robloxexploits.net Open in urlscan Pro
2606:4700:3036::ac43:a949 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://robloxexploits.net/
Submission: On July 06 via manual (July 6th 2022, 7:07:02 am UTC) from IL — Scanned from DE

Summary HTTP 109 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3036::ac43:a949, located in United States and belongs to CLOUDFLARENET, US. The main domain is robloxexploits.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2022. Valid for: a year.

This is the only time robloxexploits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3036::ac43:a949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:214... 2600:9000:214f:3e00:3:62b:d240:21	16509 (AMAZON-02) (AMAZON-02)
10	52.219.106.185 52.219.106.185	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	162.159.134.233 162.159.134.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.7.34 108.138.7.34	16509 (AMAZON-02) (AMAZON-02)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:801::200d	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
109	23

11 2606:4700:3036::ac43:a949 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sapi.robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:3e00:3:62b:d240:21 (United States)

ASN16509 (AMAZON-02, US)

d3oy68whu51rnt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.219.106.185 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.159.134.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.7.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-34.fra56.r.cloudfront.net

ospicalad.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

nedukeratio.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cheatermad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	322 KB
11	gstatic.com www.gstatic.com	59 KB
11	robloxexploits.net robloxexploits.net sapi.robloxexploits.net	227 KB
10	amazonaws.com s3.us-east-2.amazonaws.com	5 MB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	71 KB
6	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 116 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
6	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 3271	2 MB
5	nedukeratio.lol nedukeratio.lol	2 KB
4	ospicalad.buzz ospicalad.buzz	4 KB
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 25689	202 KB
4	cloudfront.net d3oy68whu51rnt.cloudfront.net	200 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	85 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7751	914 B
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 944	103 KB
1	cheatermad.com cheatermad.com	40 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	649 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
109	20

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	robloxexploits.net pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.gstatic.com	googleads.g.doubleclick.net
10	s3.us-east-2.amazonaws.com	robloxexploits.net
9	robloxexploits.net	robloxexploits.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cdn.discordapp.com	robloxexploits.net
5	nedukeratio.lol	robloxexploits.net d3oy68whu51rnt.cloudfront.net
4	ospicalad.buzz	d3oy68whu51rnt.cloudfront.net
4	freychang.fun	d3oy68whu51rnt.cloudfront.net
4	d3oy68whu51rnt.cloudfront.net	robloxexploits.net s3.us-east-2.amazonaws.com ospicalad.buzz
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com robloxexploits.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sapi.robloxexploits.net	robloxexploits.net
2	accounts.google.com	robloxexploits.net
2	unpkg.com	robloxexploits.net unpkg.com
1	cheatermad.com	robloxexploits.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	robloxexploits.net
1	www.googletagmanager.com	robloxexploits.net
109	24

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-02` - `2023-07-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ospicalad.buzz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.cheatermad.com E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://robloxexploits.net/
Frame ID: A4D76833C1627B0F8A936234B0853334
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 553F417FCCB5922DF73738602164B2C2
Requests: 1 HTTP requests in this frame

Frame: https://ospicalad.buzz/TjEyeTYvU1EUCS8MUF9DPF0PXAQIFAA/Un1eS08OOVlHTAc8X0ZXVSJeRx1QPF5cDRggVEZcBAgJZCwPGGUAQQQHdUEJYw10XzRuBGZrMUYlV3RMTARiax53HWdLNXd6fHUrUSN2YCBUHnJKXAQMdgE0AQJIRipsGVoHNVELSFEXez9wZiNPFHZZNnsdAF0cBiVZYgNZJWRYMFwCYnczeh1oQTVke0t9E2Q3cFgWBx5yfz14CUFcOmA+BlRKdHdpAUkCHnJ3NXkkVl8YWn9deypwP2llLxN8c2gucChSeg5uL10DFXkKRlouYQhAaB4HBWsBQUIrZ0ZBVyMcVlwECHVbLBN8d30qWRd8cUkTfHN4EUI5V2A3ABZ2eBFsIF15IwV3CHg4VSZ4WBVHFmNoCGx9CXYpdR9GUxUHInp2OEUMdUIUVQYAVDdfLV97OH85UF8afBZcZEFTfQhwIH53W1RJcClXejsPFkhrDHs3BVYpcT5fcS9GI1R6DQ4ZaX9PVwYAVyBYJlZWFQcjV19IBRl2eFwEDGhcQRAkQl0XRnNIcxp6GUJkAHg9SAMN
Frame ID: 7CD24AAC1B4570EE41F312AEDA690609
Requests: 2 HTTP requests in this frame

Frame: https://ospicalad.buzz/VTd5TEo0VRohdTQKG2o/J1tEaXgTEksKLmZYAHpyIl8MeXsnWQ1iKTlYDCgsJ1gXOGQ7Ug1peBN1LhQQO2NKK3wSZhI8GCwHHw15H3UbCQQEUkkOb2dxMQ4bMnEQIAYWdEk9DxR+Og0IYEEzGQ9idhN9BgMFEhkFF1A4LyZhDz4NGCxkIXQSFE5ICigDdi0cMjZOKjsLP3Y9LxsdTiAOBSJTOwMiOVw+Oy1kci0ZKxdaCQcCZXkzKntkRSsncmFyLS8ZFnMeACwQZSEFGy0PKwoucAU7HwIxcCgiPWNRPB4SGnU8fxsTeQgfMiFjLxRyFFVJBgU0XAk8DC0aGml4E3E9OwgUXkkYBxR9OioeYEQrGgg9ZEt1HgNvQB0HPQMtBSIHDysPGCRkFCcrEV4oKCwQZSEHCGUBMR0iOG8uOA0XdBoHBD1EOi0hOlErfS5tYRQgEwBZQAMrA18qKgxkRSskGyB/EysPEVoJBwJleSwpDA9GKAkPY2UuOAIAfxECExBlLCohF18oGghwBTsYeD4REz8lO0dEIygHfg0pBTMBKg
Frame ID: D8B2A96ED0190F1DF5803693B18FE2FD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1657091215&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frobloxexploits.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657091215407&bpp=3&bdt=730&idt=187&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=214878914656&frm=20&pv=2&ga_vid=1403726049.1657091216&ga_sid=1657091216&ga_hid=1913810652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C31067527%2C31068195%2C42531605&oid=2&pvsid=1527486704732907&tmod=681528632&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: AA7562D12189684FE43F29B5FCF3E54B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: A7E1023B377D5078C896FBB129054060
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7AFDFDD3806E76649F22C44DD98656D3
Requests: 19 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Frame ID: D2014BC5CAD0CC98A97C1CB6F5AB849C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF4753270CC94E2C338F2ECFFAB415B5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 64D302959B2657E9BF49EAD17EB5B557
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C59B3468D05F988EEB563273C05CA9A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 408DDE1B032FAAC41B4A0B7562A0F264
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ROBLOXEXPLOITS - Roblox Exploits, Hacks, Scripts & Cheats!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

109
Requests

100 %
HTTPS

86 %
IPv6

20
Domains

24
Subdomains

23
IPs

3
Countries

8218 kB
Transfer

10285 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
robloxexploits.net/ 53 KB
15 KB 321ms
280ms Document
text/html 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d561209a7d1d16f47e865cb599478ffd0dc623f7e598fcaa81a45a62e82ec042

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7266801a0dd40f5a-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 07:06:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe2PfoLbt8v6pjTl%2FtPqZhAq4IQhMW2N2z1w%2FgR9GZ1sZqt1pRePjI7EgiwgllDwuGcLaRKOjX9E4U7HBjT%2FN3JVFNvD8DQWhV2VMZ4hSXd2LG99k%2B20oxKNm5HJsULLxN3XIUeghuUQi27rL3%2BDQi8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
ssl-offloaded: 1
vary: Accept-Encoding
x-forwarded-port: 443
x-forwarded-proto: https

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.0.7/css/ 62 KB
11 KB 62ms
35ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6406271
fly-request-id: 01F3YCP9T2CJNEAMHWBGB3J1WM
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"f703-kEpTqbib37RBQP2PIpppYa/VnfU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7266801bf9c20225-ZRH

GET
H2 200 / Show response
d3oy68whu51rnt.cloudfront.net/ 309 KB
99 KB 61ms
21ms Script
text/plain 2600:9000:214f:3e00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3e00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0a14fee88678669422a33066832ecbde46a7521bc19fc47c200770d9428b6f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 06:49:07 GMT
content-encoding: gzip
age: 1067
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 101207
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: eOL7SwsmCeaOHeIT21TR1J2SjWX9bbxDFTdFBkX3UHoFjxxOVXtCsw==

GET
H/1.1 200
OK adblock.js Show response
s3.us-east-2.amazonaws.com/robloxexploits.net/ 64 KB
64 KB 452ms
125ms Script
application/javascript 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/adblock.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 369a6a49db93c6e064521a21f5a633f84c3169953ad0ba205a7b97b67b34e91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:56 GMT
Last-Modified: Sat, 16 Apr 2022 16:58:21 GMT
Server: AmazonS3
x-amz-request-id: 85FYR5AZBFBVRA0R
ETag: "cd9c5ec9b29e09bf6da07d23c6ea9b53"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 65187
x-amz-id-2: 0tmdWO8GCQu7LB1gO/sSEwy/V2pvyouotwjNWzKhVdjiYKgpE51cH/SAOd3U1aXs0bUtCPXa8UE=

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8075ad0bb514505959dfe479324ce4858efb732a520f2af89627512fa2045307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Origin: https://robloxexploits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56248
x-xss-protection: 0
server: cafe
etag: 11424960741916969936
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:06:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-170951207-1

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cbfecb6ed8aece751eba3e15b6b2e8cee2448da0bc6afde4731a9e055e10b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40332
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 07:06:54 GMT

GET
H2 200 753fbc2.js Show response
robloxexploits.net/_nuxt/ 3 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/753fbc2.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f31d6d27bb609e397f78ea0e6b77b92051488855c1db09da962d64b45ee8fffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2573498
cf-ray: 7266801bdfc00f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Jun 2022 12:01:43 GMT
server: cloudflare
etag: W/"a37-18138e46ca9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyeUmEN%2Fohoj57ZAQClMNkm2Pkq%2F54nkfJhJCPDEF1Y3OoIZRon8Ndb%2FoMkUq8hEKBzNXIms3rjdA10bVw7uAWgZZr8Gab9fFAnON3AnjKPZqRPV2FpYVxDjY5N2Ck%2FpyLgfI%2BlUtzLgfjph27%2Boq0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 2d7f587.js Show response
robloxexploits.net/_nuxt/ 228 KB
80 KB 52ms
50ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/2d7f587.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32c109e490a356a57ad4d3b998bb9ece8b36e1a2c4ee6f4a2948b9dcc561f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4354345
cf-ray: 7266801bdfc30f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 21:25:40 GMT
server: cloudflare
etag: W/"38ee8-180cec33135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuAcjiXr2GdAAp7mEmuwW3wlAeLLRjTODcXqu3A8ANi6qt1EcR10qs8W4RKH%2Boxv8VzQPIEGFioWqiOjOJNaoxoSo%2FyId9DMVyxYhPnLYqhV75C3a5GGVtbcE5HjnPQ8YvHTeRE%2FJLrL4ITXs%2B%2BwvdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 a2f899c.js Show response
robloxexploits.net/_nuxt/ 158 KB
48 KB 32ms
30ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/a2f899c.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f520d398ff23ff43a2e04ef37516c7a19647ba329a13a5787fc2667f07f853c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4303079
cf-ray: 7266801bdfc40f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 11:31:32 GMT
server: cloudflare
etag: W/"27754-180d1c99a76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFQDpJ0dyFXAnxf4jZJ5%2F80zt2WuFFX2wklhG1EaEGH%2FvBrwnVyv9Ps7KUt07Ch2gddHw%2Fsd02hQEoSA%2FkfhvD72L%2FS%2FB01Jf%2BL9kdKsDB35fwFrqFhE7riDscI3fKRZ4NJRyn50Uw7BsCaGZmBuRkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 345427b.js Show response
robloxexploits.net/_nuxt/ 100 KB
26 KB 51ms
50ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/345427b.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dea8c2a6fdce72d434c49425d72919ef1bb55fcfc7e492f2d72858f7eb6bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395494
cf-ray: 7266801bdfc60f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Jun 2022 12:01:43 GMT
server: cloudflare
etag: W/"190d7-18138e46ca1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxnARQ%2F2EmWpAoC16yUhvqXy9LAyYTwdePljQmhMlT70aRL7S3lTwJbXQhrRCevbm5yXt3%2BabK6TnAW8bAbb0DYC1Wz3a2YLAqlw3RHg1%2BRReVayISukgblu8Y9WdI2e79sl0O6lDNnF5cRF0A72NNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 5a8637a.js Show response
robloxexploits.net/_nuxt/ 13 KB
4 KB 49ms
47ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/5a8637a.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d8fe97f44a53a5c88fcfac57ba95f2ce4a81a1109fec41e22c095c3c353479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395494
cf-ray: 7266801bdfc70f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Jun 2022 12:01:43 GMT
server: cloudflare
etag: W/"3557-18138e46ca5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQKnXnUpRC6DaA8AQ%2Fj9%2BYKzpn6RCGo%2F0%2B8NoQW7rhhvye%2FkO%2FOqRpXpPynj0ymTnUt9pBHnKZrwbG9PDtwCK59K6w%2FwgOEY%2BmF%2Bxf258fWgF0YkJgaxio%2BV%2FXKLzkz%2BuzLBtVrvtshRZET48UQ5W%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 f9fbfe4.js Show response
robloxexploits.net/_nuxt/ 100 KB
35 KB 30ms
29ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/f9fbfe4.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58aacc560f9d43566d184c2ee69ad8efc9d820f762cfe5e4441d220927cb12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4303079
cf-ray: 7266801bdfc90f5a-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 11:31:32 GMT
server: cloudflare
etag: W/"190b1-180d1c99a72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=557Ea2URk71qxUtRFgwRdnM56DkqRYEyglYqp31Yun0V0aSEQG4lZnAAr2sB8cDYZQzeYiuAGh67dPG2tHuTh98O4%2FHPGe4xJwhk7UggNTE86yKuEpxaBGUdXcNF1l2i%2BrRSWec%2F1Nk867zDMJo6FPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 PNG_WHITE.png
cdn.discordapp.com/attachments/866425921661042718/872477577560870943/ 48 KB
49 KB 45ms
22ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/866425921661042718/872477577560870943/PNG_WHITE.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44119507501add5c3071d961e28f2c4522572dd68fcb2588092edced4a71ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=hZbj2Q==, md5=UrIbbG03jDqdwDugZGU5nw==
date: Wed, 06 Jul 2022 07:06:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1117610
x-guploader-uploadid: ADPycdtmMkOprgYsF5Yqww1gLIg1OcYjO4KyMVLz58lkjDs0eDmQUvKaviruoawHsffiNEbbTkmdxA3L9gMgWxADwQtneA
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48995
last-modified: Wed, 04 Aug 2021 13:54:24 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "52b21b6c6d378c3a9dc03ba06465399f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKkAo7p8xrRJew3j8pCaZZtw%2FNfVFybqK00%2B6B4qEpeHxe5lxfgeIfTRmJFahqOEcYhVdOeTnSb17WDujkhUsVlE2fI0e2K1XAHK%2FD9ra2h8CSjugfXqeuqmCQ%2FC3U0VCSZGzw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628085264376742
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 48995
accept-ranges: bytes
cf-ray: 7266801d2a5bbc04-FRA
expires: Thu, 06 Jul 2023 07:06:54 GMT

GET
H3 200 xd.png
cdn.discordapp.com/attachments/857197028190584833/962610919995748392/ 58 KB
59 KB 31ms
21ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/857197028190584833/962610919995748392/xd.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce5af5b0ba07c8704e9d7d12e9ab2d535ce88476ea34ca0ca208e92e66e6890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=aPB4Hg==, md5=P8x8IRdga9KsEMfvbFqRkA==
date: Wed, 06 Jul 2022 07:06:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513896
x-guploader-uploadid: ADPycdsXwE2CMZGaiXxCOS_owh3hj0VH1Z7Mca4EoTOq3bKe9IKc_81gNRQ4Ey_f1XVK9GlcUxZxb0yjD3rnKGtBDOeWhgAe7huA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59395
last-modified: Sun, 10 Apr 2022 07:12:07 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "3fcc7c2117606bd2ac10c7ef6c5a9190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twNgoC3Lg%2F%2BQxkkEAEapoUxVErod7mkHGKhx6ZCelzFIHJA2CN3BAq%2BR6CggyLvl8e1rBbq8lOs3vgaVCAwjBuj4Qjr3HpM%2BJPiuoMTsP%2BWywnvE%2FE%2FGVTuGZteyeQhApSXGTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649574727809238
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 59395
accept-ranges: bytes
cf-ray: 7266801d597dbbd7-FRA
expires: Thu, 06 Jul 2023 07:06:54 GMT

GET
H3 200 AKedOLTGUVMiLfCqcu6Q9Lo0vxExvqgWNBsKmFTvHy_vSQ3Ds900-c-k-c0x00ffffff-no-rj.png
cdn.discordapp.com/attachments/830503517399416892/876823113273339924/ 720 KB
721 KB 30ms
30ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/830503517399416892/876823113273339924/AKedOLTGUVMiLfCqcu6Q9Lo0vxExvqgWNBsKmFTvHy_vSQ3Ds900-c-k-c0x00ffffff-no-rj.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0d157c4ea23f4392a3fb4d1f2b0e3292a9d60809219b912cded188650018bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=7vrJMA==, md5=eA86gTye2cJhEt4BZ093Sg==
date: Wed, 06 Jul 2022 07:06:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2116947
x-guploader-uploadid: ADPycdu0-kNYVkJufArG4-e2MpDXc-1ejmjLEoEBFjQkA8k0xl9gEcwCaMEtVTo4fIL1Iln0dV3un9-MbyGXF5Npq306pH6RoCaJ
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 737344
last-modified: Mon, 16 Aug 2021 13:42:00 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "780f3a813c9ed9c26112de01674f774a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8Vmn34TWwKNEiwMlHcd6nQ0Na%2BM4pxUk1MulFOXkXMUuCw1z%2BrLwzMw3SLZ6vy6fF6Wk4oMetkqwg3DGE8i9VaZjRip77xMsMWO9a73A0IU36jdqHf1H2Cbe2FETcfQ6vHz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629121320847034
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 737344
accept-ranges: bytes
cf-ray: 7266801d99c4bbd7-FRA
expires: Thu, 06 Jul 2023 07:06:54 GMT

GET
H3 200 unnamed.jpg
cdn.discordapp.com/attachments/929421642235519037/983338386662244432/ 2 KB
3 KB 22ms
22ms Image
image/jpeg 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/983338386662244432/unnamed.jpg
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387fb9ef8d5d6ca50b902dcf02c4881b1317c780726ed29372b90cde6cb21c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1100472
x-guploader-uploadid: ADPycdtX5PB7WSsE4GhIos_Wncyp5NKq_RQybu5EpymqTaWndEbLDoh44aezeQD8uF0kyJ-XXpJH2W2SnhBRnfRpysAp8w
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ke6te4sJC8I8SDAZ19AaHzxnP3y%2F4%2FUa1Y4qzJZ2CQTDuzo6t%2BVVUsOdfP3IS28BvpXZk5GEwlK0rwX59ErwpULrH6IxhoxP8ARUq38I9GNvnczQbxMOWIFb%2FJ6I1xHsdLe%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1932
cf-ray: 7266801e0a8ebbd7-FRA
last-modified: Mon, 06 Jun 2022 11:55:40 GMT
server: cloudflare
etag: "758cf97c5feb91949efff044e825464e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=rf9UlA==, md5=dYz5fF/rkZSe//BE6CVGTg==
x-goog-generation: 1654516540962747
content-type: image/jpeg
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1932
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 06 Jul 2023 07:06:55 GMT

GET
H3 200 unknown.png
cdn.discordapp.com/attachments/888735800454434858/983337937343238164/ 681 KB
682 KB 25ms
25ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/888735800454434858/983337937343238164/unknown.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b81502b702906c2cfc0f8e81a5341fbf63b2033de9b35eed3fb1f4c8c0f54c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=rKEcmw==, md5=idH/CMNmXX5k6Yy/79YGlw==
date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153307
x-guploader-uploadid: ADPycdseWYdaO-vQWQiNIxouM5fqAoLJxLOAcHL2BRICE54nzUiBZ3hXOLB-M459nx0bAK0lZDyWXly7qeShMuO-VCTssw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 697116
last-modified: Mon, 06 Jun 2022 11:53:53 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "89d1ff08c3665d7e64e98cbfefd60697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbh2G%2BvspsLNyfHeVJe1RHaV3j50%2FyY3UxTuK4%2BLPzXyyK5BBveVuSVAUB8GuA5KqBc21Xbw%2Bd4gfGi%2Bmdce6%2BZ2QCAx241hB%2FeZqRaVvuvX%2FZjeQe6E3e%2FfGG8HlhtYPkV1Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654516433840030
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 697116
accept-ranges: bytes
cf-ray: 7266801e3ad4bbd7-FRA
expires: Thu, 06 Jul 2023 07:06:55 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 76ms
31ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 06:37:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aookzFnhLfiPbTfMIpbSFEUypMN6ThAp9obu2BJP1J3LOzospGe0T5ML4kwj1vg5umq6D3FnzNzqErjP%2FuL%2BVLIiyLsflUZPnzXoVLg2gqKxZuP1fxbo60fQPy7WZUGeY6WLU9bu%2BG21OYZQ"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://robloxexploits.net
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7266801c9e82baf9-MXP
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
382 B 169ms
124ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce58d4864563f5e4d889cfdeff8cebc479c9cb715556165130f3b83dd03ead2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpTDDde16pPdSMZWEnnayfFgzKlqUPgm2yWyRkLVpYZwNm0KLz0C47MibjL6TdWztAYT4NrBHsiJ6CcgPcjmuA6o6xIvJKByFJdvWM8H77oO%2Bb%2FxcnRznhGrnFO381DlhAV6ToiN3I6N%2BMBR"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7266801c9e84baf9-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ospicalad.buzz/ 0
492 B 119ms
97ms XHR
text/plain 108.138.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ospicalad.buzz/utx?cb=NPQ8hspiNzKd&top=robloxexploits.net&tid=955131
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-34.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:54 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxexploits.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: diPl4MyJubHggUgVEuLMSVzU1L3VkOvrJ2cFP0T_a67D5Nq3e0t3SA==

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 85ms
48ms Fetch
binary/octet-stream 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:54 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 06:37:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5KQbOYbToHFm2ybJptfcSnBVzLRQzH1BcdbPhe6h1FU8G1ouqe5GSdfZF2EA4379zL3ndpBHFVNU%2FwCjaspDJHge7AKubrcQ91Ffs0CJEPnwLO8CsNzzOgKcqk6jxOF2Nub2%2FkMVMvHv5eB"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://robloxexploits.net
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7266801c9e86baf9-MXP
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
393 B 255ms
218ms Fetch
text/plain 2606:4700:3030::6815:2dcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a025cb2067769382fd40b2c6c65ea6bfdd4c11793ddc4da0ebf4adc260e56bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md%2F1X4lZ9Br2s%2Bd0N65ORNVAA800d%2FwSGe%2Fi66C%2B%2FH%2FRf6OZpYrzKQWR5u0RVPWYBKH2IlieJRBrmf0li81Jnq9gnfaktDMdlzUpRBl6tCPxN4ssOJaG9QaqFDsC8HkhMclp9StjpqxEYw%2Fj"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7266801c9e87baf9-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
ospicalad.buzz/ 0
493 B 111ms
98ms XHR
text/plain 108.138.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ospicalad.buzz/utx?cb=njIk1EaGVyXE&top=robloxexploits.net&tid=955748
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-34.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:54 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxexploits.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 2-UO09lGFSAPRppBuavH4ypXSB4wJYCIInx9ZvufbkqQ8BGPqlncjQ==

GET
H2 204 azBIdGlEDysHVD4ABg0KWn45EAIldRFGDVhhDS4DMngSMjpZdW4AAA8NcUFcWgN5UhkCVHVFTxhEKQAcGA15UgAFVidJTx0NeVpaXx56Q0daFj1JWE1EOBUOVgFuBB0fXHVFX14HeE1YWQF8Q19f
nedukeratio.lol/ 0
494 B 162ms
118ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/azBIdGlEDysHVD4ABg0KWn45EAIldRFGDVhhDS4DMngSMjpZdW4AAA8NcUFcWgN5UhkCVHVFTxhEKQAcGA15UgAFVidJTx0NeVpaXx56Q0daFj1JWE1EOBUOVgFuBB0fXHVFX14HeE1YWQF8Q19f
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq4PMhBveZNhkeKlMeCiNL2htuV43lbK7l6R%2B2UYdp9W2jwlxKKN0OwOcaWT%2FDbVRUGdvzaKNibCW3pPODtVfIp%2ByV0FjeXQqNWvdvCNicHOAsnlgNrpCcAoXAGFBdfK3MwkktIWdjJJN5yPuZg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7266801ebc17bb19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 76ms
61ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 85ms
50ms Image
text/html 2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 96ms
66ms Image
text/html 2a00:1450:4001:801::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 popunder.gif
nedukeratio.lol/ 35 B
629 B 43ms
24ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/popunder.gif
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:37:53 GMT
server: cloudflare
age: 48542
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyIr4xTfdCACeLtfcUQbnsD1ghZY%2BVOe4yLYalNGJYeq6PEnNaJUwfcKtvR7B17GfjLGNoc0aAWRGFVR%2B04e5dBQkoSO1FjbZXMWXyBD%2F1x0NRCrs9xr0aUPR%2BtxY4o4JuwIlFCh6f1hwvOAHLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7266802028e65a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 bzV8B3kDBWoDDhMDQBMaMSt5ChUVOWkDATEuT3Q4OwsFa3lnWAxqaiIGXG99dBxMMzgnHAVjajsBXj1xdBkFY2JhWxZge3xeHidxY0lMIi01Ugl0PCYbVG99ZFoPYnVjXQlme2Vd
nedukeratio.lol/bzhSTFJABzE/ 0
471 B 137ms
118ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/bzhSTFJABzE/bzV8B3kDBWoDDhMDQBMaMSt5ChUVOWkDATEuT3Q4OwsFa3lnWAxqaiIGXG99dBxMMzgnHAVjajsBXj1xdBkFY2JhWxZge3xeHidxY0lMIi01Ugl0PCYbVG99ZFoPYnVjXQlme2Vd
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSMtFByTpCJVKZ7AxoYY5pijV6dOXUzIwg6%2FmqeXThwrgruamQsbmdDqDWpvDpshml8BEF5B4uiETlVYcJirCfmYEB%2BP3cyII85pLpCxPIE6bza0En7BwYr1JcHvO2xmOHHzsGDFxAmKYosgaKE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7266802028e95a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
d3oy68whu51rnt.cloudfront.net/ 309 KB
99 KB 36ms
21ms Fetch 2600:9000:214f:3e00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by: Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/adblock.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3e00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d61e0cac7d6e07aac9848281c7a3f2980f730f3a905f55202302c255ae182129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 06:49:07 GMT
content-encoding: gzip
age: 1068
x-cache: Hit from cloudfront
access-control-allow-origin: https://robloxexploits.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-length: 101205
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: qmNhUDK5uD-VknqIfS8HldAIGFCpogDLiYg58DcTd-mQzxmk6fSy0Q==

GET
H2 200 boxicons.woff2
unpkg.com/boxicons@2.0.7/fonts/ 91 KB
92 KB 54ms
28ms Font
font/woff2 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/fonts/boxicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css
Origin: https://robloxexploits.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6400340
fly-request-id: 01F3YJCZN62JHNR9DX8XMG9EQH
vary: Accept-Encoding
content-length: 93260
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: "16c4c-pVld0x4LunUHF9iDN+x/LvuPssw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 726680203ea32373-ZRH

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 337 KB
119 KB 47ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxexploits.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f978c7b9b0477b81f92497095f3893bcaf0c69bf970ed24ad8ad9bc110868dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121300
x-xss-protection: 0
server: cafe
etag: 9217723549677465613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:06:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 553F 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 16:47:47 GMT
etag: 10429905676100781186
expires: Tue, 19 Jul 2022 16:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170951207-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 126
date: Wed, 06 Jul 2022 07:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Jul 2022 09:04:49 GMT

GET
H2 200 all Show response
sapi.robloxexploits.net/api/v1/public/ 25 KB
9 KB 339ms
288ms XHR
application/json 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sapi.robloxexploits.net/api/v1/public/all

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/2d7f587.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7fde7c1d841dbd655378301fd03f13580c6c5dbb6eb4cf9fdcc350a6b3989e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
cross-origin-resource-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: W/"62a2-5G9SuhG6eHwcClCg/B+0KJRkM7s"
expect-ct: max-age=0
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaO6jmx2Up5BMlM3JyMs%2Fy%2BzE3P2XsP8cqxvDnzqVWLYjX62mtK6FTIj3jL8YbpbhL2O8QLQdt9SDTBVV2AqrIq%2B77w2K0lEJkXdQT1hqd9fogd3uywlzQrJCnCll9WfMJdQJDBI1t1DP%2BOgQXVvf6VO5PuAqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
origin-agent-cluster: ?1
x-forwarded-port: 443
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 726680217828bb26-MXP

GET
H2 200 any Show response
sapi.robloxexploits.net/api/v1/public/ 9 KB
3 KB 324ms
274ms XHR
application/json 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sapi.robloxexploits.net/api/v1/public/any?skip=1&limit=8&sort=recent

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/2d7f587.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84883a8c8cb8b0d17ffaa2792e6e3a6caf2e95120f4f22b5c7cfcd03e19531ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
cross-origin-resource-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: W/"25b7-ZyCooZPgQHLsiND85wjuhdfz0uY"
expect-ct: max-age=0
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k5Uuq7j4%2Blp2QgjdfVB3UL61n%2BAr2pIUVVrW%2BVRGKtkgX9G%2FJwfI56tQ3kIE%2FPSC65XY5eItoY6bGVA15I9wNvceAXV9cesHV7vpL42nHszEAbMeHVO3%2FOKl75HkrsRbtmeyMw3QT%2BIEPW8sIx0ep9sQkcB1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
origin-agent-cluster: ?1
x-forwarded-port: 443
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 726680217829bb26-MXP

GET
H2 200 Un1eS08OOVlHTAc8X0ZXVSJeRx1QPF5cDRggVEZcBAgJZCwPGGUAQQQHdUEJYw10XzRuBGZrMUYlV3RMTARiax53HWdLNXd6fHUrUSN2YCBUHnJKXAQMdgE0AQJIRipsGVoHNVELSFEXez9wZiNPFHZZNnsdAF0cBiVZYgNZJWRYMFwCYnczeh1oQTVke0t9E2Q3c... Show response
ospicalad.buzz/TjEyeTYvU1EUCS8MUF9DPF0PXAQIFAA/ Frame 7CD2 3 KB
2 KB 99ms
99ms Document
text/html 108.138.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ospicalad.buzz/TjEyeTYvU1EUCS8MUF9DPF0PXAQIFAA/Un1eS08OOVlHTAc8X0ZXVSJeRx1QPF5cDRggVEZcBAgJZCwPGGUAQQQHdUEJYw10XzRuBGZrMUYlV3RMTARiax53HWdLNXd6fHUrUSN2YCBUHnJKXAQMdgE0AQJIRipsGVoHNVELSFEXez9wZiNPFHZZNnsdAF0cBiVZYgNZJWRYMFwCYnczeh1oQTVke0t9E2Q3cFgWBx5yfz14CUFcOmA+BlRKdHdpAUkCHnJ3NXkkVl8YWn9deypwP2llLxN8c2gucChSeg5uL10DFXkKRlouYQhAaB4HBWsBQUIrZ0ZBVyMcVlwECHVbLBN8d30qWRd8cUkTfHN4EUI5V2A3ABZ2eBFsIF15IwV3CHg4VSZ4WBVHFmNoCGx9CXYpdR9GUxUHInp2OEUMdUIUVQYAVDdfLV97OH85UF8afBZcZEFTfQhwIH53W1RJcClXejsPFkhrDHs3BVYpcT5fcS9GI1R6DQ4ZaX9PVwYAVyBYJlZWFQcjV19IBRl2eFwEDGhcQRAkQl0XRnNIcxp6GUJkAHg9SAMN
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-34.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 65133843ca6162d454d719a6211bf7bc7dbe3ae23d1b18342349eefa9f638037

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1254
content-type: text/html
date: Wed, 06 Jul 2022 07:06:55 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-id: ajkDjkSujlAgnJ6zdyhMnrYQYmxqt74_xS53vUNwUp03GlpBqOuDHw==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 200 EysPEVoJBwJleSwpDA9GKAkPY2UuOAIAfxECExBlLCohF18oGghwBTsYeD4REz8lO0dEIygHfg0pBTMBKg Show response
ospicalad.buzz/VTd5TEo0VRohdTQKG2o/J1tEaXgTEksKLmZYAHpyIl8MeXsnWQ1iKTlYDCgsJ1gXOGQ7Ug1peBN1LhQQO2NKK3wSZhI8GCwHHw15H3UbCQQEUkkOb2dxMQ4bMnEQIAYWdEk9DxR+Og0IYEEzGQ9idhN9BgMFEhkFF1A4LyZhDz4NGCxkIXQSFE... Frame D8B2 3 KB
2 KB 98ms
97ms Document
text/html 108.138.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ospicalad.buzz/VTd5TEo0VRohdTQKG2o/J1tEaXgTEksKLmZYAHpyIl8MeXsnWQ1iKTlYDCgsJ1gXOGQ7Ug1peBN1LhQQO2NKK3wSZhI8GCwHHw15H3UbCQQEUkkOb2dxMQ4bMnEQIAYWdEk9DxR+Og0IYEEzGQ9idhN9BgMFEhkFF1A4LyZhDz4NGCxkIXQSFE5ICigDdi0cMjZOKjsLP3Y9LxsdTiAOBSJTOwMiOVw+Oy1kci0ZKxdaCQcCZXkzKntkRSsncmFyLS8ZFnMeACwQZSEFGy0PKwoucAU7HwIxcCgiPWNRPB4SGnU8fxsTeQgfMiFjLxRyFFVJBgU0XAk8DC0aGml4E3E9OwgUXkkYBxR9OioeYEQrGgg9ZEt1HgNvQB0HPQMtBSIHDysPGCRkFCcrEV4oKCwQZSEHCGUBMR0iOG8uOA0XdBoHBD1EOi0hOlErfS5tYRQgEwBZQAMrA18qKgxkRSskGyB/EysPEVoJBwJleSwpDA9GKAkPY2UuOAIAfxECExBlLCohF18oGghwBTsYeD4REz8lO0dEIygHfg0pBTMBKg
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-34.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f6f89aee5e502f926431fd22724d1aba8a2ef784ae1cb92b0eb2780e9bb4c15c

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1247
content-type: text/html
date: Wed, 06 Jul 2022 07:06:55 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-id: Dgct1OFKXPkGbW-pWK2lY79lgGouZLAX_bwgfTnllFKsd0sN46EzQQ==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

POST
H3 204 blBucGFBbw0DXD88CgQuNjhZKQ0ZHz04OwQIGQgoDQckESA7P0gECAptV0VUX2NfVhEHNFNBRx0kDwQUHW1dQFFfdgceBwFtXkBRX3YYTVBAY1peU1l+X1YUU2JfR1ZbaVxDUFZoWUdQWWBIBBEPN1NBRx4kGhxcX2ZbR1FXYVxBVFtnXA
nedukeratio.lol/ 0
474 B 122ms
122ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeratio.lol/blBucGFBbw0DXD88CgQuNjhZKQ0ZHz04OwQIGQgoDQckESA7P0gECAptV0VUX2NfVhEHNFNBRx0kDwQUHW1dQFFfdgceBwFtXkBRX3YYTVBAY1peU1l+X1YUU2JfR1ZbaVxDUFZoWUdQWWBIBBEPN1NBRx4kGhxcX2ZbR1FXYVxBVFtnXA
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRVk%2FynhFfZy011f6%2FDjYL2UgctGhr5gvMlD0CR2LZkmO08f0aoJf8wjlYEMFR%2F52uCHF3jXftWD1WYLk463u%2FHAWbNqGoltSek1shZGm3EFPVSD5uZ4dLTLXwAuPIPAVbDJNfeTKbm5A0OvWts%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726680216aef5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 A0cBBHILQAYCdwdGBw
nedukeratio.lol/MnE0M0IdTldAf2gfXFwXAStnYBRaFmUCFH0kc1cHZEFYVxtnRRJHK1ZMDQZ3BUUMFTJbFQkCZEEFVUc3QUwHA3IDV11dJF1MBANyA1dCDnMcQgAdcAVfBRU3D0MFBHUHSAYAcwpJAwRzBUESRzJTFgkCZEIFQF9/ 0
478 B 116ms
116ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedukeratio.lol/MnE0M0IdTldAf2gfXFwXAStnYBRaFmUCFH0kc1cHZEFYVxtnRRJHK1ZMDQZ3BUUMFTJbFQkCZEEFVUc3QUwHA3IDV11dJF1MBANyA1dCDnMcQgAdcAVfBRU3D0MFBHUHSAYAcwpJAwRzBUESRzJTFgkCZEIFQF9/A0cBBHILQAYCdwdGBw
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2Jb1V%2B%2F7QZuCo38Kv41TdFD32%2BtCnphWgSmXTgykiMxl%2B6G%2FY4C56Tu8yugCq9VgnKGyp48bP7ZPRG8zoWPM%2FCZH57PPqdVWaFhHvXqeXypqXUTk2SfEvBYM4w07rt0ZnIjAvKJOhm1n7e8ZdU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 726680216af35a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1913810652&t=pageview&_s=1&dl=https%3A%2F%2Frobloxexploits.net%2F&ul=en-us&de=UTF-8&dt=ROBLOXEXPLOITS%20-%20Roblox%20Exploits%2C%20Hacks%2C%20Scripts%20%26%20Cheats!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=59713633&gjid=2037818641&cid=1403726049.1657091216&tid=UA-170951207-1&_gid=1341328517.1657091216&_r=1&gtm=2ou6t0&z=683657595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://robloxexploits.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://robloxexploits.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1913810652&t=pageview&_s=2&dl=https%3A%2F%2Frobloxexploits.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=ROBLOXEXPLOITS%20-%20Roblox%20Exploits%2C%20Hacks%2C%20Scripts%20%26%20Cheats!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1403726049.1657091216&tid=UA-170951207-1&_gid=1341328517.1657091216&gtm=2ou6t0&z=388889098

Requested by

Host: robloxexploits.net
URL: https://robloxexploits.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 11:37:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70165
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
649 B 35ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=robloxexploits.net&callback=_gfp_s_&client=ca-pub-2249257918045069

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxexploits.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a355b4ce643c126ffd48f3492e27324741de821213f9631b3237be1b7568abdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 64ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA75 247 KB
58 KB 509ms
495ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1657091215&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frobloxexploits.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657091215407&bpp=3&bdt=730&idt=187&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=214878914656&frm=20&pv=2&ga_vid=1403726049.1657091216&ga_sid=1657091216&ga_hid=1913810652&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C31067527%2C31068195%2C42531605&oid=2&pvsid=1527486704732907&tmod=681528632&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9380a10741e8ab92557607254e037ed7dd5982a998e73db1b8c850832b40b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58962
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 07:06:56 GMT
expires: Wed, 06 Jul 2022 07:06:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9b33f03.js Show response
robloxexploits.net/_nuxt/ 11 KB
3 KB 25ms
25ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/9b33f03.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/753fbc2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8ce253dcd4d39416e3d7ab74e2ddc8f01c87ed0f2497fe356d107a683bc961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4077708
cf-ray: 72668021aba40e26-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 11:31:32 GMT
server: cloudflare
etag: W/"2ce9-180d1c99a72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcMvWOYD2TmhFMKIrYBEN%2FIKx2ulXW1ORTSAvaI6gEPlDofH%2FY7FSgdd3VmB9BYQjmSYRl13kn3Nt%2FoEIROxkHY1RE9S5v%2FSVXkEXzR4u79UibXbMj4iXcDwEhbgPX7ahzF%2Fil5iJgx9slaJ3ndi7lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H3 200 909e36f.js Show response
robloxexploits.net/_nuxt/ 8 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700:3036::ac43:a949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/_nuxt/909e36f.js
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/_nuxt/753fbc2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0068134461d7b778c48daca41e48634db5ce8dfccf0727d63d005a4135b857da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1892728
cf-ray: 72668021aba60e26-MXP
x-forwarded-proto: https
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Jun 2022 12:01:43 GMT
server: cloudflare
etag: W/"1f31-18138e46ca5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ssl-offloaded: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEesy0MXYI%2B6URmd0moaxeO4uQxxZNy%2FmJL3ciFrquq4rlEtstaAl4JgnxigEIT6T7QvR7RJKlsWbFZtGuXUWu3VjzI2fdxclU4KeAYP6PjQFAnle4%2F56fMpDlVK8vKoVAEjMszOV7R4sYCGuQ6cAEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-forwarded-port: 443

GET
H2 200 OSoYMC0+JhtwfRN6XGJhZnlKZ399JAchIjlqXRZqZ38DPCQwal1lKDAsBDpmcH1fNicnIAIwamcJXmV8e39BYH9jf0FgfHB9XyYuMy4dPGpnCVpmeHt8WXM6aH1eYnhgdl1mfm13WGJ+Yn8 Show response
d3oy68whu51rnt.cloudfront.net/8VU9VT282IDspUCEmMXJWYHpkfF5zJSYgASVyLA4MGRgmGRYbPCx+G3M7LytSZWk5LgEycnMqATZyZGkOMS1oe0khPzokUjIjLSEJLSYsLR5zOjRyAjo1PCMDNGpnCVp7f3B9X304PCELOjgmal1lISFqXWV+ZWFfcHwXal... Frame 7CD2 757 B
832 B 151ms
151ms Script
text/plain 2600:9000:214f:3e00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/8VU9VT282IDspUCEmMXJWYHpkfF5zJSYgASVyLA4MGRgmGRYbPCx+G3M7LytSZWk5LgEycnMqATZyZGkOMS1oe0khPzokUjIjLSEJLSYsLR5zOjRyAjo1PCMDNGpnCVp7f3B9X304PCELOjgmal1lISFqXWV+ZWFfcHwXal1lODwhWWFqZg1KZ38teVt8am-d/DiU/OSoYMC0+JhtwfRN6XGJhZnlKZ399JAchIjlqXRZqZ38DPCQwal1lKDAsBDpmcH1fNicnIAIwamcJXmV8e39BYH9jf0FgfHB9XyYuMy4dPGpnCVpmeHt8WXM6aH1eYnhgdl1mfm13WGJ+Yn8
Requested by: Host: ospicalad.buzz
URL: https://ospicalad.buzz/TjEyeTYvU1EUCS8MUF9DPF0PXAQIFAA/Un1eS08OOVlHTAc8X0ZXVSJeRx1QPF5cDRggVEZcBAgJZCwPGGUAQQQHdUEJYw10XzRuBGZrMUYlV3RMTARiax53HWdLNXd6fHUrUSN2YCBUHnJKXAQMdgE0AQJIRipsGVoHNVELSFEXez9wZiNPFHZZNnsdAF0cBiVZYgNZJWRYMFwCYnczeh1oQTVke0t9E2Q3cFgWBx5yfz14CUFcOmA+BlRKdHdpAUkCHnJ3NXkkVl8YWn9deypwP2llLxN8c2gucChSeg5uL10DFXkKRlouYQhAaB4HBWsBQUIrZ0ZBVyMcVlwECHVbLBN8d30qWRd8cUkTfHN4EUI5V2A3ABZ2eBFsIF15IwV3CHg4VSZ4WBVHFmNoCGx9CXYpdR9GUxUHInp2OEUMdUIUVQYAVDdfLV97OH85UF8afBZcZEFTfQhwIH53W1RJcClXejsPFkhrDHs3BVYpcT5fcS9GI1R6DQ4ZaX9PVwYAVyBYJlZWFQcjV19IBRl2eFwEDGhcQRAkQl0XRnNIcxp6GUJkAHg9SAMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3e00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 02a3238e19dae8248bef45928471328e45784b01d1fc518585a63e0415c3aed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ospicalad.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 556
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: KOiJ31bRjyhGCxCWf66tMWss4hpo7j9_6TqbtfyMR3NuIs43GkvyoA==

GET
H2 200 FDwBAi0TMAJCfT5sRVBhS29TVX9QMh4TIhR8RCRqSmkaDiQdfERXKB06HQhmXWtGBCcKNhsCakofR1d8VmlYUn9OaVhSfF1rRhQuHjgEDmpKH0NUeFZqQEE6RWtHUHhNYERUfkBhQVB+T2k Show response
d3oy68whu51rnt.cloudfront.net/BWXZnT3g6GQkpRy0fA3JBbENQe0B/HBQgFilLCC0qEAICAB5vJUE7Aj1LV2kUOBgAcl48GARySX8XAy1FbVATPxcySwAjADcQHyYBOwdBOhlkGwg1ETUaBmpKH0NJf11rRk84ETcSCDgLfERXIQx8RFd+SHdGQnw6fERXOB... Frame D8B2 794 B
860 B 168ms
168ms Script
text/plain 2600:9000:214f:3e00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/BWXZnT3g6GQkpRy0fA3JBbENQe0B/HBQgFilLCC0qEAICAB5vJUE7Aj1LV2kUOBgAcl48GARySX8XAy1FbVATPxcySwAjADcQHyYBOwdBOhlkGwg1ETUaBmpKH0NJf11rRk84ETcSCDgLfERXIQx8RFd+SHdGQnw6fERXOBE3QFNqSxtTVX8Ab0JOakppFx-c/FDwBAi0TMAJCfT5sRVBhS29TVX9QMh4TIhR8RCRqSmkaDiQdfERXKB06HQhmXWtGBCcKNhsCakofR1d8VmlYUn9OaVhSfF1rRhQuHjgEDmpKH0NUeFZqQEE6RWtHUHhNYERUfkBhQVB+T2k
Requested by: Host: ospicalad.buzz
URL: https://ospicalad.buzz/VTd5TEo0VRohdTQKG2o/J1tEaXgTEksKLmZYAHpyIl8MeXsnWQ1iKTlYDCgsJ1gXOGQ7Ug1peBN1LhQQO2NKK3wSZhI8GCwHHw15H3UbCQQEUkkOb2dxMQ4bMnEQIAYWdEk9DxR+Og0IYEEzGQ9idhN9BgMFEhkFF1A4LyZhDz4NGCxkIXQSFE5ICigDdi0cMjZOKjsLP3Y9LxsdTiAOBSJTOwMiOVw+Oy1kci0ZKxdaCQcCZXkzKntkRSsncmFyLS8ZFnMeACwQZSEFGy0PKwoucAU7HwIxcCgiPWNRPB4SGnU8fxsTeQgfMiFjLxRyFFVJBgU0XAk8DC0aGml4E3E9OwgUXkkYBxR9OioeYEQrGgg9ZEt1HgNvQB0HPQMtBSIHDysPGCRkFCcrEV4oKCwQZSEHCGUBMR0iOG8uOA0XdBoHBD1EOi0hOlErfS5tYRQgEwBZQAMrA18qKgxkRSskGyB/EysPEVoJBwJleSwpDA9GKAkPY2UuOAIAfxECExBlLCohF18oGghwBTsYeD4REz8lO0dEIygHfg0pBTMBKg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3e00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d11164ed45c66149503cb7a2d9156e9e6e4020b01a6b746c397817adb2d41ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ospicalad.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:55 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 583
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: nvJTkPkzar5x8w0CcJLn5BkkATxca6EcyV4Z3SzVO-10gzWO2QurBg==

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1656970406500-bbnew.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 808 KB
808 KB 122ms
122ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1656970406500-bbnew.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a4813c034b79a872d9d9b5a5ec6529444b97aff993105e2ec124a5619aa652d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:56 GMT
Last-Modified: Mon, 04 Jul 2022 21:33:27 GMT
Server: AmazonS3
x-amz-request-id: 85FTBBDRPE52WZY7
ETag: "b3f42c77222a02445e10ce729dd0bc8a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 826892
x-amz-id-2: AmKA8Q+GPSo4sSlx8gz+L67avH06HyOkp8wspL/gnIkpT3nBR1op1IiQD/RjoKopkFYTBQmKBgc=

GET
H/1.1 200
OK 625804854ef95d40d795240f-1656807868988-bedwars.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 699 KB
699 KB 451ms
128ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625804854ef95d40d795240f-1656807868988-bedwars.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb78526cba7fdb123f8a26b6bb22d761103eb2a8cd6c045edf79639bbdf2cdae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sun, 03 Jul 2022 00:24:30 GMT
Server: AmazonS3
x-amz-request-id: N64P92YNC1S8M4TR
ETag: "efa604e7fead5456b216da9857ce5072"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 715756
x-amz-id-2: TlEStXhvuHfdZ3ANfoDPFHnR+WBmQqD8CzL43Tgsku0damTEgH8861PwIaE6Ha0Bi38UUGO8Drc=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1656805403553-ms25.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 866 KB
866 KB 458ms
135ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1656805403553-ms25.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: af019afd56cac8c689c0cff075a9cc2eaf65a930f9062f814375074d05af5783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sat, 02 Jul 2022 23:43:24 GMT
Server: AmazonS3
x-amz-request-id: N64P49THE4C974TN
ETag: "61f402fb3376d08c304ce3de04a23344"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 886463
x-amz-id-2: Kb0Lof8984MRvTFQ3s+5gJaNuJkrO5GlaFlZ5qU8hlsIsUmRCULm8ejmc4oJeu3UDNYdRC31g5k=

GET
H/1.1 200
OK 625456dc5bdb81f6e62a45dd-1656769598469-Your%20Bizarre%20Adventure%20GUI.jpg
s3.us-east-2.amazonaws.com/robloxexploits.net/ 762 KB
762 KB 564ms
119ms Image
image/jpeg 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625456dc5bdb81f6e62a45dd-1656769598469-Your%20Bizarre%20Adventure%20GUI.jpg
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb245ada876808d5e35a294cd30a6cdac4d1ddbc4ac92a8d59cbdf3ceb2d5d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sat, 02 Jul 2022 13:46:39 GMT
Server: AmazonS3
x-amz-request-id: N64HBC32P1BE9MGB
ETag: "31eaacafed941ba3c75a8300b532c73d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 780201
x-amz-id-2: 2POP7bq6KZSkiuP1OutiIgH604EJlSr4Wg+GeHQKzcWDitM8AFpDgm/hB+9wKkpGa6SIHQuQfPs=

GET
H/1.1 200
OK 625804854ef95d40d795240f-1656722361420-maxresdefault.jpg
s3.us-east-2.amazonaws.com/robloxexploits.net/ 174 KB
174 KB 691ms
119ms Image
image/jpeg 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625804854ef95d40d795240f-1656722361420-maxresdefault.jpg
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d2488f0a99c54e6b7d351adb7884564bc4d61e7eb30d2c4dddeeace70ba18a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sat, 02 Jul 2022 00:39:22 GMT
Server: AmazonS3
x-amz-request-id: N64SS4FKHHKZ0FXT
ETag: "5d88caadbfe2db0a632fbb9216956d66"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 177693
x-amz-id-2: ACCJYR5TlSAa16xbhKh+IUq2seRg8DJ7x9FeK81KjP0zXO2x19Q9R7KvhGlnElSWg+ZTveuQSsE=

GET
H/1.1 200
OK 625804854ef95d40d795240f-1656721914690-thumbnail.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 752 KB
752 KB 775ms
117ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625804854ef95d40d795240f-1656721914690-thumbnail.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2198d63218dc0d16bc052a860dd60a09b9cfa2217c4cd7a481d86258ddaba455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sat, 02 Jul 2022 00:31:55 GMT
Server: AmazonS3
x-amz-request-id: N64JE21035Q0HC8Y
ETag: "40ed016ac3ec0cada635b54d9ec50614"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 769949
x-amz-id-2: YWE3bbrgupiym2CftOAXmNGuMnxZe7pfrqezbWu+eVm93b6KMAgSsowLSEjCDUqKiq86tH1EOnw=

GET
H/1.1 200
OK 625b451413006cbbbb64c05a-1656626244902-legend.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 937 KB
938 KB 446ms
131ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625b451413006cbbbb64c05a-1656626244902-legend.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e7687a61d4ee2f8bd35b46818176620e063d0db79c01bae323f100b8dc46db02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Thu, 30 Jun 2022 21:57:26 GMT
Server: AmazonS3
x-amz-request-id: N64GPMGY412FB3DG
ETag: "110bc8040633620fa6e3cb839b6b30fd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 959965
x-amz-id-2: WAyURbUTC4aWcaJr9i3yYhfNaKJV65szLbc+FQMtWCZ/wbhzcu9KvZ3Cq3q9IRdqoovCF5uuZaE=

GET
H/1.1 200
OK 6287d0ad30d563d8e2822341-1656461455946-Png-10-3-300x168.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 75 KB
75 KB 440ms
125ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/6287d0ad30d563d8e2822341-1656461455946-Png-10-3-300x168.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff055bb33b8426ad18b34aa6230b48a51d7745726ac5cf61341a3ecf923eb211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Wed, 29 Jun 2022 00:10:57 GMT
Server: AmazonS3
x-amz-request-id: N64SSG86BASYYTVA
ETag: "61a68ebca06e20e65b5324002c7c2469"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 76535
x-amz-id-2: ckg7tSpt8RK4FX6aeaEVFiqkzJT+phJEltPoyKTApXRmN8mwBtw/K39R+QMaVScHsLtr4+Z5ABg=

GET
H3 200 unknown.png
cdn.discordapp.com/attachments/888735800454434858/988117473045913680/ 54 KB
55 KB 20ms
20ms Image
image/png 162.159.134.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/888735800454434858/988117473045913680/unknown.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6286b1170e5014e191a04da402addc2b41d047461887e173ae0f1369deb76b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=vAaJow==, md5=16JClyMk8tdJJP6D4HSIMw==
date: Wed, 06 Jul 2022 07:06:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434896
x-guploader-uploadid: ADPycduTYcqXfoWQC5IIF50Y2awCywWreLYQcOY-yGJ7_nZzQ_sjfoC__R2FEFlSnrDp2jI6i0jQRTl1VWW2rZOLmtrP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55323
last-modified: Sun, 19 Jun 2022 16:26:03 GMT
server: cloudflare
cache-control: public, max-age=31536000
etag: "d7a242972324f2d74924fe83e0748833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keiwwGzcFffKKs2MwbKMUOqfUMBLe6%2BKuphxN7HfQfDaYy7KtXB0ANljllXKqeQfXkqU22VXq8mMZIPT%2BpzR%2F77MRlYtmsQ6jxCPXknrvvj6ls72BMUIBIfTaAiCkuOaZqac9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1655655963947680
content-type: image/png
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length: 55323
accept-ranges: bytes
cf-ray: 726680241f00bbd7-FRA
expires: Thu, 06 Jul 2023 07:06:56 GMT

GET
H/1.1 200
OK 625456dc5bdb81f6e62a45dd-1654954789864-Ready.png
s3.us-east-2.amazonaws.com/robloxexploits.net/ 128 KB
128 KB 320ms
130ms Image
image/png 52.219.106.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/robloxexploits.net/625456dc5bdb81f6e62a45dd-1654954789864-Ready.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.106.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4773de38bb1e22d9615c06959965d9eed4046d7de8232a47668efd13ff0fb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 07:06:57 GMT
Last-Modified: Sat, 11 Jun 2022 13:39:51 GMT
Server: AmazonS3
x-amz-request-id: N64XPX3FWS5Z32VX
ETag: "cfaf6ad90c2946cb3783e4363cfb7c58"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 130633
x-amz-id-2: U1v8mgpL88ZxyjmUxcITW12jBii62kG5nS17PFbpPdDcy9BR7oYSJt+F/oUzbyd70gHmiGYK0Pk=

GET
H2 200 image-2.png
cheatermad.com/wp-content/uploads/2022/04/ 40 KB
40 KB 88ms
28ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cheatermad.com/wp-content/uploads/2022/04/image-2.png
Requested by: Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e99ca1b80367835421100d03c0d6c98ddd02d88d50e6f52cedd30db925aaac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1122985
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40536
last-modified: Mon, 18 Apr 2022 09:49:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIR0fnJhspBC66JkEWCBPLlUS5bmpSRJ22FuBpKHwQYWjOGvvujU9eAdQzUaI0MgVvCkwzMvGSkBQNRyjMjgpbqdRLRu5ySShgTNSh6tMO8iH%2Bj%2BepqqgiX8%2FMQPhvdegpV7hv7cr84B8Tijxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=10368000
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 726680247d14bb2b-MXP
expires: Fri, 21 Oct 2022 07:10:31 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 149 KB
53 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cd05688a9e8fa6cc0241c965f82233e1a735fbdbc25238dbea130382c9a2e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54364
x-xss-protection: 0
server: cafe
etag: 11041492469666590311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxexploits.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame A7E1 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 10:42:51 GMT
etag: 10429905676100781186
expires: Tue, 19 Jul 2022 10:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 7AFD 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 10:42:51 GMT
etag: 10429905676100781186
expires: Tue, 19 Jul 2022 10:42:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame A7E1 4 KB
1 KB 38ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 06:03:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 07:06:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A7E1 205 B
519 B 30ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:44:28 GMT
x-content-type-options: nosniff
age: 19348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Jul 2023 01:44:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A7E1 604 B
695 B 32ms
10ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 22:22:50 GMT
x-content-type-options: nosniff
age: 31446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Jul 2023 22:22:50 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame A7E1 19 KB
9 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82732c70a47094531308ac098d61f5d93ca9384b3a1a28d11ce841eebb0dbb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 06:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 3937238495892068192
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:07:46 GMT

GET
H2 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame 7AFD 10 KB
5 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:29 GMT

GET
H2 200 db2e47a9a3671f527cf86ca9ac22fc67.js Show response
www.gstatic.com/mysidia/ Frame 7AFD 10 KB
4 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 14:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4277
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 14:43:27 GMT

GET
H2 200 74ef8cb7c81a147b0078185476199165.js Show response
www.gstatic.com/mysidia/ Frame 7AFD 18 KB
7 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8e6138c7cf0944d755a4757f5c2b3803ede310e05af81ff90d4fe98bb6c4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7278
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 04:43:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7AFD 8 KB
966 B 39ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 05:20:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 07:06:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7AFD 2 KB
985 B 44ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 23:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 23:02:04 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 7AFD 6 KB
2 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 7AFD 21 KB
9 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 05:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 11173422395264295734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:38:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7AFD 3 KB
1 KB 44ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 06:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:11:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AFD 138 KB
43 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7AFD 17 KB
7 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 06:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:27:09 GMT

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 7AFD 31 KB
13 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame D201 10 KB
4 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:29 GMT

GET
H3 200 74ef8cb7c81a147b0078185476199165.js Show response
www.gstatic.com/mysidia/ Frame D201 18 KB
7 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8e6138c7cf0944d755a4757f5c2b3803ede310e05af81ff90d4fe98bb6c4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 04:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7278
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 04:43:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D201 8 KB
893 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 05:50:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 07:06:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame D201 2 KB
904 B 27ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 23:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 23:02:04 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame D201 6 KB
2 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:51:24 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame D201 21 KB
9 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 05:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 11173422395264295734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:38:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame D201 3 KB
1 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 06:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:11:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D201 138 KB
42 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame D201 17 KB
7 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 06:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:27:09 GMT

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame D201 31 KB
13 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AFD 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9912758474830837888/ Frame 7AFD 1 KB
1 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9912758474830837888/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f046b73e3148a5d2a1ee22dedc9285d1a527b0c5b6b8735149522e087bbbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:09:52 GMT
x-content-type-options: nosniff
age: 586624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
last-modified: Thu, 12 May 2022 23:08:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Jun 2023 12:09:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AFD 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfNsxjzTFYsOWJ5Xm3wP68oi4BM6Tys5qqZyJidgP0qHb4powEAEg_uala2CV4pCCoAegAfKkms0oyAEBqAMBqgTZAU_Qhh1JaoUrJBZpZuk_yPsd5a5sMYsIw4OqK1YbskaBROzDh4liVsfCI0BQ5Be42kL2D2s8M0J3nT9Ml6qcLiwD1dnKTaM0Li7c5RR6Jni_VKIR9TsXE8xIgk-lFPekt16jPwjTC6cvKfuWVnWKTV4UlCbjArKFVvb_zEJz1ytyCbnCCtUbaCQWqdKJI-DNMpDgfFx9ibelkuiKjSNyliDCl_I6xEQdio12W3Kymi9H2tFB-EztTqaIyasiETEPQi4h3hiDkWl0QjdBgePUpk1_t-OuWpaKNy7ABLjD8-OABJIFBAgEGAGSBQQIBRgEgAfy3OqsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJPTAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYAA&sigh=Snicc0ycNcc&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 07:06:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Jul 2022 07:06:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF47 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 06:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7AFD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc5c8e06b1a09dc606ec3cf6d7846ab8eee238cc56ca3ce0ce55ef5e2dffd23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AFD 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKKggEKiZteXNpZGlhX2FuYWx5dGljcyxteXNpZGlhX3JlbGVhc2VfcHJvZAoNEAohAAAAQDMzJUAwBAoNEA0hAAAAAJCZuT8wBAoOEB4qCDEwMDV4MTI0MAQKDhAZKggxMDA1eDEyNDAECg0QDiEAAAAAmJnJPzAECg0QBCEAAADMzKxbQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAIBEQDAECg0QBSEAAACcmblbQDAECg0QECEAAAAAAGqyQDAECg0QESEAAAAAAAnTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAABmZsZkQDAEEhpDSU9hay1yWjRfZ0NGUlh6ZHdvZGVqa0NSdyIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 64D3 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 22:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 22:28:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D201 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnNxdWFyZQoKCAIqBnNlcnZlcgoqCAQqJm15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QKyEAAAAAAAAUQDAECg0QAyEAAABoZuZOQDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAHEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAAAJ00AwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAmJmZWkAwBAoNEBQhAAAAAEAs1EAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAmpmZYkAwBBIaQ0lLYWstclo0X2dDRlJYemR3b2RlamtDUnciCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CF47
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

88ms
88ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 07:06:56 GMT
expires: Wed, 06 Jul 2022 07:06:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 07:06:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AFD 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKKggEKiZteXNpZGlhX2FuYWx5dGljcyxteXNpZGlhX3JlbGVhc2VfcHJvZAoNEBQhAAAAAMBJ1kAwBAoNEBUhAAAAAAAALEAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAAABQc0AwBAoNEDIhAAAAAJiZyT8wBAoNEDMhAAAAAJiZyT8wBAoNEDQhAAAAAJiZyT8wBAoNEDUhAAAAAJiZyT8wBAoNEDYhAAAAAJiZyT8wBAoNEDchAAAAAJiZyT8wBAoNEDghAAAAAM3M9D8wBAoNEDkhAAAAQDMzHUAwBAoNEDohAAAAwJmZH0AwBAoNEDshAAAAZma2ZEAwBAoNEDwhAAAAZma2ZEAwBAoNED0hAAAAZmbGZEAwBAoNED4hAAAAMzNLc0AwBAoNED8hAAAAMzNLc0AwBAoNEEAhAAAAAAB4c0AwBBIaQ0lPYWstclo0X2dDRlJYemR3b2RlamtDUnciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/74ef8cb7c81a147b0078185476199165.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 34ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

705691631c644f53974f25e90fde50e9481b9573e15dc6c55df7f4335edfdb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 07:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10680
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:06:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C59B 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 22:28:59 GMT
expires: Wed, 05 Jul 2023 22:28:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 408D 783 B
534 B 35ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e73bc743cad81176db736fbe693f795dc5833cb108b4eba6dde3c874937cd05b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jmmsWfCMEZXjodSBTjB-cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-jmmsWfCMEZXjodSBTjB-cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 07:06:57 GMT
expires: Wed, 06 Jul 2022 07:06:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame C59B 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 22:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 22:28:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 408D 0
0 55ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1527486704732907&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C59B 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?78UcTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:06:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7AFD 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst72svCYZo6wn5NK2GVF-iVcLZxa3mrEzvwHUt8nXf7ov9BYVxNkCo0iO9C4-cLwKY4s5c05wVgpg9fjF8uRCClYAV1VLADAnLJUiPSqXgHS5EObtaGTo_8Pp3dYs3bY2VjeupXzw&sai=AMfl-YQI9ll5JJisSnoYcEQ35neWSR2UscFm2cwf5Akyv7zLo_68IMntLpq9oXHWY9JuNmhx_SB1VH7Jj52e&sig=Cg0ArKJSzCb1MMkNi2EAEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=79,798,1000,1248,1426&tos=79,719,202,248,178&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657091216199&rpt=309&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 07:06:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1527486704732907&bg=!lJell9PNAAaLlKKnq5Q7ACkAdvg8WpN_Mtt8Q_edZExlF4EbZH3-EkxLI8jLqhzwL6vz3U5ln3YfFwIAAABLUgAAAAJoAQeZAq1-jcxWBWrmXaC4WrGGTYpJHOfpQLO0K5TW3nPKnERhg8desCJ8d5Kk0VQ45zWZQVrQ1kOqMOmiLfC6YupXu43yFe0jM5Cw7kYhFLglnrrwPyaiiHEIyWqXbdM4A__dQAA-4C0vINOf_eAJh6MFrjW0dtQAB7Fo2DAYBn4jl5N0_YU6JsWV_r9dlm1OnVM8dG5k4ud_MtPaP0NbNTSluavAdlw60kWiihm39rxfG4gmy4KbMzBHkG1V55KRJ-xAr5nEzUuH5zpnjw7bWNI0Cyv2mGFSFQRHdvn6TwSGg4rtmkfaAUNj_UwRQM1uEYpxcTt0jbbR8v-f7QjZDLTNJR3729bYwjEQ4eetj79rtwmdR_UM6StD1EStZmwBCrrRIwCg7ZQB-nIQWwzTyAGFOC_kf4Z440PzbKC6rGDh-UN3RIyVjU2xrh-BFuZfWOsQAqp0BA6iHxDhX9qgep9O7T5H5jmrXOQqKgilnqaWezknnjXLrSxqUXJxoaleUeO4EoZgvUZ_9aWVaGz_CMoNEGo5ixVKM0qKMGoAwzuixBerqAg2O-TfJLp8k3rCz8LBEuuZhMv_rxLJlaosDWWinRwYXiQzEpLG1Awr_KltT3hvSs5oV-nwJXwoFPzpXOEcCDWehxbvLpWFg3fVwI11ZNppgKRWy004xr8_Nj_ILEBUN0EtMwxGdDv6ZbTJGirN0RqZnrasLa4mTLD9UhhQVlnkfB4etn22E-P-AiaJl3qzekXda1D_oVebssdpwctdVuZdA3EeeqFJQOX6pQujg0bv-xY6MO403W9ToLgvHq0JkAdPlKD2GI4GRRmx1gBPg2sOSeXFbUdbLpAF-n1HlH0J-Gb4GyGxkR67rV5P94OaWMcj6tBEgv9KtfVfPT_UYo4f0RWrSsf86Se4r3Za
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxexploits.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
robloxexploits.net/	1969-12-31 23:59:59	Name: auth.strategy Value: local
freychang.fun/	1970-01-20 12:56:35	Name: csu Value: 2177592318877170@1@1657091214
.robloxexploits.net/	1970-01-20 21:49:23	Name: _ga Value: GA1.2.1403726049.1657091216
.robloxexploits.net/	1970-01-20 04:19:37	Name: _gid Value: GA1.2.1341328517.1657091216
.robloxexploits.net/	1970-01-20 04:18:11	Name: _gat_gtag_UA_170951207_1 Value: 1
.robloxexploits.net/	1970-01-20 13:39:47	Name: __gads Value: ID=bb5f24e4b2ed5d09-22f5e2c9c6cd00d4:T=1657091215:RT=1657091215:S=ALNI_MYqYdGtpJ0cL6_yC71ru34RVwm9pA
.doubleclick.net/	1970-01-20 13:39:47	Name: IDE Value: AHWqTUmdvR6O4n8iRvpcHcyXJeKy4sVz7_dr9eFqbmB7LdUyH8psT9i2NKyEwa9Pzx0
.doubleclick.net/	1970-01-20 04:18:14	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2249257918045069&fa=1&ifi=3&uci=a!3&xpc=Xk168Z2A41&p=https%3A//robloxexploits.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
cdn.discordapp.com
cheatermad.com
d3oy68whu51rnt.cloudfront.net
fonts.googleapis.com
freychang.fun
googleads.g.doubleclick.net
nedukeratio.lol
ospicalad.buzz
pagead2.googlesyndication.com
partner.googleadservices.com
robloxexploits.net
s3.us-east-2.amazonaws.com
sapi.robloxexploits.net
tpc.googlesyndication.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.138.7.34
162.159.134.233
2600:9000:214f:3e00:3:62b:d240:21
2606:4700:3030::6815:2dcf
2606:4700:3036::ac43:a949
2606:4700::6810:7baf
2a00:1450:4001:801::200d
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
52.219.106.185
0068134461d7b778c48daca41e48634db5ce8dfccf0727d63d005a4135b857da
02a3238e19dae8248bef45928471328e45784b01d1fc518585a63e0415c3aed7
0a025cb2067769382fd40b2c6c65ea6bfdd4c11793ddc4da0ebf4adc260e56bb
0a14fee88678669422a33066832ecbde46a7521bc19fc47c200770d9428b6f98
13e99ca1b80367835421100d03c0d6c98ddd02d88d50e6f52cedd30db925aaac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b81502b702906c2cfc0f8e81a5341fbf63b2033de9b35eed3fb1f4c8c0f54c7
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
2198d63218dc0d16bc052a860dd60a09b9cfa2217c4cd7a481d86258ddaba455
28dea8c2a6fdce72d434c49425d72919ef1bb55fcfc7e492f2d72858f7eb6bfe
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2ce58d4864563f5e4d889cfdeff8cebc479c9cb715556165130f3b83dd03ead2
30f046b73e3148a5d2a1ee22dedc9285d1a527b0c5b6b8735149522e087bbbb8
369a6a49db93c6e064521a21f5a633f84c3169953ad0ba205a7b97b67b34e91e
387fb9ef8d5d6ca50b902dcf02c4881b1317c780726ed29372b90cde6cb21c97
3cd05688a9e8fa6cc0241c965f82233e1a735fbdbc25238dbea130382c9a2e6a
43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35
4773de38bb1e22d9615c06959965d9eed4046d7de8232a47668efd13ff0fb73e
4b0d157c4ea23f4392a3fb4d1f2b0e3292a9d60809219b912cded188650018bc
4ce5af5b0ba07c8704e9d7d12e9ab2d535ce88476ea34ca0ca208e92e66e6890
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f520d398ff23ff43a2e04ef37516c7a19647ba329a13a5787fc2667f07f853c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6286b1170e5014e191a04da402addc2b41d047461887e173ae0f1369deb76b29
65133843ca6162d454d719a6211bf7bc7dbe3ae23d1b18342349eefa9f638037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbfecb6ed8aece751eba3e15b6b2e8cee2448da0bc6afde4731a9e055e10b6b
6d8e6138c7cf0944d755a4757f5c2b3803ede310e05af81ff90d4fe98bb6c4d5
6dc5c8e06b1a09dc606ec3cf6d7846ab8eee238cc56ca3ce0ce55ef5e2dffd23
705691631c644f53974f25e90fde50e9481b9573e15dc6c55df7f4335edfdb83
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
8075ad0bb514505959dfe479324ce4858efb732a520f2af89627512fa2045307
82732c70a47094531308ac098d61f5d93ca9384b3a1a28d11ce841eebb0dbb6b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84883a8c8cb8b0d17ffaa2792e6e3a6caf2e95120f4f22b5c7cfcd03e19531ef
87d8fe97f44a53a5c88fcfac57ba95f2ce4a81a1109fec41e22c095c3c353479
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
9380a10741e8ab92557607254e037ed7dd5982a998e73db1b8c850832b40b3cc
9a8ce253dcd4d39416e3d7ab74e2ddc8f01c87ed0f2497fe356d107a683bc961
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c
a355b4ce643c126ffd48f3492e27324741de821213f9631b3237be1b7568abdd
a44119507501add5c3071d961e28f2c4522572dd68fcb2588092edced4a71ddf
a4813c034b79a872d9d9b5a5ec6529444b97aff993105e2ec124a5619aa652d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
af019afd56cac8c689c0cff075a9cc2eaf65a930f9062f814375074d05af5783
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cb245ada876808d5e35a294cd30a6cdac4d1ddbc4ac92a8d59cbdf3ceb2d5d3f
cd7fde7c1d841dbd655378301fd03f13580c6c5dbb6eb4cf9fdcc350a6b3989e
d11164ed45c66149503cb7a2d9156e9e6e4020b01a6b746c397817adb2d41ddc
d2488f0a99c54e6b7d351adb7884564bc4d61e7eb30d2c4dddeeace70ba18a74
d561209a7d1d16f47e865cb599478ffd0dc623f7e598fcaa81a45a62e82ec042
d61e0cac7d6e07aac9848281c7a3f2980f730f3a905f55202302c255ae182129
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
e58aacc560f9d43566d184c2ee69ad8efc9d820f762cfe5e4441d220927cb12b
e73bc743cad81176db736fbe693f795dc5833cb108b4eba6dde3c874937cd05b
e7687a61d4ee2f8bd35b46818176620e063d0db79c01bae323f100b8dc46db02
eb78526cba7fdb123f8a26b6bb22d761103eb2a8cd6c045edf79639bbdf2cdae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31d6d27bb609e397f78ea0e6b77b92051488855c1db09da962d64b45ee8fffc
f32c109e490a356a57ad4d3b998bb9ece8b36e1a2c4ee6f4a2948b9dcc561f8a
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6f89aee5e502f926431fd22724d1aba8a2ef784ae1cb92b0eb2780e9bb4c15c
f978c7b9b0477b81f92497095f3893bcaf0c69bf970ed24ad8ad9bc110868dbd
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
ff055bb33b8426ad18b34aa6230b48a51d7745726ac5cf61341a3ecf923eb211

robloxexploits.net Open in urlscan Pro 2606:4700:3036::ac43:a949 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

86 %IPv6

20 Domains

24 Subdomains

23 IPs

3 Countries

8218 kBTransfer

10285 kBSize

8 Cookies

2 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

robloxexploits.net Open in urlscan Pro
2606:4700:3036::ac43:a949 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

86 %
IPv6

20
Domains

24
Subdomains

23
IPs

3
Countries

8218 kB
Transfer

10285 kB
Size

8
Cookies

109 HTTP transactions
1 data transactions