robloxscripts.co.uk Open in urlscan Pro
2606:4700:3034::ac43:b043 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://robloxscripts.co.uk/
Submission Tags: phishingrod
Submission: On December 17 via api (December 17th 2022, 1:13:32 am UTC) from DE — Scanned from DE

Summary HTTP 171 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 31 domains to perform 171 HTTP transactions. The main IP is 2606:4700:3034::ac43:b043, located in United States and belongs to CLOUDFLARENET, US. The main domain is robloxscripts.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 17th 2022. Valid for: a year.

This is the only time robloxscripts.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3034::ac43:b043	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::6815:1aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:213... 2600:9000:2131:7000:7:f62:ac00:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
4	172.64.172.27 172.64.172.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.17.55 108.138.17.55	16509 (AMAZON-02) (AMAZON-02)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:400d:808::200d	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6 12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.248.84.14 34.248.84.14	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	3.68.131.166 3.68.131.166	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.83.19 18.195.83.19	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2600:9000:238... 2600:9000:238d:5400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:1f13:800... 2600:1f13:800:7782:3194:4465:ce4c:1037	16509 (AMAZON-02) (AMAZON-02)
4	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
171	37

11 2606:4700:3034::ac43:b043 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxscripts.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::6815:1aba (United States)

ASN13335 (CLOUDFLARENET, US)

achcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2131:7000:7:f62:ac00:21 (United States)

ASN16509 (AMAZON-02, US)

dyrfxuvraq0fk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.172.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.17.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-55.fra56.r.cloudfront.net

unentsimmends.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

kitantiterhalac.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::200d (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.84.14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-84-14.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.131.166 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-166.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.83.19 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-83-19.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:5400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:3194:4465:ce4c:1037 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	482 KB
27	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	158 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	137 KB
11	robloxscripts.co.uk robloxscripts.co.uk	195 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 813 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 543	99 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
8	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 71 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	4 KB
5	achcdn.com achcdn.com — Cisco Umbrella Rank: 90225	156 KB
4	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26009	303 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	187 KB
4	kitantiterhalac.xyz kitantiterhalac.xyz	1 KB
4	unentsimmends.xyz unentsimmends.xyz	4 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 25929	202 KB
4	cloudfront.net dyrfxuvraq0fk.cloudfront.net	201 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 411 rtb.openx.net — Cisco Umbrella Rank: 1546	769 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	20 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	32 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 716	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 710 r.turn.com — Cisco Umbrella Rank: 3099	869 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1225	344 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8549	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	119 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	21 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	544 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	702 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
171	31

	Domain	Requested by
23	pagead2.googlesyndication.com	robloxscripts.co.uk pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	tpc.googlesyndication.com	robloxscripts.co.uk googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
18	s0.2mdn.net	robloxscripts.co.uk s0.2mdn.net
12	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net robloxscripts.co.uk
11	robloxscripts.co.uk	robloxscripts.co.uk
7	fonts.gstatic.com	fonts.googleapis.com
5	dt.adsafeprotected.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	achcdn.com	robloxscripts.co.uk achcdn.com
4	youradexchange.com	achcdn.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	robloxscripts.co.uk
4	accounts.google.com	2 redirects robloxscripts.co.uk
4	kitantiterhalac.xyz	robloxscripts.co.uk dyrfxuvraq0fk.cloudfront.net
4	unentsimmends.xyz	dyrfxuvraq0fk.cloudfront.net
4	pogothere.xyz	dyrfxuvraq0fk.cloudfront.net
4	dyrfxuvraq0fk.cloudfront.net	robloxscripts.co.uk unentsimmends.xyz
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	robloxscripts.co.uk googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	fw.adsafeprotected.com	1 redirects robloxscripts.co.uk
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	robloxscripts.co.uk www.googletagmanager.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	robloxscripts.co.uk
171	42

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-17` - `2023-12-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pogothere.xyz E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
unentsimmends.xyz Amazon RSA 2048 M02	`2022-12-11` - `2024-01-09`	a year	crt.sh
*.kitantiterhalac.xyz GTS CA 1P5	`2022-12-11` - `2023-03-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://robloxscripts.co.uk/
Frame ID: 6A7DEC6AF1BF242631141E14DEF1CAD8
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 8670C134FB52D2FAF0881FA840352427
Requests: 1 HTTP requests in this frame

Frame: https://unentsimmends.xyz/dGFlT0UVAwYiehVcB2kwBg1YancyRFcJIQ0TAzcwAhMEPnUSCkssKRsUASk3Gw8RYSsRFUB9AxUACDs1FicKBQc1Ai4VF0AiIRkDHjlUJyEsDFQCBCYOIQEHBDYnJy0eKQkBHCQWUQgQHiApAxMDJC8aKgEkJHYQLCkSCAYTAikVdQMuJzh8GjZVfww3JQ0XHURZPAQiISAzDgwDJg0kIDILUSsNDAkuAzIANicOCBMgEiwDMDlcFgkiGSYuLk07MhoUACASGgs1GFUVERgVBgEHQS4yfj0GNg4ZHyc2DiARGBUGAxQ5Jz1+LVFTIxgWGCw9IionOTNidDIHVCcnNyMSPgcTVQAMERMjJCd0PgAmNyAjDRF/EiJQKBcoBCIkDgAtLxIVCiMYXGp3MjYjPAM2NSAfERgVBh8UTCgkKAsONVQjHzAbLBYHNTAvKXQTFTIJPR0zIzsNIzYJKRAfBQEuA0EuMn4yBCISfww8CysfEidYPy4TRScyIzVMKVQVHFILFiArBFwKO3wAWVQcERhYPCgyQg4p
Frame ID: C0EF62B94FA19ACC77DAC09D9AC2E89C
Requests: 2 HTTP requests in this frame

Frame: https://unentsimmends.xyz/bE05SngNL1onRw1wW2wNHiEEb0oqaAsMHBU/XzINGj9YO0gKJhcpFAM4XSwKAyNNZBYJORx4PiYDfDowNn9JEjI/JnscLS0ncHsIOAxXPgE6C0oZMSgccAg9Pn5/CwsYH04fDjwhcAI5Lht7AhNYOFwmHCEaejkILQtaGTQVJnwcDzo+cy01JQ5hfxApNUkoMTQicws9PXl0CEgjHEN+Sj0fABwcFSJwDz5cIHI9IjwPXjIBPxtWGB0kKWkCLlwmcD0fCB8Lc0k6OmsLGl8bYR0PPiZdejI2KVRzSTo1CC4yJAttHg8PBGAmLg0ZcTICOCYBDR0FYGASPwAqTwc5JQRhMzUWHFUiAQp+axsqLSkBExQ6LHEJPRoITi4hDn5sISwbFw8BD1gPbB1BXRtOeyonHk4DKRQLDS4PPQ5rIy0dDFJyPygFYxItBD0PKy4mF3gSNhwbVS05Dn5vEj86GEoAEDkJfBIfLhhVITw2BWsYLCkLCi4fSidKJRYccGomPx8CURNAXwdr
Frame ID: AA5A7C7480ED2539B76F42B4507045A9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&adk=1812271804&adf=3025194257&lmt=1671239605&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frobloxscripts.co.uk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605386&bpp=82&bdt=416&idt=256&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1414891210728&frm=20&pv=2&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: 2018F59E27D2DB160C18286DD140FFE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=3215562993&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605469&bpp=9&bdt=500&idt=210&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KUgEVtGvGd&p=https%3A//robloxscripts.co.uk&dtd=217
Frame ID: 8CD0C49A0D49CF687EB9C5A0201B2528
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202
Frame ID: 9436245F876EEE0A4A18ADDE1CCAD36C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNVlX6F9BT6Cgusi8mHbT5UQPuZgBr7NKu9x9fM9z_JioVLDaynu8q8-vmozL-LU2GYbe-gyrybibCbpv4mUNoOlYR4yA4B2-Mv3JBN9BM9ooetyqm4ZLJhWgPFUFhp5mv2dJwJYTMiPUExS6Xza0_C3W6i0Ug_Fxm2a5hFzYkO5PP4QR7k
Frame ID: 3C4D9685D28FD86B1E6523B471A253CE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Frame ID: 1EA09A8C6A1285F105677DA9E3CE9975
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1EC4B80B2CCD211E44B44FE0879F1A4C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Frame ID: DACD00D9F8EA2DAFF09F9D1E91BE7994
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: B4538085F9108D605D4E8892D80BA707
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs
Frame ID: 15F5A1E09077022F821DAA271E59D5B0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIEn7CpThZooXsi-eEeMf4r5xAZ2LW_CZ5QUqCIj6fXh9E4IKIdY_pbQqCLJVJqlHEv_bBkm7L6g8Ffd4NrIyO3dooBg&cry=1&dbm_d=AKAmf-ChkYOArZd96j2Wio3DwrCdROPh-sFS-Hd8Vm3eNIh6n08JQ06l_ObsEdCFz5z7zjNoQyku3zYZmc0C03y9Er0GHUawcO2VXRIX5LLVbPX8jjBqbzq_EV6tc2QOPQ7RHUfPRKDe2zxn4lLcDGKunSa5houGCZBM0lImJjOiYaTQdtF6tTZDkXGA1BoKxXbp_MT76piXamo-za5Mzc-kkzpz6hVU77ensukRzX_oJ18kW-PAVarvMwrcWwe3wk3sJ4f4tMvNHLBab_N9vNw3EVyJNkT6MqC362tT5pddjjigArXnixQQgaCfFtYJRwCa1sU_UcpiTBNzXZuyxcJFZNrbCDTUjKsUObYLEeYZzw3rneckU7oZlRYFBHkCucskSG7Si8jNrnhc3ix-T6vR6qoN9sQkY5sba3SjibU0cJ1jBU2QAKcNWyUSe0x94dFrf5a0fdvXb0_VVmPLVOUriLp1QcmcFy3Nahj0QqiReT1Z29Zpq2MaiJSD24SOuedk9Rf1xAWPe5sB4GWv7TCuFOhQYZQRgnAeCNJccR55-M4zqIrUgqy_jEl8vFvmvxvCWQs7d6Ms7euGoH870nJuIqfHiCe7JmuhzAzFeLjjdowhcDZZs5x0ORPC-Rcnz6t2iCNJtop6H71zvxqMVj3SLESMXOj0EgwsOzf0i30x9YWAz_jQFCL2Uu1mhA4RVWTErzz8trA_-JrXbLyZnaHhJXQxCIBoxHWJszcFaEu2_z-qGio6WgZkCtZBm2a9K9ebQg54PKCEyhj9VHvKr6janph-fe2L1ueRKMPc9LquZKc_EPCbNimt1I1_DT1jRE3CllaLtmQuueP0cmkCsIxHiCnTYRbdEUpvEhCL_LicLB68Yfh_YFd9H5jjuNXvAvKeCNGJfN4FIeyw12EGKXc504QaDXVFS1hTKSlMMRQ2BPQPnR1vlUIywtv36mWSs1j-4pjEsEXs-yhcYluA2lD0d7EKTQPVrJ6WdeaGbyncJ0o0NDCGuRCNjC8abhpjSCHCBGMy4t7fg1ximEzPjpMqrM139Iu4bFG8M0siT0-TWF_P__lEJrCNkbQjjI8-a7hq1qHeDMa31-t1UBC7PTBe5o3E2t9pF2qMw5T70gUeJfyRzK203jA2W1LfQKYMGEzgsILDAN8BnV2XecGcvnAqRVR0ykkP5lQjGgEhr1VMo6XOK_Zroup-GrMxmgAY6yBTpbpwywm2gQ8xvsmgLyI6tVfHh5WhkQPvFb_Tq-GKdjM53e74w372CnN54gpfq0Yxl4GtUiFMuSs4f_deLk2Mnu2ZqZPRvp0LMUuEOTKQNma8NVhoA4XIJtUa0wDL76rJxicDQQU5tm8GOM_68E-MSQfSWKuTK4sknNzlSZIc5sbbcpaZvYjzLOpTOt2F4Cxlt-PeK7RFIKQwYeEHMsklo8B6bApf-FFUoHvVWqo9sDIXO-FvgUb88dg5B8VTquamSKkYaDCMJ_IdNlH-sSNp6UmWbFkA1HK00V4zAVZmFU8YaMfSTgIxZzIAhJU3s6KspV4jLIfkytpmnMZC0n3vE-vt26MkznsIYZH8QSyplDfEVefBjfjueht-MR8qwQlBBddO3gk3szT1t3tO5Igt9NP-GReWpPjRHfRy6fQ_yl69ArGHtFytzK-CJboincahX9PPIZxYV5sPjg7KM4c5-bzmIYfJQVEOnQ00VfPJS5Aa0CwWa7HW3XRYtfzWBtAKe_lRhRfkggVXrOmsTT85B7c-_cYsVHaWhl1oyVWYEumNGhFXMSX-Ypm8fv3aOH2UZqxqSWMkydgH3x3tJoWyvnvr446xrOn7jsir7U8gC1Rc-LK8M-XnTS7-K_EqyIrFzZ0lVrQDv5AYcgJ5QmLbCiUesh_Mb8WLe6Lkk-oAtLXSXgQ65b-Jf27pMOZs7tBggbviiAFqKOFHjUVyN-NrSyNjLq6YUtTBce4Z74Re7H4aIHBFfUF3gRLlTALtz2vFNCeDClpG_yXywXuyZMg9WSxMiG9xa0PeDdr9Li_jIahA2u301OUYTLmnx2V6g1XLW3eyPaAAPHZbRVc04GW9rA-oXB0qsuwUZJ6-aK4M4uHftJIxl1IbUVEnVgRNQY4tZKPcPERqfeL0jz0JF92XQmjcmQKFbFgDD2aTvFjEoJ2dyaW_GzqhRq-ITRRL8sH-1XrK0AmW7sYR269R8aUmMRBYY4R0RoEq6yZyK6K_j3YRBbmUZgkD-8oLvQ4IFHr_B2UjAqMw2kXDIeXnofXt3Uu4Jwg9ATDykBePfZYJUP-5HkmS9jVQv6PEx4Xr44qvqiLhOeWiAIbXlpSDiNg4K3x8FqONEvIGnABbITWwSlKeWaLUaEodPuSCahkVY5aFEoNosFl5tu7Vt8LdzW4MRTXMMXA5KhWnJH1HPKb2_uodBaoSJrHajb-BECNny2-pRP1rZw7zbdFooAqK8N3kPu93PaKjjX5pX92kp_V5GAzMc-9lvn0tsT_bEos9A3lSmjlmeYWF2d8BvkhUQNSdbRuLeoLWj4pV3XmccxFiUje6Bmm9EqSxiXyH65w73xqu6DitKiuxaU_-wESMSlBte-KuHKUMYKtFLpAjNlrOUsThTP6Witw3MpF4OcCNoL-uxSMHH1Nqrtj3JvCX3ZD8eKKxNzBG-VBTNvct4eZ8dN05-hl3mGgZP9_HL8WygrEpWDXU8mJmToVhEiKXQ9No_go0rKHWS1_v5rIYA_5pGec1pavIUn7RXM1At98ouJxHwivHcfPMgVQKC8NDM9U0B_4f7HBXEaJXhQPWjuKko1AhUOQITwnQmmxpUa-Z-sOoBjIc0BgOnvwE8GmiqMhQJU9M7E6nXobV59-dSo3kQKCABUAHf4gVbWIebmRnCfpxLkJ-11DJC2GpFr6MyHWz2rkc2MPFG_oBHxiTJTWUmkU6q3DW-vLznBA7AHKFbGdEFipn9Uocj5AkI86MDDnEyHYAvf1iI9s-9uUk0X31pLfm0v-X0vExMWJSYBOcibeaUkNgJe9mJRPUftfIhfCeyXJP84GM9UFlI4ooMrmW2QFv3pUq1VxQLfLwa_Kp1xa9Dh1UsUfH9G94jMFA9BpgMMl-wIQ4CBehPSpMQrrXdCfGB0ZCWVaPd9nyNbxfQGGLZO5caA0PIA8ZZIpaCcnKkGScq7mvlqUPMChdekRoZRhYPhwFGvAYyNJj3bjRPjoN1aEQPxEq&cid=CAQSOwDq26N98kYAf1uYFn34SePtho1aJYYB8bDygHwjOCXpiJk8EtXng3ln_fAiI3_LrC1YY35tL33jVST_GAEgEw&rfl=2%2Chttps%253A%252F%252Frobloxscripts.co.uk%252F%240
Frame ID: F8CA7026491B0640CD978B056846875D
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: F2EC5A4EE0A1B1534274304B53D6ECB2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 1F679F9737C8D9A2D4C7BE50CDE3041B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 607FCFA1D62A3ADA58F9960119F417F5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C64D22B650B66F75BE0CC1C06B840DA4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
Frame ID: D986688C5477F87D9E82C22E4C1A7062
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 804585F3BDD7EBBBD476477FD0440263
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59202431945E49F5F2145FF1ECBBCB07
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AFFCABCD7EFC5EA06C044F28BABB944
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

robloxscripts.co.uk

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

171
Requests

92 %
HTTPS

57 %
IPv6

31
Domains

42
Subdomains

37
IPs

6
Countries

2159 kB
Transfer

5076 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1862212919%3A1671239605589459&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh670u8Xkdhk88EnyLaOaVieSQS39cXIvdiGm0VyqyepxDwUqy1MJ9haHd5Nyach8ou3r9w3yQ

Request Chain 26

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1844601536%3A1671239605695534&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6pL4mOeN4qniwEsgt1hoNDb_P26il7dM05MPxxJ6ZeBCaRTm4ZlXqPnP-TZK7XxEoBJThwQA

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1&C=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y50XtloTHnfcQTyCTRSIXgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELl94SAny_pPHD70QO3KvHM&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMjk2MDYzNTYyNjUwODc1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqaL6ozyIBpTFNrHHq6DKY&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEC1TbiXd-5lIV01KLCQTnds&google_cver=1

Request Chain 120

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1&google_push=AavPq0PF0z4_mopENF8uu0BV_FtoSSJCEqX7GGOupy85zVMK2iih292x8opjHRVGCJGYswZDlmErlmn_0meYwiKuWA2mPBniESNIxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0NTM1OTEyMzMwOTEyODU0NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1

Request Chain 121

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8pmJ4RRR6RVQQ9HRndOyIq3qEAzNgsjPdP2XgGAhV0zsKTdL0-QSMcuiQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8pmJ4RRR6RVQQ9HRndOyIq3qEAzNgsjPdP2XgGAhV0zsKTdL0-QSMcuiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDBhUDRUV1oxUDZsTHg1&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8pmJ4RRR6RVQQ9HRndOyIq3qEAzNgsjPdP2XgGAhV0zsKTdL0-QSMcuiQ

Request Chain 122

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDn_aQfatXtq_w-lHJ5COv8&google_cver=1&google_push=AavPq0Nz7HjJTP5bM47zCAxU5vE356VMRbiofiwYlVNZhKMXgGLrMnosJIBxpJdnFXaGB1MB6vpviHixQe9-WxgYY073BA9gC3h-dwI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDn_aQfatXtq_w-lHJ5COv8&google_push=AavPq0Nz7HjJTP5bM47zCAxU5vE356VMRbiofiwYlVNZhKMXgGLrMnosJIBxpJdnFXaGB1MB6vpviHixQe9-WxgYY073BA9gC3h-dwI

Request Chain 124

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHxmk7gBYgWqc6z6YzbYXk&google_cver=1&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAHxmk7gBYgWqc6z6YzbYXk&google_cver=1&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U&google_hm=kEMBjEqYQwWS8hP0HESMow==

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEElPRzddISUz4X5BFs0Ilzg&google_cver=1&google_push=AavPq0NOV5FuZ85tuDu5wYwB9TIMgMAuFJCioKkCPxXRIuIijpifyr_EhkFzqfzMoRn7kcntX6MFMzRjqYgaMYI3foLmtRhXF6x3OE0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEElPRzddISUz4X5BFs0Ilzg&google_cver=1&google_push=AavPq0NOV5FuZ85tuDu5wYwB9TIMgMAuFJCioKkCPxXRIuIijpifyr_EhkFzqfzMoRn7kcntX6MFMzRjqYgaMYI3foLmtRhXF6x3OE0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0v3c3oe0QWSLgywu2msXQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NOV5FuZ85tuDu5wYwB9TIMgMAuFJCioKkCPxXRIuIijpifyr_EhkFzqfzMoRn7kcntX6MFMzRjqYgaMYI3foLmtRhXF6x3OE0

Request Chain 151

https://fw.adsafeprotected.com/rfw/st/1221363/67517898/skeleton.js?adsafe_url=https%3A%2F%2Frobloxscripts.co.uk&adsafe_type=g&adsafe_url=https%3A%2F%2Frobloxscripts.co.uk%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8587621567638470%26output%3Dhtml%26h%3D90%26adk%3D3560408191%26adf%3D2062025852%26pi%3Dt.aa~a.1655840814~rp.4%26w%3D800%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1671239606%26rafmt%3D1%26to%3Dqs%26pwprc%3D9263488314%26format%3D800x90%26url%3Dhttps%253A%252F%252Frobloxscripts.co.uk%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1671239606356%26bpp%3D1%26bdt%3D1387%26idt%3D2%26shv%3Dr20221207%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D727a952b0a760ff2-22e28d611eda0093%253AT%253D1671239605%253ART%253D1671239605%253AS%253DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ%26gpic%3DUID%253D00000b93951812d6%253AT%253D1671239605%253ART%253D1671239605%253AS%253DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA%26prev_fmts%3D0x0%252C728x150%252C728x150%26nras%3D2%26correlator%3D1414891210728%26frm%3D20%26pv%3D1%26ga_vid%3D151929099.1671239606%26ga_sid%3D1671239606%26ga_hid%3D269102092%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D800%26ady%3D1319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071219%252C44779794%252C44780792%26oid%3D2%26psts%3DACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ%26pvsid%3D1940857227105182%26tmod%3D1968973983%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3DbsZyRsGBfa%26p%3Dhttps%253A%2F%2Frobloxscripts.co.uk%26dtd%3D6&adsafe_type=bed&adsafe_jsinfo=,id:fa0fe7c5-624f-64cc-eb0a-675edaba5e86,c:x0OrVI,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-8774b,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:183,mot:0,app:0,maw:0,fm:tqer4ED+11%7C12%7C1311%7C1312%7C141%7C151*.1221363-67517898%7C1511%7C1512%7C1513%7C1514%7C161,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:200,oid:02926673-7da8-11ed-920f-82ad5f916457,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

171 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
robloxscripts.co.uk/ 78 KB
31 KB 208ms
104ms Document
text/html 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d6ae5c92a6947be31fd40a7c6955c0be3b92b16b6060a1ed47717f747766cfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77abcbca6ae5bb62-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 17 Dec 2022 01:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7Rcm1ZJKxk3TYdsfVkVzaL0oKzkBqhC9cqCZLZt%2BbK41yXndWdZ86HFgxkRu3UDzDTjx%2BgEISZwoZzMRmfrZM%2F7dH3tId5JcsjDHIN2LuN2XGjK4s1RZIXCPrunGihOD2ivilgGzfLB8QGar38k6yuz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 style
robloxscripts.co.uk/files/ 20 KB
3 KB 47ms
45ms Stylesheet
text/css 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxscripts.co.uk/files/style
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 49ff7b3335c606040523217f19fe3824b4d73ccbd1f124e50f61bc2cd389dced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 26 Mar 2022 15:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5116-17fc6d485d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R95Vu3k%2BCDu%2BQIdAjdXkPJUqP9XpvNEdwTAWVvM44usSVt6pkhpr1aW0z4jWCtqXKUp6fN3Wr8JJYlDBPz%2BPORw3%2BYayAI%2F9j52fE5JOikhowkb21z1rXDdi%2B2hfOsiBpfpjYcN8Yb7VV%2BO0pvk5myC%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 77abcbcb3bb7bb62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 atg.js Show response
achcdn.com/script/ 95 KB
33 KB 101ms
34ms Script
application/javascript 2606:4700:3034::6815:1aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/atg.js
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d5bc90bba3b473ee568101cbef8aca05a9bf48c03ea3bd12fac2bd6d9ede2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2198
x-guploader-uploadid: ADPycdsQlVXJJdeXtu90x4nsqQ0Yjofn9_mOxIvtFYh4KOiRzKQ6vqC9zUUerRJ5UkpciwGBNjWIafiuZQpkVM5ELcDrCi9SIa7r
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:52:18 GMT
server: cloudflare
etag: W/"2bc4ef00a43183c338550d1f645dafda"
vary: Accept-Encoding
x-goog-hash: crc32c=zwlEeg==, md5=K8TvAKQxg8M4VQ0fZF2v2g==
x-goog-generation: 1670939538081813
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkvEh0V98MpzY5NcMBVtFrsjt9vd63SlbMeuX4U3nzFJ3x5QVJQlhfQOJqrt3bRff8EqGFkN%2B6dzD3GoERFDFdSfBPi%2FKH4phU%2BPymatr9jAqfPKyJY9nJPrQMNPgNCIx%2F4LUbET6AYF"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97045
cf-ray: 77abcbcbac749b3f-FRA
expires: Sat, 17 Dec 2022 01:06:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 104ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8587621567638470

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9dfef9900b77b2b7ddc310a783cdbbcd3ae070fefa192d19f3b90ccfc0a4433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Origin: https://robloxscripts.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49530
x-xss-protection: 0
server: cafe
etag: 15108573627170045148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 01:13:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 155ms
64ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-190483952-1

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

485c00e77eae103f044469455339d099f317ebfc2a6184301b6f1cdb89da0913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 17 Dec 2022 01:13:25 GMT

GET
H2 200 / Show response
dyrfxuvraq0fk.cloudfront.net/ 310 KB
100 KB 341ms
222ms Script
text/plain 2600:9000:2131:7000:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2131:7000:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 179e09745f93ebd924fe87471d25bc58b2158fe16aeb789a1d5f2748cac6aa81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
via: 1.1 9555297ca81fb4e7bc3cbd6e47ffcc26.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 101537
x-amz-cf-id: nIz2Xi_k0vmXnw8WMlbbugWZLNDK1dLPfi-h1HAWIO4flKEhIrzaGA==

GET
H3 200 397.jpg
robloxscripts.co.uk/script-imgs/ 23 KB
23 KB 52ms
51ms Image
image/jpeg 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/script-imgs/397.jpg
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 28710f6de30528e3237f7063b030002c964e2ef81b85d4bc08060a707b00323c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Dec 2022 19:59:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5b1e-1851c8526e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slfol2T9Jt6QGgHaY8VBf4gOJiV%2BSkN5OFIBPq%2BRKLY2BChI1owRA4v0IabwxNVJ678nJSfNsya3yTtoKbccCTrlzk%2FJ2Rm5ONPpSH9yZxMKMko9sD9PVJHAtWGFspr2sCqiUcxagCFlQyUa30ZTyuCY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77abcbcdee609b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23326

GET
H3 200 396.jpg
robloxscripts.co.uk/script-imgs/ 22 KB
23 KB 76ms
73ms Image
image/jpeg 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/script-imgs/396.jpg
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c3cc89478f072f175b8c2084165a0240689c812b06e0633e91b09d4dc1191f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 12 Dec 2022 14:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5930-18506cb5039"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozm4Jg8egq8xME%2FcHEDEx%2FgKX7SEoiHwY4zuGMq6vbhgF0KzG9k3h7LF9d85HzQrVjOdfpKzrOIA4IfoDLtp6ZgplvestebAEQ%2BfCCK52ZKqZpRcyQGH1eSaeA2L%2FhMgDMdW%2BmkWQfiK%2BGDQ6cmRsTh0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77abcbce2e959b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22832

GET
H3 200 395.jpg
robloxscripts.co.uk/script-imgs/ 22 KB
23 KB 58ms
55ms Image
image/jpeg 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/script-imgs/395.jpg
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4739e154396c0facfc38f9cfff6b441627ca0ab85218cc0fab0cd349f9d73398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Sun, 11 Dec 2022 15:00:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"584e-18501b3499e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5Qmgb1rjQ1N0dAoprVvlalZfsDVj3kJnFsdb6S81jB%2Ffab04YgK4iI3m5%2BFPyoKwG1XHFE59vRiQInTxNvskxcJXEMMEmzWSLOumDMDrQQ3rndaE%2BLVYK4jqVkPZsyReQro3jBt%2BWZ6CfxpaIco3aP0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77abcbce2e969b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22606

GET
H3 200 394.jpg
robloxscripts.co.uk/script-imgs/ 20 KB
20 KB 78ms
75ms Image
image/jpeg 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/script-imgs/394.jpg
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2439b57243d5266548670863c44e2c3a098d62bf356ec70e1b5e3a78f40ce4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 10 Dec 2022 22:32:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4e0f-184fe2b6ae9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFBnCMeH%2FOAz4Nm1GGDvuC6Yu%2FGVWOce%2Bb3igKIxOcY0K4wmx80%2F%2FUgKSl4TOn7a32LpKm0ihRpjl0CN3bUDFvVP1SlL4X9s11O0O6IzY9eDyiSXZq2WdSiza55rVZ4MZHQuLwsTYjcQFc8zLBVk3IWt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77abcbce2e989b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19983

GET
H3 200 393.jpg
robloxscripts.co.uk/script-imgs/ 17 KB
18 KB 55ms
52ms Image
image/jpeg 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/script-imgs/393.jpg
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 51618f12ee169c65d026f78ccaed2dfdc1c7875bf4f8d502c87f8e1724483081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 10 Dec 2022 00:31:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"44e9-184f9719097"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF74Caq9rio6AXb4iRKhWVtRKU4hwIF%2BUuDU2twgH%2FTRozQBHreXVGMDqkAbUtnlFGM4qipAH1pOTDzL773cWj6QOABz87foq3IlOFJVgeCvla9iZPZuExxh3RiwdXVyN1fSszBDOZVbh7e1T%2Fx0HseT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77abcbce2e9a9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17641

GET
H3 200 white-dots
robloxscripts.co.uk/files/ 4 KB
4 KB 97ms
93ms Image
image/png 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/files/white-dots
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c87726b3f379ee5f644434717a06d69df2a35a99c04119b6b23af6b93ffcbfc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Nov 2021 12:35:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"fb2-17d330b2078"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08BL6plVh%2BkKPXYfIUwr5SCmABPGs66eHNXWsW9tJcrYRIEqaM9xjbbLpmYTDGp%2F9Ib58o6tDkA1iU%2Bv%2FzEaZFa%2FDCFcczR2gmlNSmdow5VC4xXWo8Hy%2FWBHM8mGzxlMoIe%2B90Z2bdDPkzXd91u8mTO4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 77abcbce3e9b9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4018

GET
H3 200 aboutus
robloxscripts.co.uk/files/ 19 KB
20 KB 97ms
94ms Image
image/png 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/files/aboutus
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 93b0a220a676b3b79546353dcfb1f677abfbbe74b40a04a89b6b23faf2b9239a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Nov 2021 16:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4ca8-17d33e6f1e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrB00pWcOrDrgjd4x422KufsInGOZXAkMzxlDMBaEkbTra1Mju3rk91xaElpjvPOgxqy6TOb4SVhD7ruzYMmkSEtd475o0MdhA1kW5s5Wfh1zLXw1et4cJehmFYaT1biyfrYkU87FRVdImUx1kQEJKce"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 77abcbce3ea19b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19624

GET
H3 200 shareyourscript
robloxscripts.co.uk/files/ 12 KB
12 KB 98ms
94ms Image
image/png 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/files/shareyourscript
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5dd26980e87b13b3481a224effeba8aa8b6f93caa9c8bb3706001675b4af2d55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Nov 2021 16:43:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2f17-17d33ee73c8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jWsTivWFIdFTvZgrroh4UhRQ%2F%2BZOolDulyJV%2F6CWNY%2FtmcgSZxXe3tvMdoNqd2CSMX8wSLZ%2BgdzBU1DR8t0N00G1ApVA2%2Fibc4UdBF56PiVxaOBkDUuUrXzwiK3DBc5kzuLXt%2Fvpt0eDsteZx6l%2BDxD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 77abcbce3e9e9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12055

GET
H3 200 termsofservice
robloxscripts.co.uk/files/ 18 KB
19 KB 98ms
95ms Image
image/png 2606:4700:3034::ac43:b043
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://robloxscripts.co.uk/files/termsofservice
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ab6eb32c8877791127d48d3974a960e3c972b1c7111dca432aa5c26602970780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Nov 2021 16:55:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4812-17d33f95cc0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFspKWJNys7wzuM7g23EsRKT7TLYLqVBXps1Ji5GRNN1WjnNkcsZVhuuTL%2BvJ%2BdP0NWl5tSRN8Iz2ff5uJgwfOp7zho4DEjYF4oAIpB2vaWclOVvDn4SNjdYlNESsR3GmRBqSNscz0nkYOatDl9ybF3N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 77abcbce3ea29b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18450

GET
H2 200 css2
fonts.googleapis.com/ 112 KB
30 KB 160ms
68ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Shippori+Antique:wght@300;400;500;600;700&display=swap

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/files/style

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87bc342871b13644ee3c3f98ac5c566cbdb1121b610f09d195bc33e40de9c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 01:13:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 01:13:25 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 111ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8587621567638470&plah=robloxscripts.co.uk&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8587621567638470

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fb024c4e143035c7bc6c634bca0acb039ecc9c623ed3caa3ed7c49ca10ad394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 13401392082991444023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 01:13:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 8670 10 KB
5 KB 129ms
34ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8587621567638470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 02:49:30 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 02:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 373ms
305ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Dec 2022 21:45:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.co.uk
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC4un2anMgnTioc25fgAQH%2BJhxiexaZb4IRIO3WmW9KPufkvdjAxrXqUZpMWNGjUtn0G%2BmoLQFBxTllcfBv6cRVIuDUYAwEcnO5tArBK9oqskgrPKtdJ6zy5i%2FD7Yoxv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 77abcbce6c849255-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 26 B
645 B 194ms
127ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc95b0963e7421a602f1edc8a17f667f8a95373c4cb9207454a9642f09c2d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTGdnrh7mqTI1bciRfDuSg31SBGIX0gtQfmbfOCqXka%2F6Z18CSbz1fy%2FuvVmJrlDeXcMxceukIDkG55dgM1PlhwjQsqH8CPcmz%2FwGLt8SVxt5hmlyB8w9DlseQZRAAAu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.co.uk
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 77abcbce6c859255-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
unentsimmends.xyz/ 0
493 B 170ms
112ms XHR
text/plain 108.138.17.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unentsimmends.xyz/utx?cb=TdGQxggaauoB&top=robloxscripts.co.uk&tid=953427
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-55.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.co.uk
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: KOaOBd2X65wPRBfeSuzYww3auFxNeS3oRj-zu57hzxXHK5a8-Lz37w==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 276ms
216ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Dec 2022 21:45:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.co.uk
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP1RIWjI9yqx%2F1z17z8cCVEug13%2BGBcV2x2fyj1xU8zkqDS4f4GTWNGqM%2FXwy%2BOGcDMCQkqLeuAi5npp7DxqhnKN0CplikY%2BSNpR4%2FxgV5DomqxMArq%2BlpXLj3cxfEdW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 77abcbce6c869255-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 26 B
349 B 191ms
131ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d4111dfc8ca7327d18c7fb60b59b2c8c0acf19e20a170eaf86e9892dae5995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8woOdGy7JHOWV59hnPZQHTsO%2FqCawkW%2FfTQPbsOq09Su1RiZyI3pm6bqOTQmPm3HGZ7ra6feFGxLyJEq3jC0nBSAXOzJYFZmuhpxGbshVacYO2stg2QeQxZYRBfK1YDc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.co.uk
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 77abcbce6c879255-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
unentsimmends.xyz/ 0
491 B 168ms
117ms XHR
text/plain 108.138.17.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unentsimmends.xyz/utx?cb=kCfRM2RIkvIn&top=robloxscripts.co.uk&tid=961531
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-55.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.co.uk
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 61dA9Y9DjgeDLBGtQ6n_u2nCRStHpRhXt_1C8DuZTUftH3fdi7_uTw==

GET
H2 204 MGJObHMfXS0fTn1Sex4hSiMLCiUBUA8LAxVQCDs7BCYMJEpkBDkLVUQLKlFKBVF6XkQWEicITgFEPRgSRBc9UUIWCyAKHA1EOFFCHlF6QkABTHxKBg1TaBgDUQVzXVVAFjoATgFUeV1BA1t4XEYEUX0
kitantiterhalac.xyz/ 0
256 B 180ms
119ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kitantiterhalac.xyz/MGJObHMfXS0fTn1Sex4hSiMLCiUBUA8LAxVQCDs7BCYMJEpkBDkLVUQLKlFKBVF6XkQWEicITgFEPRgSRBc9UUIWCyAKHA1EOFFCHlF6QkABTHxKBg1TaBgDUQVzXVVAFjoATgFUeV1BA1t4XEYEUX0
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eNbtXzgpVIGr0Qho3bAD1Xrk%2FfZJa%2FXhOWOQdwnRaPZzDR8Ci1OuZzS8m6pzoPXt55Ro3GPB5YUfIaM%2FULjgA9PdpuI62gqH4X4ToSfgQgchysKXETy7Uqs77TB6JW89YXVrBOB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 77abcbce8c35904c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 196ms
144ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-1862212919%3A1671239605589459&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSign...

0
0

311ms
235ms

Image
text/html

2a00:1450:400d:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1862212919%3A1671239605589459&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh670u8Xkdhk88EnyLaOaVieSQS39cXIvdiGm0VyqyepxDwUqy1MJ9haHd5Nyach8ou3r9w3yQ
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Server: 2a00:1450:400d:808::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Sat, 17 Dec 2022 01:13:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-eHx9LaAtdhRb_c0prpkyJA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1862212919%3A1671239605589459&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh670u8Xkdhk88EnyLaOaVieSQS39cXIvdiGm0VyqyepxDwUqy1MJ9haHd5Nyach8ou3r9w3yQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-1844601536%3A1671239605695534&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...

0
0

85ms
79ms

Image
text/html

2a00:1450:400d:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1844601536%3A1671239605695534&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6pL4mOeN4qniwEsgt1hoNDb_P26il7dM05MPxxJ6ZeBCaRTm4ZlXqPnP-TZK7XxEoBJThwQA
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H3
Server: 2a00:1450:400d:808::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Sat, 17 Dec 2022 01:13:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZP8LCcwW-Ql04D57cv_d-w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844601536%3A1671239605695534&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6pL4mOeN4qniwEsgt1hoNDb_P26il7dM05MPxxJ6ZeBCaRTm4ZlXqPnP-TZK7XxEoBJThwQA
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
kitantiterhalac.xyz/ 35 B
555 B 90ms
29ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kitantiterhalac.xyz/popunder.gif
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 20:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16056
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqYNwuN%2FzYLX6%2F2Hfe4tH%2BkgNUmab%2BAIoUTBtgD0JRplmpAArJf4tYjS1e0kbXlJMb3NMVbxRB79O9aEppTXGjkPHkUGT2GNilJOr3ahzyNQMcVH7LimRm9UkYa%2FfNrbdz%2FUSH23"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 77abcbce8c39904c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 BlBb
kitantiterhalac.xyz/a2lKMmREVilBWQ4+PmMzLC8aalYtHxxnHD8zDUY2Oi8mWj09AmxGDQ9UcwRVXlp7FBQCDXcDQhgdK0YRGFR7FA0FDyUPQh1UexxXX0d5A0pZTz8PVU0dOlMDVlhsQhAfBXcDUlxYeAFdXVl/ 0
250 B 183ms
123ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kitantiterhalac.xyz/a2lKMmREVilBWQ4+PmMzLC8aalYtHxxnHD8zDUY2Oi8mWj09AmxGDQ9UcwRVXlp7FBQCDXcDQhgdK0YRGFR7FA0FDyUPQh1UexxXX0d5A0pZTz8PVU0dOlMDVlhsQhAfBXcDUlxYeAFdXVl/BlBb
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W43nSSL5N8PWOYZZlsk1v5J8esK8iOmEvg%2FZI8BI5B88XPxKpqY998JuQOKw19wMbbxmYik%2FJEtQepUgwFBiJXoogmkTdRNFFP14U%2FykGUteuq6v331NQEHALhifGZz%2BewgjFN6O"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 77abcbce8c3b904c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
dyrfxuvraq0fk.cloudfront.net/ 310 KB
100 KB 302ms
199ms Fetch 2600:9000:2131:7000:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2131:7000:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3915993380e7aeb6ebf21561e93a82badc0a22e6513098c2baf8de748676ff94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
via: 1.1 c5dd4b18ed9adf7bc0574a33c2887012.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://robloxscripts.co.uk
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials: true
content-length: 101536
x-amz-cf-id: 7UsavdIItAabarFGyM0JSaomRxWg7tgmIPaMar4T1YPd0yI_nrCMRg==

GET
H2 200 -F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2
fonts.gstatic.com/s/shipporiantique/v8/ 29 KB
30 KB 73ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shipporiantique/v8/-F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Shippori+Antique:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f779b4445544936d84083d7ee72b1bf1514f186cd057787049d6dc2da3b7bd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://robloxscripts.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:28:33 GMT
x-content-type-options: nosniff
age: 63892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29788
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 07:28:33 GMT

GET
H2 200 -F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2
fonts.gstatic.com/s/shipporiantique/v8/ 12 KB
12 KB 95ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shipporiantique/v8/-F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Shippori+Antique:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

763afe5712e351cbb1f40a834e030e7bdb8c113ea261f5596883a27e16602bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://robloxscripts.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:48:19 GMT
x-content-type-options: nosniff
age: 404706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12384
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:48:19 GMT

GET
H2 200 -F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2
fonts.gstatic.com/s/shipporiantique/v8/ 10 KB
10 KB 71ms
52ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shipporiantique/v8/-F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Shippori+Antique:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

567e4c306c567c4f2a1047c3a55a3890a497afc9aa34012a1b1791125cdc6422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://robloxscripts.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 16:20:05 GMT
x-content-type-options: nosniff
age: 32000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10608
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 16:20:05 GMT

GET
H2 200 -F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.107.woff2
fonts.gstatic.com/s/shipporiantique/v8/ 11 KB
11 KB 61ms
42ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shipporiantique/v8/-F6qfid3KC8pdMyzR0qRyFUht11v8lInk-AFfrgQrvWXpdFg3KXxAMsKMbdN.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Shippori+Antique:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87728d116a78a7b27ee8d35887fe180bf5f031fd2e3471e3d46b79717678ae5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://robloxscripts.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:19:55 GMT
x-content-type-options: nosniff
age: 140010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10908
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 10:19:55 GMT

GET
H2 200 EiJQKBcoBCIkDgAtLxIVCiMYXGp3MjYjPAM2NSAfERgVBh8UTCgkKAsONVQjHzAbLBYHNTAvKXQTFTIJPR0zIzsNIzYJKRAfBQEuA0EuMn4yBCISfww8CysfEidYPy4TRScyIzVMKVQVHFILFiArBFwKO3wAWVQcERhYPCgyQg4p Show response
unentsimmends.xyz/dGFlT0UVAwYiehVcB2kwBg1YancyRFcJIQ0TAzcwAhMEPnUSCkssKRsUASk3Gw8RYSsRFUB9AxUACDs1FicKBQc1Ai4VF0AiIRkDHjlUJyEsDFQCBCYOIQEHBDYnJy0eKQkBHCQWUQgQHiApAxMDJC8aKgEkJHYQLCkSCAYTAikVdQMuJzh... Frame C0EF 3 KB
2 KB 120ms
120ms Document
text/html 108.138.17.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unentsimmends.xyz/dGFlT0UVAwYiehVcB2kwBg1YancyRFcJIQ0TAzcwAhMEPnUSCkssKRsUASk3Gw8RYSsRFUB9AxUACDs1FicKBQc1Ai4VF0AiIRkDHjlUJyEsDFQCBCYOIQEHBDYnJy0eKQkBHCQWUQgQHiApAxMDJC8aKgEkJHYQLCkSCAYTAikVdQMuJzh8GjZVfww3JQ0XHURZPAQiISAzDgwDJg0kIDILUSsNDAkuAzIANicOCBMgEiwDMDlcFgkiGSYuLk07MhoUACASGgs1GFUVERgVBgEHQS4yfj0GNg4ZHyc2DiARGBUGAxQ5Jz1+LVFTIxgWGCw9IionOTNidDIHVCcnNyMSPgcTVQAMERMjJCd0PgAmNyAjDRF/EiJQKBcoBCIkDgAtLxIVCiMYXGp3MjYjPAM2NSAfERgVBh8UTCgkKAsONVQjHzAbLBYHNTAvKXQTFTIJPR0zIzsNIzYJKRAfBQEuA0EuMn4yBCISfww8CysfEidYPy4TRScyIzVMKVQVHFILFiArBFwKO3wAWVQcERhYPCgyQg4p
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-55.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 19861b0c2bcc4d97db6d80ca660c944ff4bac61b6957e5ca9cbe09b9d1f61efd

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1243
content-type: text/html
date: Sat, 17 Dec 2022 01:13:25 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-id: JmlssvVMBvtdpoN1HcebYTSvsIu4zHBl6JqAnmU_Blaw5kUkSKDBOg==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 CwsYH04fDjwhcAI5Lht7AhNYOFwmHCEaejkILQtaGTQVJnwcDzo+cy01JQ5hfxApNUkoMTQicws9PXl0CEgjHEN+Sj0fABwcFSJwDz5cIHI9IjwPXjIBPxtWGB0kKWkCLlwmcD0fCB8Lc0k6OmsLGl8bYR0PPiZdejI2KVRzSTo1CC4yJAttHg8PBGAmLg0ZcTICO... Show response
unentsimmends.xyz/bE05SngNL1onRw1wW2wNHiEEb0oqaAsMHBU/XzINGj9YO0gKJhcpFAM4XSwKAyNNZBYJORx4PiYDfDowNn9JEjI/JnscLS0ncHsIOAxXPgE6C0oZMSgccAg9Pn5/ Frame AA5A 3 KB
2 KB 115ms
114ms Document
text/html 108.138.17.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unentsimmends.xyz/bE05SngNL1onRw1wW2wNHiEEb0oqaAsMHBU/XzINGj9YO0gKJhcpFAM4XSwKAyNNZBYJORx4PiYDfDowNn9JEjI/JnscLS0ncHsIOAxXPgE6C0oZMSgccAg9Pn5/CwsYH04fDjwhcAI5Lht7AhNYOFwmHCEaejkILQtaGTQVJnwcDzo+cy01JQ5hfxApNUkoMTQicws9PXl0CEgjHEN+Sj0fABwcFSJwDz5cIHI9IjwPXjIBPxtWGB0kKWkCLlwmcD0fCB8Lc0k6OmsLGl8bYR0PPiZdejI2KVRzSTo1CC4yJAttHg8PBGAmLg0ZcTICOCYBDR0FYGASPwAqTwc5JQRhMzUWHFUiAQp+axsqLSkBExQ6LHEJPRoITi4hDn5sISwbFw8BD1gPbB1BXRtOeyonHk4DKRQLDS4PPQ5rIy0dDFJyPygFYxItBD0PKy4mF3gSNhwbVS05Dn5vEj86GEoAEDkJfBIfLhhVITw2BWsYLCkLCi4fSidKJRYccGomPx8CURNAXwdr
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-55.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: dc390ff5d666d7f96c6203febe644be7e7bed0386e87bc42a9a0a5212dad47a3

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1235
content-type: text/html
date: Sat, 17 Dec 2022 01:13:25 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-id: AjmtIJMZtE62_rZi7NkgCygs1rGFsq9lZ6sw-1mP_AC7T-qAPkS1MA==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 153ms
77ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0G1D4NG94V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-190483952-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d80f64908e3ac08b47d993f5ec5f118f3d2db9a4e5cff7da71c485a6f7d77dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 17 Dec 2022 01:13:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-190483952-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 23:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7059
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 17 Dec 2022 01:15:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
702 B 81ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=robloxscripts.co.uk&callback=_gfp_s_&client=ca-pub-8587621567638470&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8587621567638470&plah=robloxscripts.co.uk&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f812db772de75c54043d61ab65c189360fdbb324aa9fc35863bdd8edcfb5a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 151ms
58ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxscripts.co.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
33ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.co.uk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2018 119 KB
37 KB 651ms
571ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&adk=1812271804&adf=3025194257&lmt=1671239605&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frobloxscripts.co.uk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605386&bpp=82&bdt=416&idt=256&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1414891210728&frm=20&pv=2&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c7d2c3a83f975687c0c1f2d2acd5ba3d0d747fbbab87ffd2357ac2adb1fcd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38057
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:26 GMT
expires: Sat, 17 Dec 2022 01:13:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JNEpHZ2pXJSkBVUAjI1pTAntyVFsSIDQIBER3FAstRwUvPlIHABVBHk4ueldMWCspAFcSLykEVwVsJgMICX5hExpbIXoJAEQ4MB0OQz42QR9VdyoIEF0mKwZPBgxySVoReHdPHV0kIwgdR291VwRAb3VXWwRkd0JZdm91Vx1dJHFTTwcIYlVaTHxzTk8Gei-YXGlg... Show response
dyrfxuvraq0fk.cloudfront.net/ Frame AA5A 807 B
854 B 197ms
196ms Script
text/plain 2600:9000:2131:7000:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/JNEpHZ2pXJSkBVUAjI1pTAntyVFsSIDQIBER3FAstRwUvPlIHABVBHk4ueldMWCspAFcSLykEVwVsJgMICX5hExpbIXoJAEQ4MB0OQz42QR9VdyoIEF0mKwZPBgxySVoReHdPHV0kIwgdR291VwRAb3VXWwRkd0JZdm91Vx1dJHFTTwcIYlVaTHxzTk8Gei-YXGlgvMAIIXyMzQlhyf3RQRAd8YlVaHCEvEwdYb3UkTwZ6Kw4BUW91Vw1RKSwIQxF4dwQCRiUqAk8GDHZXUhp6aVJZAXNpVlgAb3VXGVUsJhUDEXgBUlkDZHRRTEF3dg
Requested by: Host: unentsimmends.xyz
URL: https://unentsimmends.xyz/bE05SngNL1onRw1wW2wNHiEEb0oqaAsMHBU/XzINGj9YO0gKJhcpFAM4XSwKAyNNZBYJORx4PiYDfDowNn9JEjI/JnscLS0ncHsIOAxXPgE6C0oZMSgccAg9Pn5/CwsYH04fDjwhcAI5Lht7AhNYOFwmHCEaejkILQtaGTQVJnwcDzo+cy01JQ5hfxApNUkoMTQicws9PXl0CEgjHEN+Sj0fABwcFSJwDz5cIHI9IjwPXjIBPxtWGB0kKWkCLlwmcD0fCB8Lc0k6OmsLGl8bYR0PPiZdejI2KVRzSTo1CC4yJAttHg8PBGAmLg0ZcTICOCYBDR0FYGASPwAqTwc5JQRhMzUWHFUiAQp+axsqLSkBExQ6LHEJPRoITi4hDn5sISwbFw8BD1gPbB1BXRtOeyonHk4DKRQLDS4PPQ5rIy0dDFJyPygFYxItBD0PKy4mF3gSNhwbVS05Dn5vEj86GEoAEDkJfBIfLhhVITw2BWsYLCkLCi4fSidKJRYccGomPx8CURNAXwdr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2131:7000:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c62a7314dcb0e4752db9942574709c13d5a1ac536dd8fda5e440d6a36acb5e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unentsimmends.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
via: 1.1 9555297ca81fb4e7bc3cbd6e47ffcc26.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 577
x-amz-cf-id: r89Q3OGqRnIhfMmEOqoPMZNgou1e1pG3Ow-4k4ZglAytez0hpdkvPA==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CD0 78 KB
33 KB 243ms
184ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=3215562993&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605469&bpp=9&bdt=500&idt=210&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KUgEVtGvGd&p=https%3A//robloxscripts.co.uk&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34660d0c464f30d5df668e9ecdc77fa0aa53e42810b13c00f02eab1ac2aaefd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33501
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:25 GMT
expires: Sat, 17 Dec 2022 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WFsFBTEPTltcPQ8IAgNzT1lZDzIYBAQJf1gtWFxiRFtHWWlfUkddaF5OW1wpCw0IHjNPWS9ZaV1FWlp8H1ZY Show response
dyrfxuvraq0fk.cloudfront.net/aamtpbFoJBAcKZR4CDVFjX1hdXm1MARoDNBpWBhhjHlNYPw4GUjALLVwEJUouEA9UXHwGCgcLZ0wOBw9nW00ICDhXX08YKgUAVAIwGhkeFj4dHxhKLwtWBAMgAwcFDX9YLVxCak9ZWUQtAwUNAy0ZTltcNB5OW1xrWkVZSWk... Frame C0EF 768 B
829 B 189ms
188ms Script
text/plain 2600:9000:2131:7000:7:f62:ac00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyrfxuvraq0fk.cloudfront.net/aamtpbFoJBAcKZR4CDVFjX1hdXm1MARoDNBpWBhhjHlNYPw4GUjALLVwEJUouEA9UXHwGCgcLZ0wOBw9nW00ICDhXX08YKgUAVAIwGhkeFj4dHxhKLwtWBAMgAwcFDX9YLVxCak9ZWUQtAwUNAy0ZTltcNB5OW1xrWkVZSWkoTltcLQMFX1h/WSlMXmoSXV-1Ff1hbCBwqBg4eCTgBAh1JaCxeWlt0WV1MXmpCAAEYNwZOWy9/WFsFBTEPTltcPQ8IAgNzT1lZDzIYBAQJf1gtWFxiRFtHWWlfUkddaF5OW1wpCw0IHjNPWS9ZaV1FWlp8H1ZY
Requested by: Host: unentsimmends.xyz
URL: https://unentsimmends.xyz/dGFlT0UVAwYiehVcB2kwBg1YancyRFcJIQ0TAzcwAhMEPnUSCkssKRsUASk3Gw8RYSsRFUB9AxUACDs1FicKBQc1Ai4VF0AiIRkDHjlUJyEsDFQCBCYOIQEHBDYnJy0eKQkBHCQWUQgQHiApAxMDJC8aKgEkJHYQLCkSCAYTAikVdQMuJzh8GjZVfww3JQ0XHURZPAQiISAzDgwDJg0kIDILUSsNDAkuAzIANicOCBMgEiwDMDlcFgkiGSYuLk07MhoUACASGgs1GFUVERgVBgEHQS4yfj0GNg4ZHyc2DiARGBUGAxQ5Jz1+LVFTIxgWGCw9IionOTNidDIHVCcnNyMSPgcTVQAMERMjJCd0PgAmNyAjDRF/EiJQKBcoBCIkDgAtLxIVCiMYXGp3MjYjPAM2NSAfERgVBh8UTCgkKAsONVQjHzAbLBYHNTAvKXQTFTIJPR0zIzsNIzYJKRAfBQEuA0EuMn4yBCISfww8CysfEidYPy4TRScyIzVMKVQVHFILFiArBFwKO3wAWVQcERhYPCgyQg4p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2131:7000:7:f62:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 01bde3f8ec0ae7e3b467d245795f1c5ce0440119c3299139c494d4b9c8c7389b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unentsimmends.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:25 GMT
content-encoding: gzip
via: 1.1 9555297ca81fb4e7bc3cbd6e47ffcc26.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 552
x-amz-cf-id: JSWrtPJ1_LSfEywSj5EmFDC7k8PMX0E2399P6u5p_m0H_ZAQ07wNag==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9436 85 KB
31 KB 338ms
287ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f48b782abe88686037c67f83090b8a1f90953cbcbb6f19d9b3915347f3a9dd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:25 GMT
expires: Sat, 17 Dec 2022 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 75ms
29ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=269102092&t=pageview&_s=1&dl=https%3A%2F%2Frobloxscripts.co.uk%2F&ul=en-us&de=UTF-8&dt=robloxscripts.co.uk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=35788810&gjid=1011803562&cid=151929099.1671239606&tid=UA-190483952-1&_gid=1871249603.1671239606&_r=1&gtm=2oubu0&z=925506899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://robloxscripts.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://robloxscripts.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 78ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0G1D4NG94V&gtm=2oebu0&_p=269102092&cid=151929099.1671239606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671239605&sct=1&seg=0&dl=https%3A%2F%2Frobloxscripts.co.uk%2F&dt=robloxscripts.co.uk&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0G1D4NG94V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://robloxscripts.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3C4D 624 B
246 B 61ms
61ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNVlX6F9BT6Cgusi8mHbT5UQPuZgBr7NKu9x9fM9z_JioVLDaynu8q8-vmozL-LU2GYbe-gyrybibCbpv4mUNoOlYR4yA4B2-Mv3JBN9BM9ooetyqm4ZLJhWgPFUFhp5mv2dJwJYTMiPUExS6Xza0_C3W6i0Ug_Fxm2a5hFzYkO5PP4QR7k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=3215562993&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605469&bpp=9&bdt=500&idt=210&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KUgEVtGvGd&p=https%3A//robloxscripts.co.uk&dtd=217

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=3215562993&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605469&bpp=9&bdt=500&idt=210&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KUgEVtGvGd&p=https%3A//robloxscripts.co.uk&dtd=217
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:25 GMT
expires: Sat, 17 Dec 2022 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1EA0 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 05:18:24 GMT

GET
H2 200 9679402192842586692
s0.2mdn.net/simgad/ Frame 1EA0 57 KB
58 KB 145ms
37ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9679402192842586692

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eadcb1af465be5c65d5eb94eaa2ddb5b9148bfb9aeff3246bc75b6744646e0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 16:00:05 GMT
x-content-type-options: nosniff
age: 119601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58494
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 09:33:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 16:00:05 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 1EA0 6 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 05:18:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EA0 0
0 128ms
61ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHC-zZkbsluRI-eSoEoVii5qU_H68OrnlpCJ47nbpXZFF2AuYMhYMxfIAmXzJTEVIhNAF3ne-WLagt09XD2cR3xwTD_cCy88AvkJKJn0Li5H65MJ_uJs0rs35GJUEOwlKot1rvNNsqzh2wNJPKKsv0mSQMJTcV1cq5wJJanjXzgOK_5rPOf2AcEzVqmdUm6OTj6CnQe3pOLf-bp_h-eGycS7EEPTP8cZJpiSWGc94vqjjj8Ts8a8O15rgcVA5UCVNl4WJrTrkJ70ViasiUHOGF6Q1ul_xbRkwcHTaB16aSn9lvrLIxUHRchwz6Vegxz278jfEsyBiCYseriulb4-N2ZlLE7ogVpSuyOnQDrSFTIsNLyn1SmKPJUjtCaxycYvwXLGwYpwKWgWxhhGvlqk7an21hPPlIbd7p9mDTdenNuwOOwcDVT7ZqWT32rfSZAtZdcCQTmpZGbLuswjvmU7vf5A7anbXxmf1_ahGBnmE8k81M-fKoclM-Hx5Q1ZzJiCd-xoDwQi-jjmqzJtmIXGdQomb_Pm8P5EHFvncTSapsUkZJwJON3WmFnTkNZ57RAXIKuUtVUxTx8STBLHM8vGzcEUBw8QNTmagMq8ryzLM1ujdz2pUpH2VIgeB3KDxrMlXaWYNKLarGbqY0tNW1VGCv9hakCh5Q-iolMeE8Vk2wWXL0Crv68NG0v6DIYdHe-IIP6n_RZHfcCfpkw7oHU7dcU9bdHXmA9vuppUmyIPKmLnD2WRUAc40pStZ4F4qAG2Ff9zrcMVVi_c7DMWK-DclNyoovOzJZao0e6WGCpAE0pwC1dT_-wdHEM3xr6wLq-i9idHT7drDayhh-e5oXkHm2y4NVS7BdNMK5QILRF_hdK49v3wR0U4ShZL3xR2nMOUIOrBv5JfVxvF72-dR3ss9JbBcQOXj1OGOjFKVCvmqhO99HAF11qsHAZVjP8Pp9PKwH0Z2pB2Ge4bNq4goT67uint3t7zaWB0dfOWFolcGz9m7e6FEqy7e--142CxUeQl6cP9kCjhNABGywtCtN94K2h0AGODsXrkT6_daoyiyUgJIrQVV56QZxwEzV2Wnqg8DHh1SdvQP8bggttoEqn_ID51LIqPknLkg107KwNULFB2g-U9FVsWbhhxRNP908XmxF9IK_I6m2gJAvi90fIaETIKumuBkAiA&sai=AMfl-YSL7BhqfDuliFfP4xVtakHjirHWJCVwzr1Y5ftfp_3BQo0XJ11k-HZBlut9CxV3goFZkKkupf6nOUkRI3yplKF5FcJwS84PklEt2wel9QYCoUYim9fReOvnsF_yqBqNZoI7HSzHigSEj74GfToPCaQruCgAG9WEbY4CQMFy2xzNca74FmPM7x9OwXnVqh3dhzoWKNBn37dDXK2R-p0Zpbw75n5F6w-nZItAVpFOGZT_EwFe4tltkw&sig=Cg0ArKJSzGGzaeBA2JCMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20221207.21817&arae=0&ftch=1&adurl=

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1EA0 41 KB
15 KB 92ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 13:02:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1EA0 3 KB
1 KB 109ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 19:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 19:57:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1EA0 18 KB
8 KB 89ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EA0 153 KB
47 KB 565ms
510ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EA0 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZTCpTE2obyGsQiR52Mu5yA7NZaNYsrLG75lI_FiGuSkAo0GAEYpXKV2KFPYKgvkaXtWmjIwcV4yBO_U_AMihryDfE05CvvjNE_wv9roVvrTnsucc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 OXlvUnYWRgwhS29LAwg4cTMIBRsBPz4VQ2AYCGM0YD8HOjJ8FkkmH11EVmdFDUtYdAZQHVJjUEoNDiYDSkRcYkYIXwY8EFZEX2JGCF8Zb0cXSlt8RQhXXXQDBE1ZZEUOQVlhTw9AWmBBCF8bIhdeRF50Bk0NA29HD05eYEUAT19nTwFB
kitantiterhalac.xyz/ 0
428 B 181ms
130ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kitantiterhalac.xyz/OXlvUnYWRgwhS29LAwg4cTMIBRsBPz4VQ2AYCGM0YD8HOjJ8FkkmH11EVmdFDUtYdAZQHVJjUEoNDiYDSkRcYkYIXwY8EFZEX2JGCF8Zb0cXSlt8RQhXXXQDBE1ZZEUOQVlhTw9AWmBBCF8bIhdeRF50Bk0NA29HD05eYEUAT19nTwFB
Requested by: Host: dyrfxuvraq0fk.cloudfront.net
URL: https://dyrfxuvraq0fk.cloudfront.net/?xfryd=953427
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aEXVFWhy%2FS5z1ydjzvP4SXLmvZ1qA8VgxQArsot2o9jNndFMafcl7KuGi0Sn5yyW1BK6mHf0n0uez1rBiRGSY5iaYpa4YLFMUpkdIIyyYesWDYGlR7G317E2f2byQhD1AQTlzN%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 77abcbd1c89f9bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3C4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1&C=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNVlX6F9BT6Cgusi8mHbT5UQPuZgBr7NKu9x9fM9z_JioVLDaynu8q8-vmozL-LU2GYbe-gyrybibCbpv4mUNoOlYR4yA4B2-Mv3JBN9BM9ooetyqm4ZLJhWgPFUFhp5mv2dJwJYTMiPUExS6Xza0_C3W6i0Ug_Fxm2a5hFzYkO5PP4QR7k
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 01:13:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 01:13:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3C4D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y50XtloTHnfcQTyCTRSIXgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNVlX6F9BT6Cgusi8mHbT5UQPuZgBr7NKu9x9fM9z_JioVLDaynu8q8-vmozL-LU2GYbe-gyrybibCbpv4mUNoOlYR4yA4B2-Mv3JBN9BM9ooetyqm4ZLJhWgPFUFhp5mv2dJwJYTMiPUExS6Xza0_C3W6i0Ug_Fxm2a5hFzYkO5PP4QR7k
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 01:13:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_uXLvRtkmyeXohEi7xoT8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3C4D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELl94SAny_pPHD70QO3KvHM&google_cver=1

43 B
1 KB

65ms
21ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELl94SAny_pPHD70QO3KvHM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY8dvX2gEwAQ&v=APEucNVlX6F9BT6Cgusi8mHbT5UQPuZgBr7NKu9x9fM9z_JioVLDaynu8q8-vmozL-LU2GYbe-gyrybibCbpv4mUNoOlYR4yA4B2-Mv3JBN9BM9ooetyqm4ZLJhWgPFUFhp5mv2dJwJYTMiPUExS6Xza0_C3W6i0Ug_Fxm2a5hFzYkO5PP4QR7k

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 01:13:26 GMT
AN-X-Request-Uuid: bd85ee2b-5ce4-44c1-868c-7ccfad7e30c1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELl94SAny_pPHD70QO3KvHM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C4D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMjk2MDYzNTYyNjUwODc1

170 B
188 B

80ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMjk2MDYzNTYyNjUwODc1

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Dec 2022 01:13:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5ed0560f-3bc3-4968-947f-bc76003f95c8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMjk2MDYzNTYyNjUwODc1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9436 6 KB
672 B 129ms
58ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 00:44:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9436 2 KB
846 B 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 17:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9436 0
0 79ms
78ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMnqctRedY-L3L9vVgAfhp7dA7NuouW2rnJ-F6RDBhMD8-gEQASCvv-p4YJXaiIKYB6AB_J6egSnIAQmpAgtVONkHxbE-qAMByAPLBKoE8AFP0Alon2xc0lGM8Kimh2gvEKuR2ZazX9OljHnZTg7IGpWE7oZKNL8wF-qIIXMUlcU1YFWH1aZOirIzf6VYQmPUuZRR-lzgtcdPqJtQGGNmxZIAZmANYPH7uHkPqlihzQBvcmw4OUvs8h4_oU9tT6OC5ACAyGmPpNz38OieDJ_dn3kMiXpj9cAOoXJ5g9_0BOQ_37QsxftKhvxrMHRGo9YOf6ro3JBKS3uaots8UbOpWJeawmt2O1UAtIPHMJAMY6Gljsa4SCTIQtTUTk4y1bH6k86LdkYKzQzuKWY--EmA-Fis-uCUx_j8WjGdSw5wb4bABPKwhemFBKAGLoAH_Nbu4AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDv8gXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwOIFALQFQGAFwGyFxwKGggAEhRwdWItODU4NzYyMTU2NzYzODQ3MBgA&sigh=S_HEHgoEOw0&uach_m=[UACH]&cid=CAQSGwDq26N9auUy1nFQIEmb23snj87Vmf69fl2InxgBIBM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9436 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 17:06:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9436 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 19:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 19:57:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9436 18 KB
7 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9436 153 KB
47 KB 508ms
507ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 9436 34 KB
14 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
DATA 200
OK truncated
/ Frame 1EA0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5565667e79f8f7a7e4ad2299ce420179a607ccc489997ad68f1c1c1728b43ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18111592480227423237/ Frame 9436 6 KB
6 KB 71ms
31ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18111592480227423237/14763004658117789537?w=195&h=102

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6fe931e0fc30cb6dadef8ede5ded517b129a4857bfa7ff0abed53e2aea80fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 23:02:36 GMT
x-content-type-options: nosniff
age: 7850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6020
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 14:05:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Dec 2023 23:02:36 GMT

GET
H3 200 7873498217533201504
tpc.googlesyndication.com/simgad/ Frame 9436 2 KB
2 KB 73ms
33ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7873498217533201504?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89086135ae3ed7f0d7cb20dd64a536b503114e9c99afb5e763f21d673f9e44d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 23:15:36 GMT
x-content-type-options: nosniff
age: 7070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2087
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:41:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Dec 2023 23:15:36 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1EC4 22 KB
8 KB 45ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 13:02:25 GMT
expires: Sat, 16 Dec 2023 13:02:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EC4 36 KB
16 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 21:12:14 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1EA0 0
0 104ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHC-zZkbsluRI-eSoEoVii5qU_H68OrnlpCJ47nbpXZFF2AuYMhYMxfIAmXzJTEVIhNAF3ne-WLagt09XD2cR3xwTD_cCy88AvkJKJn0Li5H65MJ_uJs0rs35GJUEOwlKot1rvNNsqzh2wNJPKKsv0mSQMJTcV1cq5wJJanjXzgOK_5rPOf2AcEzVqmdUm6OTj6CnQe3pOLf-bp_h-eGycS7EEPTP8cZJpiSWGc94vqjjj8Ts8a8O15rgcVA5UCVNl4WJrTrkJ70ViasiUHOGF6Q1ul_xbRkwcHTaB16aSn9lvrLIxUHRchwz6Vegxz278jfEsyBiCYseriulb4-N2ZlLE7ogVpSuyOnQDrSFTIsNLyn1SmKPJUjtCaxycYvwXLGwYpwKWgWxhhGvlqk7an21hPPlIbd7p9mDTdenNuwOOwcDVT7ZqWT32rfSZAtZdcCQTmpZGbLuswjvmU7vf5A7anbXxmf1_ahGBnmE8k81M-fKoclM-Hx5Q1ZzJiCd-xoDwQi-jjmqzJtmIXGdQomb_Pm8P5EHFvncTSapsUkZJwJON3WmFnTkNZ57RAXIKuUtVUxTx8STBLHM8vGzcEUBw8QNTmagMq8ryzLM1ujdz2pUpH2VIgeB3KDxrMlXaWYNKLarGbqY0tNW1VGCv9hakCh5Q-iolMeE8Vk2wWXL0Crv68NG0v6DIYdHe-IIP6n_RZHfcCfpkw7oHU7dcU9bdHXmA9vuppUmyIPKmLnD2WRUAc40pStZ4F4qAG2Ff9zrcMVVi_c7DMWK-DclNyoovOzJZao0e6WGCpAE0pwC1dT_-wdHEM3xr6wLq-i9idHT7drDayhh-e5oXkHm2y4NVS7BdNMK5QILRF_hdK49v3wR0U4ShZL3xR2nMOUIOrBv5JfVxvF72-dR3ss9JbBcQOXj1OGOjFKVCvmqhO99HAF11qsHAZVjP8Pp9PKwH0Z2pB2Ge4bNq4goT67uint3t7zaWB0dfOWFolcGz9m7e6FEqy7e--142CxUeQl6cP9kCjhNABGywtCtN94K2h0AGODsXrkT6_daoyiyUgJIrQVV56QZxwEzV2Wnqg8DHh1SdvQP8bggttoEqn_ID51LIqPknLkg107KwNULFB2g-U9FVsWbhhxRNP908XmxF9IK_I6m2gJAvi90fIaETIKumuBkAiA&sai=AMfl-YSL7BhqfDuliFfP4xVtakHjirHWJCVwzr1Y5ftfp_3BQo0XJ11k-HZBlut9CxV3goFZkKkupf6nOUkRI3yplKF5FcJwS84PklEt2wel9QYCoUYim9fReOvnsF_yqBqNZoI7HSzHigSEj74GfToPCaQruCgAG9WEbY4CQMFy2xzNca74FmPM7x9OwXnVqh3dhzoWKNBn37dDXK2R-p0Zpbw75n5F6w-nZItAVpFOGZT_EwFe4tltkw&sig=Cg0ArKJSzGGzaeBA2JCMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=206&dett=2&cstd=0&cisv=r20221207.21817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
DATA 200
OK truncated
/ Frame 9436 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7404dbe69d4f51c23c3e3e2adf9e6e6eff194460979c00824aa1e1785d20acd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EC4 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSm2dtRedY-7jL5uWgAeEobnoCwAAAAA4AeAEAg&bg=!jY6ljsrNAAYgquz3AKo7ACkAdvg8Wkesi5VSfrPDjfKPKQCseXIFRG5_elKF-b6ixfTAC99zFq22dAIAAABPUgAAAAJoAQcKAB9baD_zenT1TpVF4_ubnUWRtkbPLVO6v5h7rPQST03VmQMraofiVudLcOC2omgVgVHkoWXEEfhQMo2PZnFo6bz3tI2ibpVo11wYtr-uwisLJxVcIY9o5_ePVdFo8CCeLe5KAzDYXJ-aThy9CQMPQ3UVyCVaJvjF4S-rDJyLK8d0Bek_8PjG5J355p7hRq2mJZE2jTdLlzRqMuVMgHXQRBHTRycvTfSP8a6NHS5UqsB9SE61yLJgIerFkyU0E51kbhP2YFRQOb0e1PEuNPVBabb1It2okIC3tehbD0znXJ5nyu9l6qmQeDS_PI8msavgDfAeirH1UDdfaGenAWIw7Xd_66xGr0qJROcrAz6pivTNFilLqmgTAwRPpdqp80pMizoT5L_ccfEKQp9Z1JrdrAPrHYP8naWGMv7zmueIEgH5Hmo55IgoUi-jWFNI3fCRk2IKrXzQiHmrrpzjBDEZreA96k0yHfCvrjGcdWQW0XqyPo_OeEEofiKjV6_bqDefB5gBNc9mrwS7MkKDK2lf5CYVk-Gho6fNiVIqzgf6-Grpm3U7_2NUbtLhcHqAJtSI1T_C9Ha_jtLkjUkOJEO1mhu5AXF3z8ohLLrYxlh0rUFRVQe7K0e-g0LLF6e_jnoddS9vfDh75N5-VlrLTJ-KsDPCVp2XJ8Q7A8zN_HaZMVTGwyQ8VDHMRcUDBr0ywKKIeqf8L1ZLHlxEkahI_4pLLt54Pt34WbAvIiF7zZdjXoTXVrYqFu_ZlyrblRaOw4LdmI8t1eMCNwgDTZD8tGw89eG4lVcHO679OIJk-aaiVkW28BBVRjCEBMpAkA2aOrG4bQYdoLOmYTjdVGkpeJfOGKL0JaFxCB1-wCSpkD9T0gvWTii3ctnLJC5cpAwUHppiunFz1ezCh8-SM6KfmUWJbP7ATIoKm-t4LP5aonBbBfpHQESv7y79xqfE1grtzTx0yykkGNoQg5tA5Wrai-H8RPxrCNyH7li8g2-AxuW5O9hOwwT5CQmlJs0DWzowC2pFsV-ANfJvgfmFfsPc1Bs1dTZB-PwUhi-f-x5tWcog19bjlJ_jdIbZTZ3hlYBb4H-BU2KdkPvEtqlIUZp34cb6IWMmL3lXUzAYZswGIaOAKg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

296752c66aef7e7dd53ce2d26717a83ce5875b82e25b5834cc6688f95bbefec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52345
x-xss-protection: 0
server: cafe
etag: 14406861171711012691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 129ms
57ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxscripts.co.uk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.co.uk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DACD 21 KB
10 KB 189ms
188ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6325c4074a92675033200f2755e770e069afb33e93ba092f081fed977d87b429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10313
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame B453 10 KB
4 KB 35ms
34ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 04:52:16 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 04:52:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame B453 8 KB
895 B 60ms
60ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Dec 2022 01:00:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B453 2 KB
765 B 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 17:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B453 0
0 79ms
79ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxf7dtRedY4K_MN65x_APn_W0kAns26i5bejG6dW8EKOVz_KIAhABIK-_6nhglYKAgKAHoAH8np6BKcgBCakCC1U42QfFsT6oAwHIA8sEqgTrAU_QGGKx93EGur1lNRfCAIRor5pf3zdLTpl7CErDPD5gzbemrl1-_Q4sJZ2SsIbh5iIRN5cejQoFDPcQQIW9eehu_4t0qCxrbUw5rK6WfqVNwqt87sSKC8gj39BYx9mpRNqhxOjEKwqVeF08M8lrNC4SfhZ6oReqsyRBQSuSnTwMdQB2Py_Ia9UBKBYNu1FdU5xyaVWaSWxZKjntfRC6eEl5mDorXQ6tdAyjeLSrbecCJe7v1DVtZn1Kho0DKgnwYQCEXV3uKBE9hWs0xYk_tdl4s26ZFcFH-l9tUSAwg86ZX-TBWPwkUq1KdK7ABNvhpcyaBKAGLoAH_Nbu4AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDHxgfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA4gUAdAVAYAXAbIXHAoaCAASFHB1Yi04NTg3NjIxNTY3NjM4NDcwGAA&sigh=AHuPF8xi6mU&uach_m=[UACH]&cid=CAQSGwDq26N98semwn2EQCYtq3GTnfAgDLK0Z8WIbhgBIBM&template_id=5000

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B453 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B453 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 19:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 19:57:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B453 18 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B453 153 KB
47 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame B453 34 KB
14 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18031500282450636163/ Frame B453 28 KB
28 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18031500282450636163/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752179cf88833cd1679876088793f799e17cc364c521bbf78f32ff9ebbdee2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 08:24:10 GMT
x-content-type-options: nosniff
age: 492556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28487
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 14:00:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 08:24:10 GMT

GET
DATA 200
OK truncated
/ Frame B453 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B453 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B453 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910d7d1b0c570ae7e850e1aeb4178e591a9742d92ba593cd17b0afc8bd01660e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 15F5 640 B
265 B 60ms
59ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:26 GMT
expires: Sat, 17 Dec 2022 01:13:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F8CA 91 KB
36 KB 91ms
90ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIEn7CpThZooXsi-eEeMf4r5xAZ2LW_CZ5QUqCIj6fXh9E4IKIdY_pbQqCLJVJqlHEv_bBkm7L6g8Ffd4NrIyO3dooBg&cry=1&dbm_d=AKAmf-ChkYOArZd96j2Wio3DwrCdROPh-sFS-Hd8Vm3eNIh6n08JQ06l_ObsEdCFz5z7zjNoQyku3zYZmc0C03y9Er0GHUawcO2VXRIX5LLVbPX8jjBqbzq_EV6tc2QOPQ7RHUfPRKDe2zxn4lLcDGKunSa5houGCZBM0lImJjOiYaTQdtF6tTZDkXGA1BoKxXbp_MT76piXamo-za5Mzc-kkzpz6hVU77ensukRzX_oJ18kW-PAVarvMwrcWwe3wk3sJ4f4tMvNHLBab_N9vNw3EVyJNkT6MqC362tT5pddjjigArXnixQQgaCfFtYJRwCa1sU_UcpiTBNzXZuyxcJFZNrbCDTUjKsUObYLEeYZzw3rneckU7oZlRYFBHkCucskSG7Si8jNrnhc3ix-T6vR6qoN9sQkY5sba3SjibU0cJ1jBU2QAKcNWyUSe0x94dFrf5a0fdvXb0_VVmPLVOUriLp1QcmcFy3Nahj0QqiReT1Z29Zpq2MaiJSD24SOuedk9Rf1xAWPe5sB4GWv7TCuFOhQYZQRgnAeCNJccR55-M4zqIrUgqy_jEl8vFvmvxvCWQs7d6Ms7euGoH870nJuIqfHiCe7JmuhzAzFeLjjdowhcDZZs5x0ORPC-Rcnz6t2iCNJtop6H71zvxqMVj3SLESMXOj0EgwsOzf0i30x9YWAz_jQFCL2Uu1mhA4RVWTErzz8trA_-JrXbLyZnaHhJXQxCIBoxHWJszcFaEu2_z-qGio6WgZkCtZBm2a9K9ebQg54PKCEyhj9VHvKr6janph-fe2L1ueRKMPc9LquZKc_EPCbNimt1I1_DT1jRE3CllaLtmQuueP0cmkCsIxHiCnTYRbdEUpvEhCL_LicLB68Yfh_YFd9H5jjuNXvAvKeCNGJfN4FIeyw12EGKXc504QaDXVFS1hTKSlMMRQ2BPQPnR1vlUIywtv36mWSs1j-4pjEsEXs-yhcYluA2lD0d7EKTQPVrJ6WdeaGbyncJ0o0NDCGuRCNjC8abhpjSCHCBGMy4t7fg1ximEzPjpMqrM139Iu4bFG8M0siT0-TWF_P__lEJrCNkbQjjI8-a7hq1qHeDMa31-t1UBC7PTBe5o3E2t9pF2qMw5T70gUeJfyRzK203jA2W1LfQKYMGEzgsILDAN8BnV2XecGcvnAqRVR0ykkP5lQjGgEhr1VMo6XOK_Zroup-GrMxmgAY6yBTpbpwywm2gQ8xvsmgLyI6tVfHh5WhkQPvFb_Tq-GKdjM53e74w372CnN54gpfq0Yxl4GtUiFMuSs4f_deLk2Mnu2ZqZPRvp0LMUuEOTKQNma8NVhoA4XIJtUa0wDL76rJxicDQQU5tm8GOM_68E-MSQfSWKuTK4sknNzlSZIc5sbbcpaZvYjzLOpTOt2F4Cxlt-PeK7RFIKQwYeEHMsklo8B6bApf-FFUoHvVWqo9sDIXO-FvgUb88dg5B8VTquamSKkYaDCMJ_IdNlH-sSNp6UmWbFkA1HK00V4zAVZmFU8YaMfSTgIxZzIAhJU3s6KspV4jLIfkytpmnMZC0n3vE-vt26MkznsIYZH8QSyplDfEVefBjfjueht-MR8qwQlBBddO3gk3szT1t3tO5Igt9NP-GReWpPjRHfRy6fQ_yl69ArGHtFytzK-CJboincahX9PPIZxYV5sPjg7KM4c5-bzmIYfJQVEOnQ00VfPJS5Aa0CwWa7HW3XRYtfzWBtAKe_lRhRfkggVXrOmsTT85B7c-_cYsVHaWhl1oyVWYEumNGhFXMSX-Ypm8fv3aOH2UZqxqSWMkydgH3x3tJoWyvnvr446xrOn7jsir7U8gC1Rc-LK8M-XnTS7-K_EqyIrFzZ0lVrQDv5AYcgJ5QmLbCiUesh_Mb8WLe6Lkk-oAtLXSXgQ65b-Jf27pMOZs7tBggbviiAFqKOFHjUVyN-NrSyNjLq6YUtTBce4Z74Re7H4aIHBFfUF3gRLlTALtz2vFNCeDClpG_yXywXuyZMg9WSxMiG9xa0PeDdr9Li_jIahA2u301OUYTLmnx2V6g1XLW3eyPaAAPHZbRVc04GW9rA-oXB0qsuwUZJ6-aK4M4uHftJIxl1IbUVEnVgRNQY4tZKPcPERqfeL0jz0JF92XQmjcmQKFbFgDD2aTvFjEoJ2dyaW_GzqhRq-ITRRL8sH-1XrK0AmW7sYR269R8aUmMRBYY4R0RoEq6yZyK6K_j3YRBbmUZgkD-8oLvQ4IFHr_B2UjAqMw2kXDIeXnofXt3Uu4Jwg9ATDykBePfZYJUP-5HkmS9jVQv6PEx4Xr44qvqiLhOeWiAIbXlpSDiNg4K3x8FqONEvIGnABbITWwSlKeWaLUaEodPuSCahkVY5aFEoNosFl5tu7Vt8LdzW4MRTXMMXA5KhWnJH1HPKb2_uodBaoSJrHajb-BECNny2-pRP1rZw7zbdFooAqK8N3kPu93PaKjjX5pX92kp_V5GAzMc-9lvn0tsT_bEos9A3lSmjlmeYWF2d8BvkhUQNSdbRuLeoLWj4pV3XmccxFiUje6Bmm9EqSxiXyH65w73xqu6DitKiuxaU_-wESMSlBte-KuHKUMYKtFLpAjNlrOUsThTP6Witw3MpF4OcCNoL-uxSMHH1Nqrtj3JvCX3ZD8eKKxNzBG-VBTNvct4eZ8dN05-hl3mGgZP9_HL8WygrEpWDXU8mJmToVhEiKXQ9No_go0rKHWS1_v5rIYA_5pGec1pavIUn7RXM1At98ouJxHwivHcfPMgVQKC8NDM9U0B_4f7HBXEaJXhQPWjuKko1AhUOQITwnQmmxpUa-Z-sOoBjIc0BgOnvwE8GmiqMhQJU9M7E6nXobV59-dSo3kQKCABUAHf4gVbWIebmRnCfpxLkJ-11DJC2GpFr6MyHWz2rkc2MPFG_oBHxiTJTWUmkU6q3DW-vLznBA7AHKFbGdEFipn9Uocj5AkI86MDDnEyHYAvf1iI9s-9uUk0X31pLfm0v-X0vExMWJSYBOcibeaUkNgJe9mJRPUftfIhfCeyXJP84GM9UFlI4ooMrmW2QFv3pUq1VxQLfLwa_Kp1xa9Dh1UsUfH9G94jMFA9BpgMMl-wIQ4CBehPSpMQrrXdCfGB0ZCWVaPd9nyNbxfQGGLZO5caA0PIA8ZZIpaCcnKkGScq7mvlqUPMChdekRoZRhYPhwFGvAYyNJj3bjRPjoN1aEQPxEq&cid=CAQSOwDq26N98kYAf1uYFn34SePtho1aJYYB8bDygHwjOCXpiJk8EtXng3ln_fAiI3_LrC1YY35tL33jVST_GAEgEw&rfl=2%2Chttps%253A%252F%252Frobloxscripts.co.uk%252F%240

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a5cb3506c68a4cd16fde556ae5c498c6edea33ed01a90b49dda7d0f164ea63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F8CA 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 19:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 19:57:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F8CA 18 KB
7 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F8CA 0
0 154ms
56ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhMoUxB-vEmdfuJcY3Ayt3mXJitXxmDf4xf9X1EqeZOB_LbRDltmGYrzORujlcEsoMhKMBPBDTGZ9qmO0WtHTpi53Aog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8CA 153 KB
47 KB 83ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8CA 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnBTbyn9U6T-IRxt_wQzYxN4EAJ5NbtKMO96P_ydmwNUR1ZvDtXP_pCZkKVsBErozZ0V4z-CZSQvCAjjvRHVKYI9SPvyUXskdgN36fNLtjtNxy2l0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9436 15 KB
15 KB 66ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 16362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9436 15 KB
16 KB 67ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 376114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9436 15 KB
15 KB 71ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 106271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame F2EC 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 21:12:14 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 15F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqaL6ozyIBpTFNrHHq6DKY&google_cver=1

43 B
273 B

93ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqaL6ozyIBpTFNrHHq6DKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqaL6ozyIBpTFNrHHq6DKY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 15F5 43 B
145 B 159ms
33ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 15F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEC1TbiXd-5lIV01KLCQTnds&google_cver=1

23 B
172 B

112ms
46ms

Image
image/gif

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEC1TbiXd-5lIV01KLCQTnds&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 01:13:26 GMT
pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEC1TbiXd-5lIV01KLCQTnds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 15F5 23 B
172 B 190ms
58ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCEFBDI4JukAxjWjMPbATAB&v=APEucNVKs7-03azGgIgeznvLIb1tuO1Pepix1zRU93a5a5fQfPa5aFwkl0X3WvafzJfwhugO7pOw3LgUcNpL33t2Tt-GFdG1aGGIkNNX2QqNYkYJypPQoJmLAwdicNovEYAGCaRzVGtgn-CRVxGjifUI-C8uQTtNUoKhnDgd9igbWuPpTiKbJqs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 01:13:26 GMT
pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1221363/67517898/ Frame F8CA 46 KB
12 KB 218ms
47ms Script
application/javascript 34.248.84.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1221363/67517898/skeleton.js
Requested by: Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.84.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-84-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e218c7239f2e374dfb0722376943d749f2f6df6b1b6b1e75d57a96b3f5c187cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F8CA 106 KB
37 KB 111ms
35ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Dec 2022 01:19:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame F8CA 8 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIEn7CpThZooXsi-eEeMf4r5xAZ2LW_CZ5QUqCIj6fXh9E4IKIdY_pbQqCLJVJqlHEv_bBkm7L6g8Ffd4NrIyO3dooBg&cry=1&dbm_d=AKAmf-ChkYOArZd96j2Wio3DwrCdROPh-sFS-Hd8Vm3eNIh6n08JQ06l_ObsEdCFz5z7zjNoQyku3zYZmc0C03y9Er0GHUawcO2VXRIX5LLVbPX8jjBqbzq_EV6tc2QOPQ7RHUfPRKDe2zxn4lLcDGKunSa5houGCZBM0lImJjOiYaTQdtF6tTZDkXGA1BoKxXbp_MT76piXamo-za5Mzc-kkzpz6hVU77ensukRzX_oJ18kW-PAVarvMwrcWwe3wk3sJ4f4tMvNHLBab_N9vNw3EVyJNkT6MqC362tT5pddjjigArXnixQQgaCfFtYJRwCa1sU_UcpiTBNzXZuyxcJFZNrbCDTUjKsUObYLEeYZzw3rneckU7oZlRYFBHkCucskSG7Si8jNrnhc3ix-T6vR6qoN9sQkY5sba3SjibU0cJ1jBU2QAKcNWyUSe0x94dFrf5a0fdvXb0_VVmPLVOUriLp1QcmcFy3Nahj0QqiReT1Z29Zpq2MaiJSD24SOuedk9Rf1xAWPe5sB4GWv7TCuFOhQYZQRgnAeCNJccR55-M4zqIrUgqy_jEl8vFvmvxvCWQs7d6Ms7euGoH870nJuIqfHiCe7JmuhzAzFeLjjdowhcDZZs5x0ORPC-Rcnz6t2iCNJtop6H71zvxqMVj3SLESMXOj0EgwsOzf0i30x9YWAz_jQFCL2Uu1mhA4RVWTErzz8trA_-JrXbLyZnaHhJXQxCIBoxHWJszcFaEu2_z-qGio6WgZkCtZBm2a9K9ebQg54PKCEyhj9VHvKr6janph-fe2L1ueRKMPc9LquZKc_EPCbNimt1I1_DT1jRE3CllaLtmQuueP0cmkCsIxHiCnTYRbdEUpvEhCL_LicLB68Yfh_YFd9H5jjuNXvAvKeCNGJfN4FIeyw12EGKXc504QaDXVFS1hTKSlMMRQ2BPQPnR1vlUIywtv36mWSs1j-4pjEsEXs-yhcYluA2lD0d7EKTQPVrJ6WdeaGbyncJ0o0NDCGuRCNjC8abhpjSCHCBGMy4t7fg1ximEzPjpMqrM139Iu4bFG8M0siT0-TWF_P__lEJrCNkbQjjI8-a7hq1qHeDMa31-t1UBC7PTBe5o3E2t9pF2qMw5T70gUeJfyRzK203jA2W1LfQKYMGEzgsILDAN8BnV2XecGcvnAqRVR0ykkP5lQjGgEhr1VMo6XOK_Zroup-GrMxmgAY6yBTpbpwywm2gQ8xvsmgLyI6tVfHh5WhkQPvFb_Tq-GKdjM53e74w372CnN54gpfq0Yxl4GtUiFMuSs4f_deLk2Mnu2ZqZPRvp0LMUuEOTKQNma8NVhoA4XIJtUa0wDL76rJxicDQQU5tm8GOM_68E-MSQfSWKuTK4sknNzlSZIc5sbbcpaZvYjzLOpTOt2F4Cxlt-PeK7RFIKQwYeEHMsklo8B6bApf-FFUoHvVWqo9sDIXO-FvgUb88dg5B8VTquamSKkYaDCMJ_IdNlH-sSNp6UmWbFkA1HK00V4zAVZmFU8YaMfSTgIxZzIAhJU3s6KspV4jLIfkytpmnMZC0n3vE-vt26MkznsIYZH8QSyplDfEVefBjfjueht-MR8qwQlBBddO3gk3szT1t3tO5Igt9NP-GReWpPjRHfRy6fQ_yl69ArGHtFytzK-CJboincahX9PPIZxYV5sPjg7KM4c5-bzmIYfJQVEOnQ00VfPJS5Aa0CwWa7HW3XRYtfzWBtAKe_lRhRfkggVXrOmsTT85B7c-_cYsVHaWhl1oyVWYEumNGhFXMSX-Ypm8fv3aOH2UZqxqSWMkydgH3x3tJoWyvnvr446xrOn7jsir7U8gC1Rc-LK8M-XnTS7-K_EqyIrFzZ0lVrQDv5AYcgJ5QmLbCiUesh_Mb8WLe6Lkk-oAtLXSXgQ65b-Jf27pMOZs7tBggbviiAFqKOFHjUVyN-NrSyNjLq6YUtTBce4Z74Re7H4aIHBFfUF3gRLlTALtz2vFNCeDClpG_yXywXuyZMg9WSxMiG9xa0PeDdr9Li_jIahA2u301OUYTLmnx2V6g1XLW3eyPaAAPHZbRVc04GW9rA-oXB0qsuwUZJ6-aK4M4uHftJIxl1IbUVEnVgRNQY4tZKPcPERqfeL0jz0JF92XQmjcmQKFbFgDD2aTvFjEoJ2dyaW_GzqhRq-ITRRL8sH-1XrK0AmW7sYR269R8aUmMRBYY4R0RoEq6yZyK6K_j3YRBbmUZgkD-8oLvQ4IFHr_B2UjAqMw2kXDIeXnofXt3Uu4Jwg9ATDykBePfZYJUP-5HkmS9jVQv6PEx4Xr44qvqiLhOeWiAIbXlpSDiNg4K3x8FqONEvIGnABbITWwSlKeWaLUaEodPuSCahkVY5aFEoNosFl5tu7Vt8LdzW4MRTXMMXA5KhWnJH1HPKb2_uodBaoSJrHajb-BECNny2-pRP1rZw7zbdFooAqK8N3kPu93PaKjjX5pX92kp_V5GAzMc-9lvn0tsT_bEos9A3lSmjlmeYWF2d8BvkhUQNSdbRuLeoLWj4pV3XmccxFiUje6Bmm9EqSxiXyH65w73xqu6DitKiuxaU_-wESMSlBte-KuHKUMYKtFLpAjNlrOUsThTP6Witw3MpF4OcCNoL-uxSMHH1Nqrtj3JvCX3ZD8eKKxNzBG-VBTNvct4eZ8dN05-hl3mGgZP9_HL8WygrEpWDXU8mJmToVhEiKXQ9No_go0rKHWS1_v5rIYA_5pGec1pavIUn7RXM1At98ouJxHwivHcfPMgVQKC8NDM9U0B_4f7HBXEaJXhQPWjuKko1AhUOQITwnQmmxpUa-Z-sOoBjIc0BgOnvwE8GmiqMhQJU9M7E6nXobV59-dSo3kQKCABUAHf4gVbWIebmRnCfpxLkJ-11DJC2GpFr6MyHWz2rkc2MPFG_oBHxiTJTWUmkU6q3DW-vLznBA7AHKFbGdEFipn9Uocj5AkI86MDDnEyHYAvf1iI9s-9uUk0X31pLfm0v-X0vExMWJSYBOcibeaUkNgJe9mJRPUftfIhfCeyXJP84GM9UFlI4ooMrmW2QFv3pUq1VxQLfLwa_Kp1xa9Dh1UsUfH9G94jMFA9BpgMMl-wIQ4CBehPSpMQrrXdCfGB0ZCWVaPd9nyNbxfQGGLZO5caA0PIA8ZZIpaCcnKkGScq7mvlqUPMChdekRoZRhYPhwFGvAYyNJj3bjRPjoN1aEQPxEq&cid=CAQSOwDq26N98kYAf1uYFn34SePtho1aJYYB8bDygHwjOCXpiJk8EtXng3ln_fAiI3_LrC1YY35tL33jVST_GAEgEw&rfl=2%2Chttps%253A%252F%252Frobloxscripts.co.uk%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F8CA 30 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 13:02:25 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F67 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=150&slotname=2326725992&adk=237377007&adf=289864595&pi=t.ma~as.2326725992&w=728&lmt=1671239605&format=728x150&url=https%3A%2F%2Frobloxscripts.co.uk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239605493&bpp=3&bdt=524&idt=199&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x150&nras=1&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=cCcYIlGP41&p=https%3A//robloxscripts.co.uk&dtd=202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 21:12:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F8CA 41 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 13:02:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 607F 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F8CA 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3169d8ad2bcafc9a407947845b207dc131727ae678a0bded15dd2040591a0906

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C64D 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 13:02:25 GMT
expires: Sat, 16 Dec 2023 13:02:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 607F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1&google_push=AavPq0PF0z4_mopENF8uu0BV_FtoSSJCEqX7GGOupy85zVMK2iih292x8opjHRVGCJGYswZDlmErlmn_0meYwiKuWA2mPBniESNIxQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ0NTM1OTEyMzMwOTEyODU0NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1

43 B
398 B

86ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFc-RCpVbbl3K3lQlfLXy30&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 607F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDBhUDRUV1oxUDZsTHg1&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8p...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDBhUDRUV1oxUDZsTHg1&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8pmJ4RRR6RVQQ9HRndOyIq3qEAzNgsjPdP2XgGAhV0zsKTdL0-QSMcuiQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 01:13:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0902e59d1fecaf133@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RDBhUDRUV1oxUDZsTHg1&google_gid=CAESELhy6mZSrxcdyhb7gA0QBug&google_cver=1&google_push=AavPq0OwYFUVO3WR1RFsjZjXjacRk3s_0YokrJG4G_G3s8pmJ4RRR6RVQQ9HRndOyIq3qEAzNgsjPdP2XgGAhV0zsKTdL0-QSMcuiQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 607F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDn_aQfatXtq_w-lHJ5COv8&google_push=AavPq0Nz7HjJTP5bM47zCAxU5vE356VMRbiofiwYlVNZhKMXgGLrMnosJI...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDn_aQfatXtq_w-lHJ5COv8&google_push=AavPq0Nz7HjJTP5bM47zCAxU5vE356VMRbiofiwYlVNZhKMXgGLrMnosJIBxpJdnFXaGB1MB6vpviHixQe9-WxgYY073BA9gC3h-dwI

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220083-HHN
pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671239607.976159,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDn_aQfatXtq_w-lHJ5COv8&google_push=AavPq0Nz7HjJTP5bM47zCAxU5vE356VMRbiofiwYlVNZhKMXgGLrMnosJIBxpJdnFXaGB1MB6vpviHixQe9-WxgYY073BA9gC3h-dwI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 607F 70 B
265 B 172ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDNmq7uF9hxdrWPLYAGMDBk&google_cver=1&google_push=AavPq0MCZ43V4nCt1Q1sp-L8iwqzjOJyLDBWKi0aXwZ6PCEr6FI9qMI1DLJnXbdWk_KnzGMy-6JnhLPg-8BlKTMadaQgBRofMnBZwv4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 607F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAHxmk7gBYgWqc6z6YzbYXk&google_cver=1&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAHxmk7gBYgWqc6z6YzbYXk&google_cver=1&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZ...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U&google_hm=kEMBjEqYQwWS8hP0HESM...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U&google_hm=kEMBjEqYQwWS8hP0HESMow==

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U&google_hm=kEMBjEqYQwWS8hP0HESMow==
date: Sat, 17 Dec 2022 01:13:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 607F 43 B
351 B 93ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIzat7aufjxYK3vHOv6ZUQM&google_cver=1&google_push=AavPq0O3q_BHy3HnKrb7iP8ltpCduM5TYHc_WKQYceSf3Uvpde7VxlSmvqJGuJWOYCzv8_zQnqCjeWcxppkcukpKBxnTuhuioqwa1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: k1sovr18bu567jqerarbhfel3eco8ifr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 607F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0v3c3oe0QWSLgywu2msXQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0v3c3oe0QWSLgywu2msXQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NOV5FuZ85tuDu5wYwB9TIMgMAuFJCioKkCPxXRIuIijpifyr_EhkFzqfzMoRn7kcntX6MFMzRjqYgaMYI3foLmtRhXF6x3OE0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0v3c3oe0QWSLgywu2msXQg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NOV5FuZ85tuDu5wYwB9TIMgMAuFJCioKkCPxXRIuIijpifyr_EhkFzqfzMoRn7kcntX6MFMzRjqYgaMYI3foLmtRhXF6x3OE0
date: Sat, 17 Dec 2022 01:13:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 607F 0
12 B 31ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KC9zSqiQvkC-_77zNXgn-KunNDnoqkxOkz5mosppKrqIVB6TvtRl7BacN4H8z6MSOYfrVe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 5 KB
2 KB 108ms
36ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f04aea37e929417a9c467ea7b65bac2f3b5fdb4f96eb602dc2ada344df0547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 127921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1548
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 13:41:26 GMT
expires: Fri, 15 Dec 2023 13:41:26 GMT
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8CA 0
0 69ms
69ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkyNqpecam28fZph4ty3Pwd09Fk3_8mjUkFHS-CCGD53kqLNWrWgaeE9vAdgftg2OPbo24fYZa0XtlsHtzIST0wUrBQTU7I7MQGeSpCeQ2SSOP5l4yXq6Z_FnicFZbVe6D-qzwaE1OaqH-sISVOngiZUKNGY6NbCrIPp9qby5AjZ8HBbDMpQyaN7v-JpUB9LVjhN7vPP1TTA8T74Cdsa4jM1qo9732e4o0U5oTfyOgx4Rbqr4EzK3cILvmRo2aXLX3lz2Yu6kKhDBsqh2VbFucm1jejg8mdeTdbR1W-WEtgwGjmDenMZTcQ9TFrJZl_GviaHoUDi9uzl3G9nfEPakoOY_ubwZrBeGnC9LqfY3yQ9YwJHdUm54MbXS7SO9nfzrP_SU9F2QZSuagYW4aH6fdd5Icco_tNSh8ePWSmbfB_5FhZBd6AQ-oPZW-4iOFUEuOrSZ_LU-PUsLYW8AbZ6tN3gRuC0m_jkzxY6zvpLCZv2ecfA3It9wKSylVaCjLYIZvheLNeuZv410mnlKWPdFN1gP1VNuXKNICzqOTGHHXqbiXyNmXbpbQnUmNPGdHjpYPQmC_jqYFDT3QRvZif9s5AKg21Q_UcfR4CFyA_Tg_L-BcbaLKCFQlhi93Y_umUqtku0cV63jyAafy68ibJs5TdZwejhmcgKpCzc2PBKrkXL13zEq9lztTX6TYYX4DWa-a5TmwRbHEyu-xD21-r9nDY07rsr8bIuRYbgcvvrel5V9eBHmdtcL5ShDi2gI6COzgJSTc7yhhvvmW_7p8PIFgtQbSVBFvpiWhPLyhMj3ZD3Q-jHj6PaTQ7RMYU7B-Bm2S00TvuruP2CuN3RxQS2a4kmYeLjEw0ecq5Dr31jZBxXUMS-NrfV9S_KF9DV_OH8wEYYZ9frGVtuvFDmpVgn0BQnxwoHbdpixauF4lXA64vDBU7ssnHzhi4VuDYA6shNJEgn-us1ygo2szbxMTDrOMTM0-QPGvPNz3iF9rQOFuFQ_aJnAMGU42gQGEztgE6Gg7_u78SDlkote4vqzumvj2AWp0YJdtRLuOHEvJszkWJtf-Qt-TFGTYV85osQeoBoxX6rqUiA5IFGFlSclgpcEg0HrgrS_NND9AFQrQXGBy8P8PRk6oH7-ibTWTr_gtzIOeiIb9i9MTOnpsWQQbiB5R63h0qA3cxzCxHd16QN7OHw_1ST0fk3sQKDMd9JCBrMxX5k7qigapoo3tamOGhjsLrmEyXMzUk-QoVBxI7aFjZEW82bfd2XYLVR0vxlbB&sai=AMfl-YSv04Ze6tGjHiy2QAeEyY1JZXG224mhhCPT4tZLU9qXregQADi3ah0TMwBlxPulEqTa-b4F-ZN0JapWxCCM_j2mbrJhldoFk8rx8joCWHmzALeQ__6XdcFPAVDpZRtnIbf-zGwPRZA5i38WTgUv0dlZa1AAw38iFjYo3WUANnYZAQix3jtrx9gu9b9Zqw_WjzPZ_WerK4S4_TxhstEhgxWS8GQFFzLntMFqGPHaieX7pd-mju8rpim8t9iPqT075WG8XhhYdCE&sig=Cg0ArKJSzKDVH4ackrhDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=150&cisv=r20221207.78686&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 01:13:26 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame C64D 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 21:12:14 GMT

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame F8CA 199 KB
62 KB 133ms
36ms Script
application/javascript 2600:9000:238d:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1221363/67517898/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 350209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: QHd7LKiw0x0hLeyOBNh2trJJJFHoFU_fDz7f2IPfLrqrI0VccOqE2g==

GET
H3 200 style.css
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
526 B 36ms
35ms Stylesheet
text/css 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76d8973ba09de04de591a677b1d4da3ac9c82c3cd5884ca017d92550929d5e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 497
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 logo-lotus.svg
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 3 KB
2 KB 36ms
36ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/logo-lotus.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

758a7336a1b81a836167fbca4164c2307d37fc2e9cb818c4f937a51533a52b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1611
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f1-c1.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f1-c1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb3ca91aa3dd33ef51a55a6d1197bc7fa8d6988ded0725bcec2a104ab76b87d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1830
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f1-c2.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
2 KB 53ms
51ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f1-c2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cae25f064cd9d5a6c11eb02d7a4812dfc278cae69f4b0b57ae119761f4ac0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1661
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f1-c3.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 140 B
167 B 52ms
50ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f1-c3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f1-c4.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 140 B
167 B 51ms
50ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f1-c4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 26 KB
26 KB 39ms
37ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/image.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c5dc808b73642ea8bc1371b6c69ef0c237065cbf5d08ec1c60139307543f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26250
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
2 KB 57ms
55ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6271b0b10a31e5bdf138a7d732352aa3ef5014c2df7420d977fbc1cdfb3efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1760
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f2-c1.svg
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 3 KB
1 KB 55ms
54ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f2-c1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9b6f50d8a29466dbf96cedcd508d13cabd35250fd220cf519199e11e700904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1217
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f2-c2.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
2 KB 88ms
86ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f2-c2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

535758323c8ca9e554a4399b5467297e554e41f053cb074832f14c541489f266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1938
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 01:13:27 GMT

GET
H3 200 f2-c3.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 1 KB
2 KB 55ms
54ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f2-c3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b8e48946fdfcbb8befe57cff45fc8fe00f32cb4abb8bedcad6728ae7baa934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f2-c4.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 140 B
167 B 54ms
52ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f2-c4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 200 f3-c1.png
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 1 KB
2 KB 89ms
88ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/f3-c1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc61c7da0868bdecbb8ffa6e1f25e048f9c7e792df528b111cc513f35db1d8b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1519
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 01:13:27 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 354 B
279 B 53ms
52ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb571aa38beda5e75b0f19273c33cd519c40848c84f33558fa0ebc617f7f42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.3/ Frame D986 57 KB
21 KB 74ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957d3ff52f3444de4878fe88763f1960eb306cbc8ac67779b5101a195bcd6433

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 113175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21014
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-e53f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be%2BzCnVwRmszMfg3JavgGxg5QXd%2FoLwjIJVSZt5ydeFUUEyjLDIgn5Wh2Dx3Wa15pK2TX%2FL8AJxyUeCrD0DAG5DkaORSQeneouXuK%2BgwEBSzo0fOkHjUL8HAcgJuqsbuh5c9zqOKa1TS9SnDb%2Fx0gag2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77abcbd888579bbe-FRA
expires: Thu, 07 Dec 2023 01:13:27 GMT

GET
H3 200 bundle.js Show response
s0.2mdn.net/sadbundle/4529212931815632889/ Frame D986 2 KB
503 B 35ms
35ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4529212931815632889/bundle.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7546e6af72bb0952f89ea27f904bf49e8e78555e5d33958b02221782c7b07259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4529212931815632889/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 13:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 07:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Dec 2023 13:41:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C64D 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc0z2thedY5XbJoOY3gPuj7PABAAAAAA4AeAEAg&bg=!LC-lL2vNAAYgquz3AKo7ACkAdvg8Wtva86mpmyTYPPIy8XfYc_8VfOhCk9sYCQbtxNip9bGGe3MfLQIAAABiUgAAAAJoAQeZAzhdR8NL-RqTuCafbNFgGzXkS73u-ZsEl9pq8j7c-dXw3iAajegPixOeke7EsnuE8FZ6ffB-rw84FX3WetseA3BNwJDXMVvFHh2DObLj_6aLUqEXgQPxHA_6Sgsa0QdtlrRGnWAY6pGn5MUk-7Bpm4OJLVFtQJwcUkTO_7WQepQhWtjVmyG6029J4CaMiVwDTONWzOCxG37cSRKwYc7H95cVFA0X40bJpFYy36Jq_OUimgZ7fZjqL4xhbnisviEU-OXecUPzCbtL-oPKON0G4qz2Q-qFgHZXddhCdWP1qlorw4q-9p1ko-vuWTswg-7KbkltK1jjHYnXfQvADpURwm1OA_If8-mKwDRwcT-esK7ynW2J4FqlTxQiYMSiLEHyLFVKyZ3lsgL_5C4oyovCO2iUckQ2cvmrS4KvSoYI-ec5s6wOw9wzXZFNJZxUvf4X-55GtxD_aj6EI2nz1RIUSdXxMb3NCoCECqUOopffZ85lLFzJtDV5xZ7KIBF0XMtci4AeeenBX3z5UXGDvlCCbCvnaQQc86dhoBw2C3nM1rlJjq59DUAfX3UBBQEIcoUJv9niERDyqjk-meUPsaHKtGZEWF9S6g-w3NIdtqoDU_U7Pwd5ti5ZRirerSvNN5Tm48c1sp8f2hMCNQCGPXsK57gSnlFON0fP5TwkVPMBaMLBAxj33XXH5gx4GvF9nsKSGYtGwlX0DMHFN7T3YMTBiUCDKmdIri_3sUm215V3YH8f1tv1bJjwBJB06bWSK1-2sD70Xd42h8DwAGP3y0fSMlgNMLP-R8HBAM7bEZWWxwBv8YjmfvlKuS7Wv-bdvK3uUE6QrptqUZnxM3QtcBNqx1zyNOXi86QkR6y81DMZKYRCsEG4YMxmJjWgxImOXfbxukUdvKDLrJ5A1zubGg6mcEqOKeRMhUXjNKQNzmq12Wm3URi6jBCMDdBW142m_S5-07_Ykz9-AeeqpEYgXLcRJYpxKEaQPErJCcBl4gk6_v-X2DF5cKPAjdXfsSXZJSUpeVGZq6ZVSGGaw2gWUbltbW9M5zWYX79jLwSCNqOHvH5CkubQOAngFRHLVd22GavWptIMJ53ND8Wh0Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F8CA 0
0 60ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkyNqpecam28fZph4ty3Pwd09Fk3_8mjUkFHS-CCGD53kqLNWrWgaeE9vAdgftg2OPbo24fYZa0XtlsHtzIST0wUrBQTU7I7MQGeSpCeQ2SSOP5l4yXq6Z_FnicFZbVe6D-qzwaE1OaqH-sISVOngiZUKNGY6NbCrIPp9qby5AjZ8HBbDMpQyaN7v-JpUB9LVjhN7vPP1TTA8T74Cdsa4jM1qo9732e4o0U5oTfyOgx4Rbqr4EzK3cILvmRo2aXLX3lz2Yu6kKhDBsqh2VbFucm1jejg8mdeTdbR1W-WEtgwGjmDenMZTcQ9TFrJZl_GviaHoUDi9uzl3G9nfEPakoOY_ubwZrBeGnC9LqfY3yQ9YwJHdUm54MbXS7SO9nfzrP_SU9F2QZSuagYW4aH6fdd5Icco_tNSh8ePWSmbfB_5FhZBd6AQ-oPZW-4iOFUEuOrSZ_LU-PUsLYW8AbZ6tN3gRuC0m_jkzxY6zvpLCZv2ecfA3It9wKSylVaCjLYIZvheLNeuZv410mnlKWPdFN1gP1VNuXKNICzqOTGHHXqbiXyNmXbpbQnUmNPGdHjpYPQmC_jqYFDT3QRvZif9s5AKg21Q_UcfR4CFyA_Tg_L-BcbaLKCFQlhi93Y_umUqtku0cV63jyAafy68ibJs5TdZwejhmcgKpCzc2PBKrkXL13zEq9lztTX6TYYX4DWa-a5TmwRbHEyu-xD21-r9nDY07rsr8bIuRYbgcvvrel5V9eBHmdtcL5ShDi2gI6COzgJSTc7yhhvvmW_7p8PIFgtQbSVBFvpiWhPLyhMj3ZD3Q-jHj6PaTQ7RMYU7B-Bm2S00TvuruP2CuN3RxQS2a4kmYeLjEw0ecq5Dr31jZBxXUMS-NrfV9S_KF9DV_OH8wEYYZ9frGVtuvFDmpVgn0BQnxwoHbdpixauF4lXA64vDBU7ssnHzhi4VuDYA6shNJEgn-us1ygo2szbxMTDrOMTM0-QPGvPNz3iF9rQOFuFQ_aJnAMGU42gQGEztgE6Gg7_u78SDlkote4vqzumvj2AWp0YJdtRLuOHEvJszkWJtf-Qt-TFGTYV85osQeoBoxX6rqUiA5IFGFlSclgpcEg0HrgrS_NND9AFQrQXGBy8P8PRk6oH7-ibTWTr_gtzIOeiIb9i9MTOnpsWQQbiB5R63h0qA3cxzCxHd16QN7OHw_1ST0fk3sQKDMd9JCBrMxX5k7qigapoo3tamOGhjsLrmEyXMzUk-QoVBxI7aFjZEW82bfd2XYLVR0vxlbB&sai=AMfl-YSv04Ze6tGjHiy2QAeEyY1JZXG224mhhCPT4tZLU9qXregQADi3ah0TMwBlxPulEqTa-b4F-ZN0JapWxCCM_j2mbrJhldoFk8rx8joCWHmzALeQ__6XdcFPAVDpZRtnIbf-zGwPRZA5i38WTgUv0dlZa1AAw38iFjYo3WUANnYZAQix3jtrx9gu9b9Zqw_WjzPZ_WerK4S4_TxhstEhgxWS8GQFFzLntMFqGPHaieX7pd-mju8rpim8t9iPqT075WG8XhhYdCE&sig=Cg0ArKJSzKDVH4ackrhDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=402&vt=11&dtpt=248&dett=3&cstd=150&cisv=r20221207.78686&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: robloxscripts.co.uk
URL: https://robloxscripts.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 01:13:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 93ms
45ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f717cb0c352c17232167da933c8df2c9219e24b658c96ad091a97063bba77f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11157
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame F8CA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1221363/67517898/skeleton.js?adsafe_url=https%3A%2F%2Frobloxscripts.co.uk&adsafe_type=g&adsafe_url=https%3A%2F%2Frobloxscripts.co.uk%2F&adsafe_type=c&adsafe_ur...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

31ms
31ms

Script
application/javascript

2600:9000:238d:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:238d:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 26306124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: YrBBcNgnpSde7Hcy2Usnc6WglBQ1Ew2p9DyRi-a5LCUIJaGniWVPGw==

Redirect headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8045 91 KB
23 KB 36ms
36ms Script
application/javascript 2600:9000:238d:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8587621567638470&output=html&h=90&adk=3560408191&adf=2062025852&pi=t.aa~a.1655840814~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1671239606&rafmt=1&to=qs&pwprc=9263488314&format=800x90&url=https%3A%2F%2Frobloxscripts.co.uk%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671239606356&bpp=1&bdt=1387&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D727a952b0a760ff2-22e28d611eda0093%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ&gpic=UID%3D00000b93951812d6%3AT%3D1671239605%3ART%3D1671239605%3AS%3DALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA&prev_fmts=0x0%2C728x150%2C728x150&nras=2&correlator=1414891210728&frm=20&pv=1&ga_vid=151929099.1671239606&ga_sid=1671239606&ga_hid=269102092&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&psts=ACgb8tuFMBj8akTvtJUlpNqsL85dJRLX9Y6cDS-0IEbqxY4m8arObBtC3bPB5XZJJeytZQMcrdodV2voafbr0r6hGQ&pvsid=1940857227105182&tmod=1968973983&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bsZyRsGBfa&p=https%3A//robloxscripts.co.uk&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 7465031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: phtGQizLYcjwuhCmfaZ28NwSu2gtZe3PpfyfyDqITL46xnCSKCoaEA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8CA 43 B
215 B 638ms
177ms Image
image/gif 2600:1f13:800:7782:3194:4465:ce4c:1037
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=fa0fe7c5-624f-64cc-eb0a-675edaba5e86&tv=%7Bc:x0OrW5,pingTime:-3,time:222,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:199%7D,%7Bpiv:0,vs:o,r:l,t:221%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:222,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:199,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~728.90%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqer4ED+11%7C12%7C1311%7C1312%7C141%7C151*.1221363-67517898%7C1511%7C1512%7C1513%7C1514%7C161,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:200%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:3194:4465:ce4c:1037 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8CA 43 B
215 B 638ms
179ms Image
image/gif 2600:1f13:800:7782:3194:4465:ce4c:1037
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=fa0fe7c5-624f-64cc-eb0a-675edaba5e86&tv=%7Bc:x0OrW6,pingTime:-6,time:223,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:223,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:199,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~728.90%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqer4ED+11%7C12%7C1311%7C1312%7C141%7C151*.1221363-67517898%7C1511%7C1512%7C1513%7C1514%7C161,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:200%7D&tpiLookup=ao:robloxscripts.co.uk*%2Cgoogleads.g.doubleclick.net*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:3194:4465:ce4c:1037 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8CA 43 B
216 B 630ms
176ms Image
image/gif 2600:1f13:800:7782:3194:4465:ce4c:1037
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=fa0fe7c5-624f-64cc-eb0a-675edaba5e86&tv=%7Bc:x0OrWc,pingTime:-2,time:229,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:165,bdZ:425,beA:430,beZ:431,mfA:613,cmA:614,inA:614,inZ:619,prA:619,prZ:624,si:630,poA:631,poZ:647,cmZ:647,mfZ:647,loA:652,loZ:654,ltA:658,ltZ:658,mdA:432,mdZ:601%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:199%7D,%7Bpiv:0,vs:o,r:l,t:221%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:229,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:199,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~728.90%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqer4ED+11%7C12%7C1311%7C1312%7C141%7C151*.1221363-67517898%7C1511%7C1512%7C1513%7C1514%7C161,idMap:151*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:200,sinceFw:27,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:3194:4465:ce4c:1037 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ut.js Show response
achcdn.com/script/ 70 KB
25 KB 56ms
30ms Script
application/javascript 2606:4700:3034::6815:1aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/ut.js?cb=1671239605249
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/atg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
x-guploader-uploadid: ADPycduC-pFhw5UdO95yUYsya7dX1FbHwWPWZY3nbreVR6byHMTJvs0B5cGu0qBLLWWH1oaaIQpwHyXqlnBzHnUSIOM54A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:55:49 GMT
server: cloudflare
etag: W/"d5903ccaed951c280d67f4188548e1e9"
vary: Accept-Encoding
x-goog-hash: crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation: 1670939749168345
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ogao178aUQynr14qXMHRDBhE2Cs1YNfPgFOLHcBjuhWqvxSrPruADUvhnwqatFhCKHra2hRf9q1XzJ7dDx%2F%2BdBFyqc5yColr54rlIPJzJyT07Ncbn%2F5SrClB%2BobQBzopYX%2Ftqu08Dwz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71395
cf-ray: 77abcbd9b8e29b39-FRA
expires: Sat, 17 Dec 2022 02:08:31 GMT

GET
H2 200 czcf.php Show response
youradexchange.com/ad/ 204 B
292 B 216ms
153ms Fetch
text/html 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=4eeuagrhna&chmob=%3F0
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/atg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 90a40ed8f8aac2d69fdc1dfa4ccba94816d1a68b7492acac0f7ee8dfb5c27bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 01:13:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8CA 43 B
215 B 551ms
178ms Image
image/gif 2600:1f13:800:7782:3194:4465:ce4c:1037
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=fa0fe7c5-624f-64cc-eb0a-675edaba5e86&tv=%7Bc:x0OrXv,time:310,type:e,im:%7Bimprf:%7Bttecl:550,ecd:84,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:310,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:199,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~728.90%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqer4ED+11%7C12%7C1311%7C1312%7C141%7C151*.1221363-67517898%7C1511%7C1512%7C1513%7C1514%7C161,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:200,sis:285%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:3194:4465:ce4c:1037 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5920 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:47:39 GMT
expires: Sat, 16 Dec 2023 21:47:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3AFF 783 B
535 B 135ms
59ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00890f8a8df5422de6d70c039da0dea997633ac0c8a1bc29b8d32aa6578f2617

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WcE1lneSAmYQYLV7T_TkGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxscripts.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WcE1lneSAmYQYLV7T_TkGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:13:27 GMT
expires: Sat, 17 Dec 2022 01:13:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5920 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 21:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 21:12:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5920 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xp0XLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 display.php Show response
youradexchange.com/n/ 0
11 B 184ms
137ms Script
text/plain 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/n/display.php?r=5726630&atag=1&czid=4eeuagrhna&aggr=2&ppv=1
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/atg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Dec 2022 01:13:27 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ippg.js Show response
achcdn.com/script/ 111 KB
37 KB 53ms
52ms Script
application/javascript 2606:4700:3034::6815:1aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/ippg.js
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/atg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f9493cc648abc9cced7429ff5f89b623e1d696eec387fac8cc1af9c8d5e84e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2679
x-guploader-uploadid: ADPycdu7_NeIBQ-yVMCr-fE_90soNYADuJ8NuYpS1WdPrLQvvyyU3dcFV2nw9EH4rpjXtdbFmTseaW_pgxXc1L3THFcu9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:53:42 GMT
server: cloudflare
etag: W/"372b66cbac7190e16bcef52504c43bf2"
vary: Accept-Encoding
x-goog-hash: crc32c=lTM39g==, md5=Nytmy6xxkOFrzvUlBMQ78g==
x-goog-generation: 1670939622773403
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0yAH%2FUGYhz0jHxXWEm2cY%2F6zckMMbWmmh%2F%2Byj0EpD7RrtXdzYpXFloBG67%2BrhmWRbzDiWNwgwk6UgABRJlQl%2BfX%2BWbCNRWayLt6GrUhKNgqAS3SE8vTagfEkJmaDwmgtyF9nmHF2UKs"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 113749
cf-ray: 77abcbdafa0d9b39-FRA
expires: Sat, 17 Dec 2022 00:54:15 GMT

GET
H3 200 suv4.js Show response
achcdn.com/script/ 98 KB
34 KB 31ms
30ms Script
application/javascript 2606:4700:3034::6815:1aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/suv4.js
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/atg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 736
x-guploader-uploadid: ADPycdvmUQQH6M1T905yJnoBUGHl2eNdvQZd3L_TmjThuQNM8d-BIIYKOXx2R-DabMdfWsmGPHvJnuPaVmZcRdq-Ay9seQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:55:25 GMT
server: cloudflare
etag: W/"416f6928d8f3d8d66655abc097baca03"
vary: Accept-Encoding
x-goog-hash: crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation: 1670939725427322
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcM7z2LdnMIqDN9KAm70WpdZjKPeW%2FxcZ5VkcdrEDeQ4WSgiWLE%2BMKu3fO5i%2FdDwStH4JMEcIc46RmyJDFsfVuFb%2FVJMDuzoTApgIwwZ%2BsqJZBb9OT4Bi6B5jqcpoyHxqAz9WCcQcDoj"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100623
cf-ray: 77abcbdafa0f9b39-FRA
expires: Sat, 17 Dec 2022 01:02:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3AFF 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1940857227105182&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F8CA 43 B
215 B 315ms
178ms Image
image/gif 2600:1f13:800:7782:3194:4465:ce4c:1037
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1221363&asId=fa0fe7c5-624f-64cc-eb0a-675edaba5e86&tv=%7Bc:x0Os1i,pingTime:-10,time:545,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671239607567%7C%7Cc510ff234fe2d084d57655715df55d63%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C9e2687090ff765bcf0433b34b9872616%7C%7Ce5b75e9a67166ff8589abf74512d6cc3%7C%7Cc6e850ed07543272ed35afc912120a91%7C%7C7ef4614bb31f88d533634b04b9e82a28%7C%7C61b34c49428ed0f01366adc35faa4e05%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:3194:4465:ce4c:1037 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ut.js Show response
achcdn.com/script/ 70 KB
25 KB 30ms
30ms Script
application/javascript 2606:4700:3034::6815:1aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/ut.js?cb=1671239607597
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
x-guploader-uploadid: ADPycduC-pFhw5UdO95yUYsya7dX1FbHwWPWZY3nbreVR6byHMTJvs0B5cGu0qBLLWWH1oaaIQpwHyXqlnBzHnUSIOM54A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:55:49 GMT
server: cloudflare
etag: W/"d5903ccaed951c280d67f4188548e1e9"
vary: Accept-Encoding
x-goog-hash: crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation: 1670939749168345
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPPX4kuCjwNZ%2FyrKOAoPjdPoz8HiKI9NFG9OqYc9GqC1bZ3p13QPR8tihxRaHcLlurJViX2VAJtljN5AFp0D5xujfLfvsygfG2VdQptv%2BKijLMoPIxus2inhhaRw61CWyoCbRXNur9i7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71395
cf-ray: 77abcbdb8aa69b39-FRA
expires: Sat, 17 Dec 2022 02:08:31 GMT

GET
H3 204 push.php
youradexchange.com/script/ 0
0 188ms
139ms Fetch 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/push.php?r=5726634&ipp=1&mads=1&position=top&czid=4eeuagrhna&aggr=2&atag=1&cbpage=https%3A%2F%2Frobloxscripts.co.uk%2F&cbref=&chmob=%3F0
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/ippg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Dec 2022 01:13:27 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 suurl4.php
youradexchange.com/script/ 0
0 189ms
141ms Fetch 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5726638&chmob=%3F0&atag=1&czid=4eeuagrhna&cbur=0.5512962067876959&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=robloxscripts.co.uk&cbpage=https%3A%2F%2Frobloxscripts.co.uk%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=2
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Dec 2022 01:13:27 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EA0 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2kuY3g0xauFhUKQM41xL5001EwAh73VbVa1uM0WacwFtxoVV9Qirvnz4x991Wh5gmqZSIR-vL0F_mww80VV11N5DHGXr6D5ZtAqobGVQyit6QVKIvkK3Ko83c&sai=AMfl-YSgMKLbgx2w1_kxgLkHDXDElP3202PFNrEfU4mOzZ42qmVyykVAaa9clBW21ywtso3SFO0dBKGk54UvUuk&sig=Cg0ArKJSzBIZ2k2ps0gWEAE&cid=CAQSGwDq26N9afmKvdQzkcCLBC3kr33a7wnb654TsxgBIBM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=237377007&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671239605940&rpt=648&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9436 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRLizFzT8gUBeKRGPKETT6xQrH6g2B1a4cKV2nqOw9fS2OcYrlMMmfklHqvlINnwBmbVuFZsTrCtpA_QThU1AbbJg4sbC1SaXgk4Na291885SSOLnTFRUoCkFg4pUdKcCCa32c5zS2PJSOyKB0l3h_YQkXxXlfL0pKd0KcSdXoFnXWIZkUIgF80StfereZ6kstPEW0ntE4aqX5rcxUoeVdlk2NHV7sp4OwILsKVGYHgqJeQZi8LNEIgucXTJEnCU-rnwkGP7Of-4mn9KnkRgPkL5wog4jkx_fW6wzdAqxI3InlSYQz0nHnFClSmV9F1idS5p6FfVKFG4RDVzd7k3xCqF5_MG1zaAP2TOUrbFvi9hLtafDI5v4zzXKr6uzEzuXa5ZUXgm0KnmokI70__IjQZ9h4EWtCJ0ndomTrCHlp34_goQAOaF6sRqcZUEwIS1nlPELcHlPo77-iyP9AyagyAiREfAtf7tGTnJf6nyvVMTyErHXPuIEhj7LdLm22iEYYRwp2VYnBaEijpjbT6rbMJu94SB3uOUHdM-BnGHMrg5Ten7ermkMTRR5lAe20d9xLZxG6Ey44vvEM0ToAGxzAN5V0Nn6BSCN2ExccZRqPJg_Xuw3TN090cu1HpJFbvceM0b6gx2abut00ovoxrKpnHdhNgeM-5s0xnytDVvt6agXzBDpCEN1_DWDUCZ3UehJ6QFseaZ7J88cNpdRpbd2l17w4AsmjXaMEz_T6E1V33ul1pLqIGLQuSBSSnpRDcUM3VkkMXJbZCwqtW1BEdfrly25zlTvVHh6PnmzPeObSQmW6yXSHxf_zsYx97wIDmIB6AuJegVzJba8QXHDl3O3CuFrwXCFWGHmijdKedzgoTcsCbhWGg0kg7qpNJawpyYEUmpf4ghnHuKkwMNWdPv_sKF975DLg3R8XGLA_tigv-kJeh3PWJ-BVCWECNzh80pT0_SFye6PW77PbL3z7NzS6_zUxAadWAb-06bE9e-CLeAcGVzJDB1jnb27K8Qkg8g&sai=AMfl-YSxRKkAKvA13PrSQLBqKHFIxfYVTyg9D-ad2CtqJRoRsb9kTvlIeyEVVweyMjtsdNi2_cyP4DWquOyBuIWy-wKvJnwtXMbRApFt&sig=Cg0ArKJSzIL1k4kRv3ofEAE&cid=CAQSGwDq26N9auUy1nFQIEmb23snj87Vmf69fl2InxgBIBM&id=lidar2&mcvt=1000&p=0,0,150,728&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&vu=1&app=0&itpl=22&adk=237377007&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671239605696&rpt=1056&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B453 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRbwJ5jFInX4n-1tJuQndYSRMzGX-YhOt-Zh1M88LjpVGCSqHBnmv99lGmJYXy59I3L4SvYDwmvmercQz5qKNwaxlvYPcDn8tsQJAvxXrpKB6xST6B97wH_zQT9ArOCFMf3RtAlqIX8_zw3IgrhM2nWyZ9fv_8pUhwrbi9ffo6StrkjpXIKFGcxt6wxZHf876yz-M5kna_VoCrBHgmveTqsL_XDVZYIt6Atubz0AJprHSGKJlQH45oJ8-jWzvJQeQsGKXa-L72W1qRxCDs9R6KCtSLAX7_bmlTwY6O2XCzm6bnlzVgzkbbZCewrtvT3Kzocxvwsr2g6A4mtxVSZIfYeLSmnVKrot0zipt_HxgVxV6_pU40WiLUKubuKFuXPrun0wJPM8_-j4QVPI7uCWkB2RheiIi87JCjMyIM_VgfB7yDlm9ZUh0LTXSFqQ95ho5rkE0IZLgiPnij4UNQjAmUivaNfBPAEeugYZA7G7iKCuY-EQQQqfwb9E4Uod788gCxl0SqPrG7_OAbdlt-Ohz9-0Lzw9B9pdHnuUxDtXdL7d7jzkxeu_uklzSghJye2sFjrDXk7D9miM4qkayavD25kbI9-Efsbng27LJWv0AZYmEU14pVpnEMKYGhbUKu02CWxUKzseeNbyaVzaWVd50kngKIfLPwMok3dUlQhtPncpXQEQkvw9DBhzS9OclYe-WlauIGCaOTgubrnwA6IiZCuaozLS3WNg4zdOIqgoGkKpH7ri4gXNQf6VLhfuVOHAy4L642Igiqw3tbNvFbAy5LkfNeikIGCdzVuJ1-Nh999zsY6ur4c76qV4OGdUgPZpEnuWIj5AYtzViI5BswDyoy2HrLsI2QmCnAkk2sa6ZSc8Ex8iDZ8W-vHpXXzVvYvO5xl7n_LP9KnS747hXqd7FRqBXVMiL3kZeJvJGhIQnARTl7NHvBUnYkALutGzl8TPSHUlAqq0YPxE2nDrcYWt6ln1K5ABOlqgqd4ZecCJG882TMjvlLlg&sai=AMfl-YS2Z3RdcZMbMWGd0sdDLXWqnBivzdmnYctoYYXsG0vMU-TmdGiqYlROcoQ3dLRtf0KcyPEirRVWNwj1L4E8C3rp46qGT7BQsRsZ&sig=Cg0ArKJSzEqwU1l7RdNtEAE&cid=CAQSGwDq26N98semwn2EQCYtq3GTnfAgDLK0Z8WIbhgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=145,819,1000,1132,1206&tos=145,674,181,132,74&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671239606405&rpt=256&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 01:13:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1940857227105182&bg=!qaqlqu7NAAYgquz3AKo7ACkAdvg8Wse5WzI6fIx0M7gWz1yS5LEgdP9L9-fw6erqMRIIaepYdxXvRAIAAABTUgAAAARoAQeZAsaKMFNoCmsazf-nEEfIkySYlizL65MhlbG7NvEdYY_stTWfkvcvOOAhGd1yIUQ2WgIqCV2-yomlCArVXZv7m9Y6xtim3i1rwlrLjj4dnTCdNR9pGbVuJxew8qTwV8uhqV-IvtE6JdeXau83_8SPMfhaHVAN5X0VOaSABFrz9lwMGQnrj0qA6nEogHqPjoH_LI1lEEaN-12nNA-vzHEN-hYRajj537cBrxyYoZet3fIAWmTwtRqFpUn0shB13ZUUaEBD58M6eEVrkbIEjg8zvZbcey5cAWwxtSh8A4ayFkRVSkBLnshjjLbq17136csdK_oIrEg8dlsGJm9dGNNqDHm2nR4T1NmOc4Q_7pOCioMlTC17iXLomgsFZwuxiet2_5s-mmG9zfRby_lBvPamo9cHM2HyVTfstFWWYQpWk45C5YuNzvBs2YYbumkEMo9q3-1G57mr5jCku832VCa3TVqyT8LoB2uJE5xmiBv5i3a57KZewZhetHtpWQkM1_98btMFgeTHE7s6JHvx1Whbgmo9skdMCnsExzwlVw2wSB9YjlBYeOSTP4Lw3as45lDyqxsv6tWKSEJD5Zv2ZFTvhIx1D683npzJMF9f_MEiPWkSCz4EldUjhi6hZRwXTBLUl3ztZwMvWN731ARNw5Y5PAsVphAxUGu1cCb2gjpWa13agONhnXnJpVYRNZiBbGKkhltYa1ykXc-QqO0RB-IYeNxEa3orakzA6bh4F5QjZOs8FHsLMVAx3R2pHJoArfLkogw2fowhuVHy8_1NnxBLmdgOsEcN3Jnp1dB77EL81TbHCDTmKIoU6O687TsTvvrw5K243kSmGT2CrNoJ1neJ_bI5Mrxw_EbLkVsKF1SzwJDHK7sn_n2SSbr98BiEKkc3WFl5qsLIrEYPRuktZ0nYQQp_Lpw2c3SXVWfmN6AtFK-7arXzr2koaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pogothere.xyz/	1970-01-20 16:52:23	Name: csu Value: 466378639695271@1@1671239605
.robloxscripts.co.uk/	1970-01-20 08:15:26	Name: _gid Value: GA1.3.1871249603.1671239606
.robloxscripts.co.uk/	1970-01-20 08:13:59	Name: _gat_gtag_UA_190483952_1 Value: 1
.robloxscripts.co.uk/	1970-01-20 17:35:35	Name: __gads Value: ID=727a952b0a760ff2-22e28d611eda0093:T=1671239605:RT=1671239605:S=ALNI_MbLTccb1muz3kYO22WGdMaCcfkJsQ
.robloxscripts.co.uk/	1970-01-20 17:35:35	Name: __gpi Value: UID=00000b93951812d6:T=1671239605:RT=1671239605:S=ALNI_MZemKpV3BCoQb4tq1-pd6-kXl1UtA
.robloxscripts.co.uk/	1970-01-20 17:49:59	Name: _ga_0G1D4NG94V Value: GS1.1.1671239605.1.0.1671239605.0.0.0
.robloxscripts.co.uk/	1970-01-20 17:49:59	Name: _ga Value: GA1.1.151929099.1671239606
.doubleclick.net/	1970-01-20 17:35:35	Name: IDE Value: AHWqTUnSVMjfqMtFqPNDFhJllOldNq8TmpkJPQrudmzdPaMHAZ7ytjlQRhG-6nfh
.adnxs.com/	1970-01-20 10:23:35	Name: uuid2 Value: 241296063562650875
.adnxs.com/	1970-01-20 10:23:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In7mQ`uj!]tbPl1M>e)ZlrFUfJ+tGXxo<RmtASDu[dt9'JeOaRzs)_%5Yp^NDYBCksVf3If)y3KL9D3I?+mt.t:I
.casalemedia.com/	1970-01-20 10:23:35	Name: CMPS Value: 2196
.casalemedia.com/	1970-01-20 16:59:35	Name: CMID Value: Y50Xtvd.bYyPcflHPDBf.QAA
.casalemedia.com/	1970-01-20 10:23:35	Name: CMTS Value: 5234
.casalemedia.com/	1970-01-20 10:23:35	Name: CMPRO Value: 2196
.bidswitch.net/	1970-01-20 16:59:35	Name: tuuid Value: 9043018c-4a98-4305-92f2-13f41c448ca3
.bidswitch.net/	1970-01-20 16:59:35	Name: c Value: 1671239606
.bidswitch.net/	1970-01-20 16:59:35	Name: tuuid_lu Value: 1671239606
.bidswitch.net/	1970-01-20 08:13:59	Name: google_push Value: AavPq0P81qz5zAHaZkgBRsjqhrmGIT3IEkNW96YF9HeVJcObbRQTO1txARPPdTGC0xpCFm154PvRUyLtMkirhZLRXW-D86ywGQfUB-U
.turn.com/	1970-01-20 12:33:11	Name: uid Value: 3445359123309128544
.w55c.net/	1970-01-20 17:44:14	Name: wfivefivec Value: D0aP4TWZ1P6lLx5
.pubmatic.com/	1970-01-20 08:15:26	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 08:57:11	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 16:59:35	Name: everest_g_v2 Value: g_surferid~Y50XtwAAARlINgAZ
.pubmatic.com/	1970-01-20 16:59:35	Name: KADUSERCOOKIE Value: D2FDDCDE-87B4-4164-8B83-2C2EDA6B1742

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1844601536%3A1671239605695534&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6pL4mOeN4qniwEsgt1hoNDb_P26il7dM05MPxxJ6ZeBCaRTm4ZlXqPnP-TZK7XxEoBJThwQA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1862212919%3A1671239605589459&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh670u8Xkdhk88EnyLaOaVieSQS39cXIvdiGm0VyqyepxDwUqy1MJ9haHd5Nyach8ou3r9w3yQ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8587621567638470&fa=1&ifi=5&uci=a!5&xpc=CVk1n6IQ9R&p=https%3A//robloxscripts.co.uk Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
achcdn.com
ad.turn.com
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dyrfxuvraq0fk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
kitantiterhalac.xyz
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pogothere.xyz
r.turn.com
region1.google-analytics.com
robloxscripts.co.uk
rtb.openx.net
s0.2mdn.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
unentsimmends.xyz
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
youradexchange.com
108.138.17.55
142.250.185.194
142.250.186.130
151.101.66.49
172.64.172.27
18.195.83.19
185.64.190.78
185.80.39.216
188.114.96.3
2.18.232.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:1f13:800:7782:3194:4465:ce4c:1037
2600:9000:2131:7000:7:f62:ac00:21
2600:9000:238d:5400:8:48e:53c0:93a1
2606:4700:3034::6815:1aba
2606:4700:3034::ac43:b043
2606:4700::6811:180e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:803::2006
2a00:1450:400d:803::2008
2a00:1450:400d:808::200a
2a00:1450:400d:808::200d
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2004
2a03:2880:f11c:8083:face:b00c:0:25de
3.68.131.166
34.248.84.14
35.190.41.116
35.227.252.103
35.244.159.8
37.252.171.149
52.223.40.198
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00890f8a8df5422de6d70c039da0dea997633ac0c8a1bc29b8d32aa6578f2617
01bde3f8ec0ae7e3b467d245795f1c5ce0440119c3299139c494d4b9c8c7389b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
179e09745f93ebd924fe87471d25bc58b2158fe16aeb789a1d5f2748cac6aa81
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19861b0c2bcc4d97db6d80ca660c944ff4bac61b6957e5ca9cbe09b9d1f61efd
1bb571aa38beda5e75b0f19273c33cd519c40848c84f33558fa0ebc617f7f42a
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f812db772de75c54043d61ab65c189360fdbb324aa9fc35863bdd8edcfb5a38
2439b57243d5266548670863c44e2c3a098d62bf356ec70e1b5e3a78f40ce4ad
28710f6de30528e3237f7063b030002c964e2ef81b85d4bc08060a707b00323c
296752c66aef7e7dd53ce2d26717a83ce5875b82e25b5834cc6688f95bbefec8
2b6fe931e0fc30cb6dadef8ede5ded517b129a4857bfa7ff0abed53e2aea80fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3169d8ad2bcafc9a407947845b207dc131727ae678a0bded15dd2040591a0906
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34660d0c464f30d5df668e9ecdc77fa0aa53e42810b13c00f02eab1ac2aaefd3
3915993380e7aeb6ebf21561e93a82badc0a22e6513098c2baf8de748676ff94
3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6
3f04aea37e929417a9c467ea7b65bac2f3b5fdb4f96eb602dc2ada344df0547b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4739e154396c0facfc38f9cfff6b441627ca0ab85218cc0fab0cd349f9d73398
485c00e77eae103f044469455339d099f317ebfc2a6184301b6f1cdb89da0913
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ff7b3335c606040523217f19fe3824b4d73ccbd1f124e50f61bc2cd389dced
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51618f12ee169c65d026f78ccaed2dfdc1c7875bf4f8d502c87f8e1724483081
535758323c8ca9e554a4399b5467297e554e41f053cb074832f14c541489f266
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c7d2c3a83f975687c0c1f2d2acd5ba3d0d747fbbab87ffd2357ac2adb1fcd5
567e4c306c567c4f2a1047c3a55a3890a497afc9aa34012a1b1791125cdc6422
5a9b6f50d8a29466dbf96cedcd508d13cabd35250fd220cf519199e11e700904
5d6ae5c92a6947be31fd40a7c6955c0be3b92b16b6060a1ed47717f747766cfb
5dd26980e87b13b3481a224effeba8aa8b6f93caa9c8bb3706001675b4af2d55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6325c4074a92675033200f2755e770e069afb33e93ba092f081fed977d87b429
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb024c4e143035c7bc6c634bca0acb039ecc9c623ed3caa3ed7c49ca10ad394
72d5bc90bba3b473ee568101cbef8aca05a9bf48c03ea3bd12fac2bd6d9ede2a
7404dbe69d4f51c23c3e3e2adf9e6e6eff194460979c00824aa1e1785d20acd5
752179cf88833cd1679876088793f799e17cc364c521bbf78f32ff9ebbdee2e5
7546e6af72bb0952f89ea27f904bf49e8e78555e5d33958b02221782c7b07259
758a7336a1b81a836167fbca4164c2307d37fc2e9cb818c4f937a51533a52b80
763afe5712e351cbb1f40a834e030e7bdb8c113ea261f5596883a27e16602bb2
76d8973ba09de04de591a677b1d4da3ac9c82c3cd5884ca017d92550929d5e19
7c62a7314dcb0e4752db9942574709c13d5a1ac536dd8fda5e440d6a36acb5e3
82d4111dfc8ca7327d18c7fb60b59b2c8c0acf19e20a170eaf86e9892dae5995
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87728d116a78a7b27ee8d35887fe180bf5f031fd2e3471e3d46b79717678ae5f
89086135ae3ed7f0d7cb20dd64a536b503114e9c99afb5e763f21d673f9e44d8
8cae25f064cd9d5a6c11eb02d7a4812dfc278cae69f4b0b57ae119761f4ac0f1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90a40ed8f8aac2d69fdc1dfa4ccba94816d1a68b7492acac0f7ee8dfb5c27bfc
910d7d1b0c570ae7e850e1aeb4178e591a9742d92ba593cd17b0afc8bd01660e
93b0a220a676b3b79546353dcfb1f677abfbbe74b40a04a89b6b23faf2b9239a
957d3ff52f3444de4878fe88763f1960eb306cbc8ac67779b5101a195bcd6433
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39
9a5cb3506c68a4cd16fde556ae5c498c6edea33ed01a90b49dda7d0f164ea63c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab6eb32c8877791127d48d3974a960e3c972b1c7111dca432aa5c26602970780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9dfef9900b77b2b7ddc310a783cdbbcd3ae070fefa192d19f3b90ccfc0a4433
bcc95b0963e7421a602f1edc8a17f667f8a95373c4cb9207454a9642f09c2d6a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c3cc89478f072f175b8c2084165a0240689c812b06e0633e91b09d4dc1191f84
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c5565667e79f8f7a7e4ad2299ce420179a607ccc489997ad68f1c1c1728b43ee
c7c5dc808b73642ea8bc1371b6c69ef0c237065cbf5d08ec1c60139307543f5d
c87726b3f379ee5f644434717a06d69df2a35a99c04119b6b23af6b93ffcbfc8
c87bc342871b13644ee3c3f98ac5c566cbdb1121b610f09d195bc33e40de9c1e
cb3ca91aa3dd33ef51a55a6d1197bc7fa8d6988ded0725bcec2a104ab76b87d5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d80f64908e3ac08b47d993f5ec5f118f3d2db9a4e5cff7da71c485a6f7d77dd8
dc390ff5d666d7f96c6203febe644be7e7bed0386e87bc42a9a0a5212dad47a3
dc61c7da0868bdecbb8ffa6e1f25e048f9c7e792df528b111cc513f35db1d8b6
e0b8e48946fdfcbb8befe57cff45fc8fe00f32cb4abb8bedcad6728ae7baa934
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0f9493cc648abc9cced7429ff5f89b623e1d696eec387fac8cc1af9c8d5e84e
e218c7239f2e374dfb0722376943d749f2f6df6b1b6b1e75d57a96b3f5c187cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eadcb1af465be5c65d5eb94eaa2ddb5b9148bfb9aeff3246bc75b6744646e0f7
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48b782abe88686037c67f83090b8a1f90953cbcbb6f19d9b3915347f3a9dd56
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f717cb0c352c17232167da933c8df2c9219e24b658c96ad091a97063bba77f5b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f779b4445544936d84083d7ee72b1bf1514f186cd057787049d6dc2da3b7bd03
fa6271b0b10a31e5bdf138a7d732352aa3ef5014c2df7420d977fbc1cdfb3efa

robloxscripts.co.uk Open in urlscan Pro 2606:4700:3034::ac43:b043 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

171 Requests

92 %HTTPS

57 %IPv6

31 Domains

42 Subdomains

37 IPs

6 Countries

2159 kBTransfer

5076 kBSize

24 Cookies

1 Outgoing links

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

robloxscripts.co.uk Open in urlscan Pro
2606:4700:3034::ac43:b043 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

92 %
HTTPS

57 %
IPv6

31
Domains

42
Subdomains

37
IPs

6
Countries

2159 kB
Transfer

5076 kB
Size

24
Cookies

171 HTTP transactions
6 data transactions