442ms
440ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1680444674&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842969&bpp=12&bdt=514&idt=341&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7067503595945&frm=20&pv=2&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eb1c2284928b90059cae1aad03f14f2bd54c7031f85f5f5eb2b06f9c70b11bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38765
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:03 GMT
expires: Sun, 02 Apr 2023 14:14:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D313 23 KB
10 KB 491ms
491ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842981&bpp=3&bdt=525&idt=362&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kwDkD5z4up&p=https%3A//robloxscripts.net&dtd=367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f6fd6a7254f863454836b4a85d7ef8be36b9cb9f64c11c79ef82acf9d94396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:03 GMT
expires: Sun, 02 Apr 2023 14:14:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 DwJFOSxGX154bgoDV31sCgdQem4C
admiredinde.com/WDIzY0l3DVAQdD16eToTagd+MR4eZWQIeBpTdSUrCXdlExw0WRUXIDwPClZ8bwYLRTkxVg5SbytGUhc8Kw8AU3lpFFoNLzcPA1N5aRRFXnh2AQdNemocAUU8ZQACWnptAQFSfG8KBVF5ahRHEyg/ 0
433 B 121ms
121ms Ping
text/plain 104.21.42.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admiredinde.com/WDIzY0l3DVAQdD16eToTagd+MR4eZWQIeBpTdSUrCXdlExw0WRUXIDwPClZ8bwYLRTkxVg5SbytGUhc8Kw8AU3lpFFoNLzcPA1N5aRRFXnh2AQdNemocAUU8ZQACWnptAQFSfG8KBVF5ahRHEyg/DwJFOSxGX154bgoDV31sCgdQem4C
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FoRv0zSQSYTfdqW0ZMAMYm1dq9B4TINAOYQsCuv%2FLhGNaQshpb%2BsEkYClKMZtLZ8JYvM4FCZo0ZwwxcLhUSXcZB1hGhAy7ADGlghQymyJfkPILYkFDhxU6%2Bs33s5bT6GdA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7b19ad0f1b871c7a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 150 KB
51 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89b2327b345c40a08b3bc99b0e35c4c318e7b0d3fe69ff12661a37696c1dcb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52131
x-xss-protection: 0
server: cafe
etag: 17436691686306777156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 69ms
68ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 39ms
39ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 009A 436 B
236 B 404ms
403ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2681833890&adf=2981778012&pi=t.aa~a.2191923801~rp.2&w=1170&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1170x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444843870&bpp=1&bdt=1414&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1eef34f5f71f0cbc-22b0bb407edd000c%3AT%3D1680444843%3ART%3D1680444843%3AS%3DALNI_MY5XSajRhshNUZzHxjVhlEohG2guw&gpic=UID%3D00000bcf4f3795c7%3AT%3D1680444843%3ART%3D1680444843%3AS%3DALNI_MbU7mSBqr1TfH0XrW6WScOf1njLoA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IIzM6jhu1n&p=https%3A//robloxscripts.net&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1dd19c7bcd1a28b5092262d716af38e86ebeb96fc7dace8368a451fc64e2e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:04 GMT
expires: Sun, 02 Apr 2023 14:14:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D313 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6cxPq40pZMDeG-Pxo9kPoPOGqA7JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjQ5MjU3OTE4MDQ1MDY5yAEJqQLnoxjtiS-yPqgDAaoExQFP0J9KZdkjeGnJnUT0W_zWjWG50VR9rHF5gG9E0akHtq1_eGBT92EvI9zWBIeDWePqEK_csJEL2LwXUHvasvZCY51YVMOTpZ878LKFVIZP75bNKX0PwLe0PEsMStkCw85AJhMxJs5E5MxDnGimNteA9lRHGhqQ7BGu8V4CS6Wrf7mgdemN9a4gHJalC61SXV4YXREi3z-kaqmVQoNleKQVrJbZYFAK8P3Xh_ufH68IyN-1cnui6HTJonr1XvY6ml6qIl1iNYAGpuLh_9bAirWIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI0OTI1NzkxODA0NTA2ORgA&sigh=a6gsSeqoO8o&uach_m=[UACH]&cid=CAQSGwDUE5yme_is7op5zBHsVSnnLTqxleoptVD7EBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842981&bpp=3&bdt=525&idt=362&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kwDkD5z4up&p=https%3A//robloxscripts.net&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842981&bpp=3&bdt=525&idt=362&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kwDkD5z4up&p=https%3A//robloxscripts.net&dtd=367
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:14:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Apr 2023 14:14:03 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D313 0
0 84ms
25ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKy4B7z6RLAJmAKdg2ICAgAAAPrNeR52UNvrEKqNKWTfzL3p00ALkbSeAAASAAAKCkFRVUJBUUVCQVE&wp=ZCmNqwAG70AFKPjjAAG5oDfu2_7q_lICqY09_g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 178966
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A118 129 KB
45 KB 148ms
94ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCmNqwAG70AFKPjjAAG5oDfu2_7q_lICqY09_g&u=%7Cr2vxigZXMG8i8cdHSbA6%2Bs%2Bab2C%2BLLWeuxwXR5cZFfQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPnGOmSqSG4eCj4olmutZVpbdnTLYPO8H3L8RqUsBzlsqwgYg1mmwQjLa539ugmx_1VjZz1PS12sddjPl5UJU-PzjTNqVLMoBjtMVoXtEd75rMi9ofDhaNHGqfyvax2YnkUBM7VFRweiDj2RPUM1TKwOqnYUjr_hv5SBswpxlltFlrdoBZxazY4SmCg1VF51hQCkW-atz32Uqv6A3bJI47iIwB1jnZZ0179--wTKL9Wu28STvEupLMisgQF9dEO6HGyuSVqjqThc-R5BBD_dtkFkHQuVs2UHNELkr3jZJUrIAXukvFkcZMbyUBBzDXLg2n0VzGPVCRyMOM7DJCcGLJ3DgW6agvBG-tsqxQabFON1lvbLjHnXw_NANsOYqvNpVMqP_M53JZ8IB2iNIy8o04k-iSukEfwZUHKVEWuJwUPYeF53D6XNuUMk7XjTDub7SRTlxUOI3gTbbcpA4BkylcABRDPpjnKKlRpReJRLK63gxGgFahs04rLtMt0RFRmyqEY9nPMoqHrhEMxwR1igok4vEeSxza1i8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaxEWq40pZMDeG-Pxo9kPoPOGqA7JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjQ5MjU3OTE4MDQ1MDY5yAEJqQLnoxjtiS-yPqgDAaoEyAFP0J9KZdkjeGnJnUT0W_zWjWG50VR9rHF5gG9E0akHtq1_eGBT92EvI9zWBIeDWePqEK_csJEL2LwXUHvasvZCY51YVMOTpZ878LKFVIZP75bNKX0PwLe0PEsMStkCw85AJhMxJs5E5MxDnGimNteA9lRHGhqQ7BGu8V4CS6Wrf7mgdemN9a4gHJalC61SXV4YXREi3z-kaqmVQoNleKRXrrdL59-W40JLk1hPIgnwwcu_xHGM8PZ9akdTrEkktkYviNlxigpjS4AGpuLh_9bAirWIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1KLYyccEDQTmR8hJmhpfVDfJcC4g%26client%3Dca-pub-2249257918045069%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c6f5bd5414eabc93d25edc9b72ef84a2b6c4eee863b38eee419cb62f1bd2e7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=znTG8qIS3GHoZEtKBsTYVufvzEM6tXIsNr8cVsU0CfZmm89MuO-lMo6pyOuDicz95MPcBC7Yd4M0diMnKDfUQ6I27L1r6lOL9vRi_p01yrIJqpOHodO3yJPJsCEzCup665oI-l8aAN-t_GOLQMCYE1nplqtl1UHmu1Kh_7RDe0K2oF5-VAOLZgUU_cTWtboYjhPxVD0vDMX-g3jtAfMIi2YWaZJScd41FZ5yhtSKEuXFmh9nt-upHyVpSwc"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60893085
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame D313 3 KB
1 KB 189ms
65ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:00:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame D313 20 KB
8 KB 182ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D313 158 KB
49 KB 179ms
90ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
41ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame 27D4 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 39425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 03:16:59 GMT
etag: 2378337311435320485
expires: Sun, 16 Apr 2023 03:16:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A118 2 KB
1 KB 93ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZCmNqwAG70AFKPjjAAG5oDfu2_7q_lICqY09_g&u=%7Cr2vxigZXMG8i8cdHSbA6%2Bs%2Bab2C%2BLLWeuxwXR5cZFfQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPnGOmSqSG4eCj4olmutZVpbdnTLYPO8H3L8RqUsBzlsqwgYg1mmwQjLa539ugmx_1VjZz1PS12sddjPl5UJU-PzjTNqVLMoBjtMVoXtEd75rMi9ofDhaNHGqfyvax2YnkUBM7VFRweiDj2RPUM1TKwOqnYUjr_hv5SBswpxlltFlrdoBZxazY4SmCg1VF51hQCkW-atz32Uqv6A3bJI47iIwB1jnZZ0179--wTKL9Wu28STvEupLMisgQF9dEO6HGyuSVqjqThc-R5BBD_dtkFkHQuVs2UHNELkr3jZJUrIAXukvFkcZMbyUBBzDXLg2n0VzGPVCRyMOM7DJCcGLJ3DgW6agvBG-tsqxQabFON1lvbLjHnXw_NANsOYqvNpVMqP_M53JZ8IB2iNIy8o04k-iSukEfwZUHKVEWuJwUPYeF53D6XNuUMk7XjTDub7SRTlxUOI3gTbbcpA4BkylcABRDPpjnKKlRpReJRLK63gxGgFahs04rLtMt0RFRmyqEY9nPMoqHrhEMxwR1igok4vEeSxza1i8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaxEWq40pZMDeG-Pxo9kPoPOGqA7JntKxXLWY49aTAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjQ5MjU3OTE4MDQ1MDY5yAEJqQLnoxjtiS-yPqgDAaoEyAFP0J9KZdkjeGnJnUT0W_zWjWG50VR9rHF5gG9E0akHtq1_eGBT92EvI9zWBIeDWePqEK_csJEL2LwXUHvasvZCY51YVMOTpZ878LKFVIZP75bNKX0PwLe0PEsMStkCw85AJhMxJs5E5MxDnGimNteA9lRHGhqQ7BGu8V4CS6Wrf7mgdemN9a4gHJalC61SXV4YXREi3z-kaqmVQoNleKRXrrdL59-W40JLk1hPIgnwwcu_xHGM8PZ9akdTrEkktkYviNlxigpjS4AGpuLh_9bAirWIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1KLYyccEDQTmR8hJmhpfVDfJcC4g%26client%3Dca-pub-2249257918045069%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame A118 2 KB
1 KB 87ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A118 308 B
636 B 99ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A118 293 B
621 B 83ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A118 43 B
348 B 91ms
25ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=T87aXgQCS6GRITvz23BL8rUG0315WiPECk5GIa0Ywov3_VSIm-UDk1-5UK0tM7j5E-zYREjRriXSlxWmFP08ILhip3TwyC89g0NJNIyfpZCMV9jgGB8l8y-HxJq9GSQp7orQhUTZD18xg8MqU8ciiN_2_PO8qRuYgQUg0qEO5wGmIA3CUUglq3G_SgX-tDpncHJLjYq-97o5L36B1mV0yJsaqY58rxuw-Dyms5-PKeUlSlVHwO4NPq4LiwpiD4YzPXVHlbN1rcobFVkPXYz5CoqWoFd2fmitU7mo1X1HQfJcsngi79O0_MWjrxe0hImhyYtTbkodz82iJsqyXfnEg369k2Ir2p5zIixsx25j8J6DTnZySZs8sXWRw-buX_4WdX8TqSOVSrOjFRaiA7RosWF7RTD7Go4WpTGEQPWBQWwIXwgI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1758675
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A118 12 KB
6 KB 74ms
29ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A118 6 KB
6 KB 303ms
27ms Image
image/png 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=4438&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F4438%2F160713%2F01e316f7618f4a5982200e939bbe76ab_logo.png&v=3&w=196&s=9Wb34QHWp_VE_awcCFaatjar

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e0b37cd5597ee9d0259529a8bece1330f1f38a3de98b6990d14f7ca1c2840dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29855953
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5960
expires: Wed, 13 Mar 2024 03:33:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A118 51 KB
51 KB 328ms
53ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=4438&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F99761670798b1ae3a4645bee8b461bc0%2Falba-moda-topje-animaldessin-allover-0001545285.jpg&v=3&w=800&s=3v9XRgLvdlfNL_oDd-o9fP7T&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7776b401a53ce923a540d5a9f41ddf3923db58357b13c2ba471f4f53f1675451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30016527
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51890
expires: Fri, 15 Mar 2024 00:09:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A118 0
128 B 82ms
27ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=znTG8qIS3GHoZEtKBsTYVufvzEM6tXIsNr8cVsU0CfZmm89MuO-lMo6pyOuDicz95MPcBC7Yd4M0diMnKDfUQ6I27L1r6lOL9vRi_p01yrIJqpOHodO3yJPJsCEzCup665oI-l8aAN-t_GOLQMCYE1nplqtl1UHmu1Kh_7RDe0K2oF5-VAOLZgUU_cTWtboYjhPxVD0vDMX-g3jtAfMIi2YWaZJScd41FZ5yhtSKEuXFmh9nt-upHyVpSwc&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:14:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A118 2 KB
1 KB 55ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:14:04 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame 27D4 9 KB
4 KB 148ms
43ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 23:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 23:36:40 GMT

GET
H2 200 391edcfc9250fc73687380a2b5a5bc72.js Show response
www.gstatic.com/mysidia/ Frame 27D4 10 KB
4 KB 144ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4409
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 00:46:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27D4 8 KB
1 KB 210ms
68ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 13:50:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:14:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 27D4 2 KB
818 B 93ms
88ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 22:30:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 27D4 22 KB
9 KB 71ms
65ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 22:30:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 27D4 3 KB
1 KB 93ms
88ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:00:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 27D4 20 KB
8 KB 89ms
84ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27D4 158 KB
49 KB 96ms
91ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:04 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame 27D4 34 KB
15 KB 135ms
33ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 23:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 23:26:36 GMT

GET
DATA 200
OK truncated
/ Frame D313 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fc779b12112628d0c36ca34e35841445dfc361c805e5c58bb5d6bf5e2227342

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27D4 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKbuvq40pZM2bGsugqMwP-tquyAuY-6bsb7614dz0ENnZHhABIP7mpWtgkYSghYwYoAHKgtGLKcgBAakC56MY7Ykvsj6oAwHIA8sEqgTXAU_QKE8Tx5R7syOeG9boPJuDNqSINlrqKKb1Oe35cIuwtqxFWvrK7hJaQBr38gJ528zuCR5wj15BttQJCRdwpzhvP9ixi-7yPKSXCKrRiIr8kE_VHDnQOCdZuZA_foB9rHkkbqAAf-SiVuGukcW8kgZCTmD6_60dqXB1t_134h1l0237r4KNBtJ_VtAlA6lgt1jFfFLaOG9XGTFYX5rQIozxJZmtlwYSryQVRFVbI6Ht1SQno_D9uivTHUvkXWIH6mXtTQ5dqKKWbuvquWgBKFrndM8Cnj6cwASE7duMpgSSBQQIBBgBkgUECAUYBIAHyrqh6wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDXL9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYAA&sigh=6H2zUk9ASQc&uach_m=[UACH]&cid=CAQSGwDUE5ymAvTiz-dDN54R91cH-y6TJkVpXJijqxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:14:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C93E 143 B
166 B 31ms
31ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 13:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 27D4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7917f73a015a226849793b8393bc863809840c3775cbb14f1943da76623c0da4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C93E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:04 GMT
expires: Sun, 02 Apr 2023 14:14:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame EB89 36 KB
14 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 07:52:24 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1675717155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af7bec31fd474fcc584c4460d42bb36e99a1d83d3751a3e2b05f06bcc696e7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48510
x-xss-protection: 0
server: cafe
etag: 159418755936957374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:14:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 81ms
81ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230329&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1596460d792ca35315d71174c8490852bf4bcf49b03560c14adc3e394f30006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 14:14:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D49 13 KB
5 KB 33ms
33ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 18794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 09:00:50 GMT
expires: Mon, 01 Apr 2024 09:00:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8EDF 783 B
970 B 71ms
69ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7fe2e63f4d51a83565c1ad7d115bf3a90d960bd8336cf60035271271471e9e8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cr885HdG6Xd6Z_8V2Wv8yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-cr885HdG6Xd6Z_8V2Wv8yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:14:04 GMT
expires: Sun, 02 Apr 2023 14:14:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D49 36 KB
14 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 07:52:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8EDF 0
0 92ms
92ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230329&jk=173349285249724&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D49 0
10 B 33ms
33ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n9HaQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:14:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame A118 0
127 B 25ms
25ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:14:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D313 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3nQngAP32Z3f0_jk3O7ILh-U2_Hf2XobDpfOGmXkBA_FhEtIrMjdJe4SNip5og756s8WONRIQ5N9BwmT1S78OQ8a5&sig=Cg0ArKJSzLVx_-v5N0ybEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2904063243&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680444843349&rpt=827&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 27D4 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZRdkhwNgelsoBpB5XPot35qL8QK785PAXUvujBdGrK4zxpi1lHC8nMwuJ_oDsoE4l5rNAQHIEoAqsbzze1Kdhc8KrrsJUe28MNDqfaWEL05Ilx5mP_XYGTJg7oXZiAe2QbUorxw&sai=AMfl-YTq4KdQ4Qj6jUtupm_rezxe17pfBHS_Bl68vxoCTOTwio0nKqF9RUSXatHTtzOvJwjGTi04qKHAUDSX&sig=Cg0ArKJSzDpAbIhcoTk-EAE&cid=CAQSGwDUE5ymAvTiz-dDN54R91cH-y6TJkVpXJijqxgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=137,819,1001,1118,1118&tos=137,682,182,117,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680444844051&rpt=317&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230329&jk=173349285249724&bg=!MjGlMWXNAAbEgrg45II7ADkAdvg8WsUBwOPf4VWO4aGeNVeC73l-58sRSrln_KlEwHzZ9V8p94Rzqf0Yk66hZ3vYwkyfD1XzAEICAAAAZFIAAAABaAEHCgAysiWGZn8huXJCixXewT6wZd8Mz-jM3SxGe4wcTOXL9Ic6FKihi78jbdYhyqb-eFgoXzyZAqYBhvrAUPlbbbuB42hBnozTIqmm9-Pq0dTlMWo56Enq8c8alfD62ioEKjFtbqSlOk0aD7t_4ZhUswhM4aFVFpV2bceYb3d-KrKeny7p9yqYhQqMp30wbnHFiJrP0t9nJrx6dX4iaYc96_gFlz6kjkNWSr-pj3uL__kshiHr2OXfVh2-tPzHaSy8-uVvGMoQZACBifay-mGwveMOvXZFOvh0MOhXf2wrwkWtFb7Vrk7LcdnpfWSE1p3NRkvy_UOeDpEds36DoQjVQ59J_zr1Cg4nqSX9Srx4ykruOIFTsrhJwGbEysaSaNimjokkfbpgQ16gOwArLtf-GJ1k-1o1ec_y8ADfDTzVbQB02hoNyo2OeZ0U64yTudAQ9asKNZg22hGMCvnjjvRVTUXZz2CnOmlylqHCV0okXEVL94i69euxrnjuL4UsVPZLxzhJCK7TVe6dJ0UF6C25CuEda9CXoNpXYK36k3y-cwkcURA6nyH_tc-WxQMWbkY4VN0iOh1ZGzTESSSrOtnEHuk5azFYQ6Pr8ghG6nqqstsy-4rEjwA5NR4denCk5g05tIyN-bAUhsSG6sSFEeDJ0MDTEIdvRti8EX2Xegmmh5gC-hZNKEvRzXzZPe_1aODtIWhd-JOpGiRnbcFuNVrRAOXMm5Z0ILMrzOqDlJw8hy6zvBkvRMLam_8jydBbC-ff2tqqoFFdn2LubM1AZWNlrXs2t72AWKSHcQzUxukUTew750FmIi3py28uu5RsB1jj5Oi114n_w29A7-_deO923QOCa1BZ4nKEr9bPC4ZwmxNxScZqLIWXSLWW6h9p2smfGpOguvEgui-LJJyQAW3dvS5-dO6Z3Drrjfv-PcKKb2T04cl00MO319vX1LgjMvzTC3GriBaNR1FPD1Ti1ns
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 25ms
24ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.349&largest_contentful_paint=1070&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=10000&host_name=robloxscripts.net&url_path=%2F&nt_fetchStart=2&nt_domainLookupStart=3&nt_domainLookupEnd=10&nt_connectStart=10&nt_connectEnd=76&nt_secureConnectionStart=40&nt_requestStart=77&nt_responseStart=244&nt_responseEnd=286&nt_domLoading=373&nt_domInteractive=843&nt_domContentLoadedEventStart=931&nt_domContentLoadedEventEnd=935&nt_domComplete=2562&nt_loadEventStart=2562&nt_loadEventEnd=2563&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=723&first_contentful_paint=723&resource_size=864897&resource_transferred=220506&js_size=390845&js_transferred=126156&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3545
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:14:07 GMT
cache-control: no-cache
server: nginx

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1970-01-20 10:47:26	Name: __cf_bm Value: paryBAkLV768EWv1ZvdhSlN8rKLI6yETcb4CDJmOiOM-1680444842-0-ASxpRgX22giIIwDqsdbemtfLU1qYkpg+aBJXOQu7cdVq24u6fXDgQBzpRVSMhP8jJp7sxDn6CCejVOSRP4lu5BU=
pogothere.xyz/	1970-01-20 19:25:48	Name: csu Value: 219353215786202@1@1680444842
.robloxscripts.net/	1970-01-20 20:09:00	Name: __gads Value: ID=1eef34f5f71f0cbc-22b0bb407edd000c:T=1680444843:RT=1680444843:S=ALNI_MY5XSajRhshNUZzHxjVhlEohG2guw
.robloxscripts.net/	1970-01-20 20:09:00	Name: __gpi Value: UID=00000bcf4f3795c7:T=1680444843:RT=1680444843:S=ALNI_MbU7mSBqr1TfH0XrW6WScOf1njLoA
.doubleclick.net/	1970-01-20 20:09:00	Name: IDE Value: AHWqTUmUK83XzBouvOktEej9zNiRCDd9YGfle92xV5PVyCJU7eBjZyySjuUZ16i6vXg
.doubleclick.net/	1970-01-20 10:47:28	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1609978214%3A1680444843098134&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7TWEHiZUrUHsyMD9_gJm5qqoiedhC_VV6Rj-aFLYS3-2wAFJQtpE2cUWOC1SWcV1Qu376BD&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-33159685%3A1680444843062422&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Rr7LYO4bx85sTNq5zszDld7n_may1Ss2KHihZsFUELRIQtXS6FI-BlFzaydG2LC2LSeJtt&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1680444674&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680444842981&bpp=3&bdt=525&idt=362&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7067503595945&frm=20&pv=1&ga_vid=673539286.1680444843&ga_sid=1680444843&ga_hid=946642672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=173349285249724&tmod=963749827&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kwDkD5z4up&p=https%3A//robloxscripts.net&dtd=367 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2249257918045069&fa=1&ifi=4&uci=a!4&btvi=2&xpc=pNqy1YResc&p=https%3A//robloxscripts.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
admiredinde.com
ads.eu.criteo.com
adservice.google.com
adservice.google.nl
cat.nl3.eu.criteo.com
cdn.discordapp.com
csm.eu.criteo.net
dlh8c15zw7vfn.cloudfront.net
fonts.googleapis.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
peopleshouldthin.com
pix.eu.criteo.net
pixel.wp.com
pogothere.xyz
robloxexploits.net
robloxscripts.net
rtb.nl3.eu.criteo.com
s0.wp.com
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
use.fontawesome.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.21.42.211
13.225.78.108
162.159.130.233
172.64.173.27
178.250.1.6
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.139
2600:9000:2490:a00:15:9ced:b8c0:21
2606:4700:e2::ac40:840f
2a00:1450:4001:800::200d
2a00:1450:4001:801::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::f
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c301dc66ca221e1ff5dd32596a27b436ce626deab149e66b2baab3251bb09ee
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0c963a5c78c1dbde226771055692c6f8d456e293216cef6ed44db48d3ecd1443
11ecbf6fdacbbe274fbc613cf17cf4ab80790608e6ef36895abdfff88efb556d
167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69
175a26031246bc664e5f8531be5926a33957da2a4d54052716fefc5ff193eaed
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
2ddcba54e5ed4c3d6a7dad0dfaf53484b40323b12bdc3e4c2609577bd982bac3
2fc779b12112628d0c36ca34e35841445dfc361c805e5c58bb5d6bf5e2227342
3070e06f07f216509fef12f16848d99aa29a00b8ba27da92db659854d4b76595
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8
3d9d8999b53fd90eefc8e8e2451d958266d841cbeb20ac009b86c5709159f462
436f8a80292d7c1d93cd6e84f8bbadc2527338ac1ece4356a240d12082deba64
446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387
476f0da8db500a67325d873352ea02699c2c9cdacef05cb7e67f260cca859f61
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6fd6a7254f863454836b4a85d7ef8be36b9cb9f64c11c79ef82acf9d94396b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860
525222732848000d7e9a744bbb1b0c3ca36dbce4dd7bc44ae346304d105f2b59
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5891c67601020cabaf90ed5ddda027b085f57af3ab6c669cdeadd85ddd1f62a8
5ef0ed69dbd8e108fcc264310ef1fc9a3093352b4935b2b4e98b1aa943fcb92a
5f599b949ea5d982ae3e387d454c4cbc1295dec9697180267ffd563ff20eee17
613cc9a8f303bfa75f842f326d8fa9884d050e7dce9cf7ea6b45f849582b6408
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656
6c0d57d86670285a7f29129e820a6576208b5c6dea894a56e7bb240fe477f289
6eb1c2284928b90059cae1aad03f14f2bd54c7031f85f5f5eb2b06f9c70b11bd
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729ca28d20f1c7fbc11b1896ecd671ef7be9e732781f03b2d33efcd285885e35
749d38528a9c6c8a51293223f1a6f9d984e4bf9ec6767738fbeb4af7da861dfd
7776b401a53ce923a540d5a9f41ddf3923db58357b13c2ba471f4f53f1675451
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7917f73a015a226849793b8393bc863809840c3775cbb14f1943da76623c0da4
7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fe2e63f4d51a83565c1ad7d115bf3a90d960bd8336cf60035271271471e9e8f
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
84cf62a36645e4d32ebc59a22c7b669efbb64fe46fda77b752662dfb79cf8eea
8576b2ea463d7825253e47afdb1a9f52b8bb879fe449b0ba2967a9d47552b212
89b2327b345c40a08b3bc99b0e35c4c318e7b0d3fe69ff12661a37696c1dcb1e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f74583882ff0305c98aa4ad45370838bfb68e46cb5f286afa7074cb8bd219c8
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
92a57a0890de8fde70b151bf015b90192c7780426048069d4bbbaf1ccc51a59c
92ed922d41ec64a53c890015a86b67219b062ac45e8935510d6c3ded5dfade13
9adf3bc5bffd46e75b6133c2fbe8ffed320f3d3764bb85cad36de5738f0020f8
9c9e93690adfb92fee107efe1d56e046ccf98f1726f6b8d2a9c88cd5dc9ce78a
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7c9142e108a2f7eefa13926acf8550e2f5668a6415fa9bc896fac7b7412b3e3
af7bec31fd474fcc584c4460d42bb36e99a1d83d3751a3e2b05f06bcc696e7ec
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1596460d792ca35315d71174c8490852bf4bcf49b03560c14adc3e394f30006
c3dc82de7b7b0e1d9d677e2c93e4d510dbd7aca98a56ae55d3c4a5dc63b756e3
c48437b4c688d7aff7c9ce46a5173ce1bab60d20f1d200090e120661ecdefadb
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c6f5bd5414eabc93d25edc9b72ef84a2b6c4eee863b38eee419cb62f1bd2e7ba
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccf4db04ff2011f4c1fc91bebb010b1727227aa33a7e0378487031cde373d24d
d309c0ee6e820f9b45cdf88cd79e58e28d8973a6da13cfa427ad75529ad46c47
d4091abc19d770c258eee9d560bd957ade9ae297d88516311322146f85161795
d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca
de55b8b2871d661402f3134069cbcdd3d8197a9d94f4580ec4829baaa30c4427
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0b37cd5597ee9d0259529a8bece1330f1f38a3de98b6990d14f7ca1c2840dcb
e1b61b9e35ef05dbacdc0115a26c447f904015355129a1d7c4422cd4b5f41889
e1dd19c7bcd1a28b5092262d716af38e86ebeb96fc7dace8368a451fc64e2e09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da66758ee51b7f1dfe7a7488b5351e18dd5797838f5cdd5bd67ba58083d582
e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e6d54c3ec25deba52f50589c125408913a4856fba84cd5d012fa7664780343
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f67169d6d088015e27c05032d62da4f3637c1be1b9d1cabcbde80d3b5842b581
f8e28de2aaed90f2ac69d51c5b2c951caa476dec71c621b7b464a7cbd978737e
fcda48e7ab7751e4d8c640c0c05150f79e669eb960c224a6ef373417ad5cf8b9
ff103e3bb705cac3b556b54639a1602fa2531f50463ad4a90aea5e4b3b4a55b7
ff30ce3dfba9ac624dada16dc501035788ee8b9a7ffc00e7b30e55f714593420

robloxscripts.net Open in urlscan Pro 192.0.78.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

68 %IPv6

20 Domains

30 Subdomains

28 IPs

4 Countries

2004 kBTransfer

4196 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

68 %
IPv6

20
Domains

30
Subdomains

28
IPs

4
Countries

2004 kB
Transfer

4196 kB
Size

6
Cookies

130 HTTP transactions
3 data transactions