robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://robloxscripts.net/
Submission Tags: phishingrod
Submission: On February 18 via api (February 18th 2023, 5:38:00 pm UTC) from DE — Scanned from DE

Summary HTTP 142 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 24 domains to perform 142 HTTP transactions. The main IP is 192.0.78.139, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is robloxscripts.net.
TLS certificate: Issued by R3 on February 18th 2023. Valid for: 3 months.

This is the only time robloxscripts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	192.0.78.139 192.0.78.139	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	162.159.130.233 162.159.130.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2600:9000:225... 2600:9000:2250:1c00:3:62b:d240:21	16509 (AMAZON-02) (AMAZON-02)
12	172.64.133.29 172.64.133.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.66.112.119 18.66.112.119	16509 (AMAZON-02) (AMAZON-02)
4	172.67.221.62 172.67.221.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:400d:807::200d	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
4	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
142	27

12 192.0.78.139 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

robloxscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.130.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:1c00:3:62b:d240:21 (United States)

ASN16509 (AMAZON-02, US)

d3oy68whu51rnt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.133.29 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.112.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-119.fra56.r.cloudfront.net

yiddiquitejuk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.221.62 (United States)

ASN13335 (CLOUDFLARENET, US)

ylasthepoityelthenl.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200d (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::2004 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	412 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	121 KB
16	wp.com s0.wp.com — Cisco Umbrella Rank: 6932 stats.wp.com — Cisco Umbrella Rank: 2673 pixel.wp.com — Cisco Umbrella Rank: 2492 i0.wp.com — Cisco Umbrella Rank: 3126	743 KB
12	google.com 5 redirects accounts.google.com — Cisco Umbrella Rank: 76 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	3 KB
12	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 30031	605 KB
12	robloxscripts.net robloxscripts.net	192 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	117 KB
7	yiddiquitejuk.com yiddiquitejuk.com	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	4 KB
4	ylasthepoityelthenl.xyz ylasthepoityelthenl.xyz	1 KB
4	cloudfront.net d3oy68whu51rnt.cloudfront.net	138 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	144 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9006	818 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 591	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4255	655 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	1 KB
2	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 3246	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 854	26 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1952	173 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	606 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 106
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
142	24

	Domain	Requested by
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	robloxscripts.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	i0.wp.com	robloxscripts.net
12	pogothere.xyz	d3oy68whu51rnt.cloudfront.net
12	robloxscripts.net	robloxscripts.net
9	www.gstatic.com	googleads.g.doubleclick.net
7	yiddiquitejuk.com	d3oy68whu51rnt.cloudfront.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	accounts.google.com	2 redirects robloxscripts.net
4	ylasthepoityelthenl.xyz	robloxscripts.net
4	d3oy68whu51rnt.cloudfront.net	robloxscripts.net yiddiquitejuk.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ap.lijit.com	2 redirects
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	pixel.wp.com	robloxscripts.net
2	cdn.discordapp.com	robloxscripts.net
2	use.fontawesome.com	robloxscripts.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	robloxscripts.net
1	stats.wp.com	robloxscripts.net
1	s0.wp.com	robloxscripts.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
142	33

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.pogothere.xyz E1	`2022-12-31` - `2023-03-31`	3 months	crt.sh
yiddiquitejuk.com Amazon RSA 2048 M01	`2023-02-09` - `2024-03-09`	a year	crt.sh
*.ylasthepoityelthenl.xyz GTS CA 1P5	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://robloxscripts.net/
Frame ID: D6F7DE1623223AB2E690B1CE0DAEDE2A
Requests: 74 HTTP requests in this frame

Frame: https://yiddiquitejuk.com/Ym1Md3UDDy8aSgNQLlEAEAFxUkckSH4xEVECNUFNFQU5QkQQAzhZFg4CORMTEAIiA1sMCDhSRyQqLkdMOiN+FDgrKSAlIiAeIToCEggbGQUPLwotPyg+Hi42MFQ1OxlaFBQ2IxQ/GDoWIT87PzEFFX4UIC8JD0Q/DCgdBDorOQ08JDMCJDk0EjofJEEYOxoHFwM+Aj82Iz81PRkFIA8eGls/Dj4wLAMKNDcOJCU4MFIiDQ44UCggIgUHAyc/JA5caUUzBF0NODQxHngmNzAmKiAROCh8B0w4GhYvJDpUNTU2NCYqIBEjKSsxQDsVBiI5NR0gNQ1bNylEWFY+GiFNFyd8FDkhBysOIzMaCzhGKysFIQVaNA4bIDU6PBs3UlUJPQwsDA9HBVsrDj0jOhQBUkcgNQ09PgQ6KCY0BRonODdXLhQvTVI1NCI0KwcFJCMxAWlFNzgKKD0tUCslNkRbCBUgLCo7fAdMOF0dMDYxWSAvHigJDyA8JzgJMU07PwkkIAxZah0GDQM8SgwKOH89TRA5PzE+UgQvTg
Frame ID: 087C76E83B8DDC73AC966F87A62458F9
Requests: 2 HTTP requests in this frame

Frame: https://yiddiquitejuk.com/OTEwVXVYU1M4SlgMUnMAS10NcEd/FAITEQpeSWNNTllFYERLX0R7FlVeRTETS15eIVtXVERwR39CYzgaQFRlDAV7Z0czEG0FdAMeaxQCExMICXYBLQxCcRAwbnp0JS1vWl8QJXtadRocWkdyAyBffEkUAGtnCCw4eAVgBiJ4XHNkAlxUAiIlYXNAYhAJSWQdJmsCaD0kd39ZADd9RlclPGgIaBAPbBQCEzRsRVYYDE1paC0sAXhHDxB+dn5hOXhVaDEYAGhxOTBBeEcHIn9bdWAhTnN6HjEMYXEQGQpUWwQ2YXllHCFOc3oYJnR0chBEU1RjMi1qAmksLXgcagQsCllRAAJSA3oyTH95cwQdeAFqNhF4SVYUIAxeVQMCYWIDDxx4Z18bPkBrYBQxSVtVEwVcdHNlA21Gch88agl6AidjR1JkEnp2WWFBe2cINiwKVkMURVEDahMaWmV4HwxuSUgcEVdBYBQwUgB7Ig1tcklsA255YhgRYQB1FCAAVmBkFn0XWiYaV0ENMUZ7R0NjNlhUXzITTFt0Ig
Frame ID: 5BCAF37DB70F7CBFB8E138604DB7EC7B
Requests: 2 HTTP requests in this frame

Frame: https://yiddiquitejuk.com/SjI5SDgrUFolBysPW25NOF4EbQoMFwsOXHldQH4APVpMfQk4XE1mWyZdTCxeOF1XPBYkV01tCgxKbyZ2HWsLEQkCdl4Obxl7WAVUf1RgeGI/ZG8GTw1hbAV7CWh2AUIMZXgJdSdxbQ1pGHBdDn0jRWEpCQRzdiBxfnB/PE8MWF4Jb3hWbwZPKXdYeFw9dEERDQ11Sh97DntuBXkle3QwXD10XixKAlhSEnwwXV8GCBBnfA1ifmcJBlMbAQ0dfDBVYQdqG2RaeH4ndmsCQhtlYxtuJFp9KwkLWVp4fid0eHAMGGVzD24YYG4SfgdXYA1cbwB/GlQYX3whFRNmeiJ1D39ODXYaRV0ybRlwUxl/DHxvH3odaH8GdxpgSiF8LUJDGWocdW8PYSxiTi98KQJ/JXoLfwgPfCZ5aHpqDnxoO20FYA0yaiZjaBlVLmZqD2IuawgsXRADCCZte2hDGW8TY3syeRl4eDh8EHZvIm0MdA0Zfwh0fHpMCRRTO1ckQgQ9anpkSThSHXQOCQ
Frame ID: 71CB359FA69CC5146254D700E5D82E9B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: BB40F4DD5DAB20A5901C60D0AA16C7FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1676741756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875406&bpp=11&bdt=585&idt=303&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2150032010921&frm=20&pv=2&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 3C367836883B0FD0AAD54D1CD01CDBBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875417&bpp=3&bdt=595&idt=328&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WrCGCeKHeo&p=https%3A//robloxscripts.net&dtd=336
Frame ID: F05DA60EE52112924C45CAC557AA7E7F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D7AD3226F0B4B3C2EDB8F1F1551AEA45
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
Frame ID: 9D70D2D30926F83B1E9742845BEAA8EA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: 854F26F54A3A95D3C276D7295F1A669C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 94CF9971F56F51A65DC11AB15A61F44C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A618F4F2C715B2098CA49C040C5D7EC8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 433A3590E348F4D2E3B0F63D7D81CC45
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 28F496795E2FDDC884FC8B6D6682E20C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41395C6A95ACF4D4A53C5F5520D19241
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71A3CB93B63D43BDAA1F609C460C6110
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 0C4A216EF84C7B2C53093D4E9C7D5048
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DC150686781342F1C4792281F5394BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5FB5C3C7180378ABC4FA2A8CD4D546F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Scripts - The best website for Roblox Scripts & Executors!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

142
Requests

95 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

27
IPs

6
Countries

2516 kB
Transfer

4916 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S537783395%3A1676741875463108&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdfKhGt8ONQXoiCI5R7JXukuEJxsQW_GYiB4gb2BLpqFtXDRiuWEQCA_1t9lw166npiYpniEA

Request Chain 33

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-939432337%3A1676741875567835&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpEc_lDxwsd0TmeC671pzM1Ec9_dPMdvPay2YcSnTiumGeGKeyRD48W3fBn3xSEqnMSo-GkA

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 125

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOuhjpU8L4PdrpWZVguBaPg&google_cver=1&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsxMl6TEI-C16YulreYGumE9fA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOuhjpU8L4PdrpWZVguBaPg&google_cver=1&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsxMl6TEI-C16YulreYGumE9fA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMjA5MDAxNzQ0ODc5NDc5NA&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsxMl6TEI-C16YulreYGumE9fA

Request Chain 126

https://d5p.de17a.com/cookies/google?google_gid=CAESEOKe_0ofDbM83q9p1VOqCRM&google_cver=1&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOKe_0ofDbM83q9p1VOqCRM&google_cver=1&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC

Request Chain 127

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAZvvt6yTmeFvK3KZGuH5yg&google_cver=1&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAZvvt6yTmeFvK3KZGuH5yg&google_cver=1&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_&google_hm=GLahrGZHYhzKjjVdQqesC9SM

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

142 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
robloxscripts.net/ 116 KB
29 KB 182ms
151ms Document
text/html 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56d3d6ae9b48be85002f025a9873817aff6536e22926fc7b45ae8f14d5340f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=182, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 17:37:54 GMT
host-header: WordPress.com
last-modified: Sat, 18 Feb 2023 17:35:56 GMT
link: <https://robloxscripts.net/wp-json/>; rel="https://api.w.org/" <https://robloxscripts.net/wp-json/wp/v2/pages/299>; rel="alternate"; type="application/json" <https://wp.me/PebEFq-4P>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams BYPASS
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-nananana: Batcache-Hit

GET
H2 200 wp-emoji-release.min.js Show response
robloxscripts.net/wp-includes/js/ 18 KB
5 KB 140ms
140ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"62551487-48b9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
robloxscripts.net/_static/ 435 KB
63 KB 247ms
247ms Stylesheet
text/css 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bc826d007b30995cf3550dd221e0c21f01e39e531b77387d944196343ee4d95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 15 Feb 2023 17:37:50 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"a05f5c670e8861fa2f782822e063a7ce"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.2/css/ 99 KB
21 KB 52ms
18ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/all.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 63J77FPH0ATCGWRD
age: 2279006
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FhFz12XnP2R8c8j3G6ZcAXlhnl1JDEMHsPWxu0zIZqg7BdTNdgq8X87uKOrJQtmufUyEDZnZvOs=
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
server: cloudflare
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QAUGu6UyMOTr0K7Vun%2FuGcDXA%2FpIRIRyDgaX0hntC3zAFoPn5M3NIMhbcLZwWa8F6XUy0knfznxewUrTH9F0az3LxtqR7rQQkEkFIy0l9C%2FJH2X5xt7gbGzSYCVJsW69sfK89oHOWof7wqnT871Zbrj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79b8888e488c2c00-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 50ms
17ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 63J6XB58Z9D68SQF
age: 2279006
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DB5tTR0DrWu2Jm/YctRQtbQ8txNfX1Qo8WZtAa1hC0VdJrphU7o6RXfw3wDgtXyMD2RPdVNAVEQ=
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
server: cloudflare
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvwpi6yc7CRFIZ7pY8X5YGbnNH9%2F%2BoTC61RQx9V248eflSeEpgwCsEumYWx%2BYXSdUKGg73GdvEmZZchYof3afE96FP2QcHwpqGHuFqs2JtQD4TvYuuftViBK0BIwf2mFYSq5MOUAgyed%2BE2Se5C3Nv5n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79b8888e48902c00-FRA

GET
H2 200 token-bridge.js Show response
robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/ 9 KB
4 KB 141ms
141ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/token-bridge.js?ver=0.10.10

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb036bba36e01f3afcb6f2875c75fecf2e0e5205ee8a33bf55606fcbda1bb0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 15 Feb 2023 17:37:50 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63ed186e-2350"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
robloxscripts.net/wp-includes/js/jquery/ 88 KB
31 KB 143ms
143ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"632879b8-15e54"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 16 KB
6 KB 143ms
142ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1667520834

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8650062d222876f20382a71f9de6919c5f267a8f9d22ac64085339e5d08d655d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 04 Nov 2022 00:13:54 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"77f92959e06b114875db88a210edce0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 170ms
77ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f0d89deb0987bf17b220f785d6da4b01ece65b5fde6ff6b5184dd99a3559e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49501
x-xss-protection: 0
server: cafe
etag: 5492203322580204053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:55 GMT

GET
H2 200 discord.svg
cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/ 1 KB
2 KB 86ms
23ms Image
image/svg+xml 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/discord.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1266065
x-guploader-uploadid: ADPycds-TiBGE27GZH_VQXStoMOgJFYwKIpDKrAJgadf889dIsnH0KbT9kQZRvRb_XzoPfAyeghCEivWOOZdSYS0b2Saw09RaYtc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=discord.svg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:56:01 GMT
server: cloudflare
etag: W/"ff7fb5235b904fea50cedf072826782d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1661954161504978
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=Mb61zA==, md5=/3+1I1uQT+pQzt8HKCZ4LQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu2AQbpmDPoEHJU0U3PwFn8qPbwP6lNXnBOHSI2nvnKPr9%2F7rEBLmKElUTPoDi%2Bvznzotwxg32bHkLUU%2FYwCj8RDIFyx9TrZB9BcKns%2BQvoeVh0cZ7Px6sOu1Ly8Z0%2BrwKgyNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1270
cf-ray: 79b888903fba3667-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Sun, 18 Feb 2024 17:37:55 GMT

GET
H2 200 icons8-youtube.svg
cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/ 702 B
1 KB 86ms
24ms Image
image/svg+xml 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/icons8-youtube.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1509701
x-guploader-uploadid: ADPycdtdUhY_fNHqE_IEabwCfpm0H4__DE78crh9MjbZb9I57reOOUxCRAnfLlkH0bofZBVJWUjpq-uoh_YC-yuRwh3-JQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=icons8-youtube.svg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:57:21 GMT
server: cloudflare
etag: W/"382c3ebffb19403d05359a5ec7554298"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1661954241540175
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=mHmx0g==, md5=OCw+v/sZQD0FNZpex1VCmA==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iguBvt%2FK8mM8oz5%2BP5tj%2F%2FoQ8OgPrsawBbJ%2Fag1O7J3m%2F6Vgyc1tXLkgHU07LZIbB%2BUSz32CqA9Rke2NydC%2FdkVvw9MShMoay0YSg3fBxauc5WNaRei7BZSGsl7ftuNpzfp0Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 702
cf-ray: 79b888903fbb3667-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Sun, 18 Feb 2024 17:37:55 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 7 KB
3 KB 59ms
9ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202307
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
x-ac: 2.hhn _dca MISS
server: nginx
etag: W/"63bbf1d2-1a69"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Feb 2024 00:00:01 GMT

GET
H2 200 form-styles.js Show response
robloxscripts.net/wp-content/plugins/jetpack/modules/contact-form/js/ 5 KB
1 KB 140ms
140ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/plugins/jetpack/modules/contact-form/js/form-styles.js?ver=11.9-a.3

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1995d935c3a3de4ce9fe397f5a5e0384fc241d4b96672c9370507b8a40f07f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 15 Feb 2023 17:37:50 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63ed186e-12da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 100 KB
25 KB 148ms
148ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytktFOwzAMRX8IL4CmjRfEp0xp4nVeUyfEbkP5ejJWRDU0BIgnJ47usXPtksBFVmQ1KQwtsZgjarKuMztiZ5qBgjfpEDXyHFY98eooN+WrdL7DSFgEngfME1j24ElSsBOkKArJtmjS0ARyxoqg1pJVOl4w9YA9imFihCbEdlchtgnoFyLpKEEg7mAf3SCwp5c/UNiO1FqlePmtn4hrWY39FT8+rJzjbkT2MRs7VIlVrQbMLxDs6wTUV2vE1CpqqJKyoDu1BbERzCPm/y+zSFyB15TmCiRuz/OTQB7z+1wL+RZ14UbRJAXOw73OyygpstCI9ehOC7MAL8dbKd036/YLVElJrPvs7Kl/vNtsN+uH+8329g18aCfR

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c8e270f884a1080449fd94fff76b3fb4005a6eca394ed260ad8b686475a751e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 15 Feb 2023 17:37:50 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
x-page-optimize: uncached
etag: W/"1c6cb5a3711331d749ccb196bc0a29c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 e-202307.js Show response
stats.wp.com/ 9 KB
3 KB 38ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202307.js
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 11 Feb 2024 18:58:46 GMT

GET
H2 200 / Show response
d3oy68whu51rnt.cloudfront.net/ 402 KB
136 KB 48ms
12ms Script
text/plain 2600:9000:2250:1c00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbfba6460d76edfe77d78118eeaceeff359cd8be859257785ad4ada4341af03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 12:28:46 GMT
content-encoding: gzip
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 18549
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 138662
x-amz-cf-id: fSCWruscuxmW1ImZBXqwJGGcKLOCJ6HCwqk8pnX_GtWd5ND-1bQx0Q==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 151ms
150ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ecc"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7884
expires: Sat, 25 Feb 2023 17:37:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 141ms
140ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ea0"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7840
expires: Sat, 25 Feb 2023 17:37:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 140ms
139ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==
Origin: https://robloxscripts.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1f40"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8000
expires: Sat, 25 Feb 2023 17:37:55 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 79ms
24ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gUlIjO23rgUfN2SWgz9%2BIwQw8%2FeSaD9GXErt2ODdgE6hXsJ%2BmunVpYXqTYeOs2FXPtxq8u9elf5a5sCFjdcED3uHdPqtDqtNgSHB23E1fpw4BKarmVGmnkmzL89od2D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890bd32bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
598 B 167ms
112ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b777ab2af34089c7c32da0dcb6e7633a5fc3282f8b01ec452be1a77537489e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DTsziYwsfHbtQV3Qb06BMM5bJX3Lfwn9IfiiM8VSfhAycgrxavlU8CJZqq%2Fgye8dsojm%2BxjPYBTjLtH9aw4N1JRtW4GAUetknJrlLawQV%2B6reco1offxlgeNTuQLnGt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890bd34bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
yiddiquitejuk.com/ 0
491 B 164ms
107ms XHR
text/plain 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/utx?cb=swHsOGh8h1DI&top=robloxscripts.net&tid=955131
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:55 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: hsEuXkLwNhQGe24t-eGJpHcgJ_zQGEzwHd2OhsrQTl11FkJ70QU3Hw==

GET
H2 200 JA5caUUzBF0NODQxHngmNzAmKiAROCh8B0w4GhYvJDpUNTU2NCYqIBEjKSsxQDsVBiI5NR0gNQ1bNylEWFY+GiFNFyd8FDkhBysOIzMaCzhGKysFIQVaNA4bIDU6PBs3UlUJPQwsDA9HBVsrDj0jOhQBUkcgNQ09PgQ6KCY0BRonODdXLhQvTVI1NCI0KwcFJCMxA... Show response
yiddiquitejuk.com/Ym1Md3UDDy8aSgNQLlEAEAFxUkckSH4xEVECNUFNFQU5QkQQAzhZFg4CORMTEAIiA1sMCDhSRyQqLkdMOiN+FDgrKSAlIiAeIToCEggbGQUPLwotPyg+Hi42MFQ1OxlaFBQ2IxQ/GDoWIT87PzEFFX4UIC8JD0Q/DCgdBDorOQ08JDMCJDk... Frame 087C 3 KB
2 KB 132ms
102ms Document
text/html 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/Ym1Md3UDDy8aSgNQLlEAEAFxUkckSH4xEVECNUFNFQU5QkQQAzhZFg4CORMTEAIiA1sMCDhSRyQqLkdMOiN+FDgrKSAlIiAeIToCEggbGQUPLwotPyg+Hi42MFQ1OxlaFBQ2IxQ/GDoWIT87PzEFFX4UIC8JD0Q/DCgdBDorOQ08JDMCJDk0EjofJEEYOxoHFwM+Aj82Iz81PRkFIA8eGls/Dj4wLAMKNDcOJCU4MFIiDQ44UCggIgUHAyc/JA5caUUzBF0NODQxHngmNzAmKiAROCh8B0w4GhYvJDpUNTU2NCYqIBEjKSsxQDsVBiI5NR0gNQ1bNylEWFY+GiFNFyd8FDkhBysOIzMaCzhGKysFIQVaNA4bIDU6PBs3UlUJPQwsDA9HBVsrDj0jOhQBUkcgNQ09PgQ6KCY0BRonODdXLhQvTVI1NCI0KwcFJCMxAWlFNzgKKD0tUCslNkRbCBUgLCo7fAdMOF0dMDYxWSAvHigJDyA8JzgJMU07PwkkIAxZah0GDQM8SgwKOH89TRA5PzE+UgQvTg
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 0692145ea483805b728812a688cb83acd50d7901db6ebbe897276c8734b9a617

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1241
content-type: text/html
date: Sat, 18 Feb 2023 17:37:55 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-id: naA4zD7U49Y9UP99MbipZYq1eKF0cPPx2GQzrC_0RRS0ObxAopnHSg==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 39ms
16ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWHYaU7EJRbG6nAmgs3hBItENXGTDRbN9T2WqudbqUUxijxazxkAe8rv4Vm5YRqyDBciBAPaWVj51lBw5k%2F3R8AFlWc4%2BTg1936P2wkbKkrjhxoCeXCMaV5mrWXCIExM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890bd36bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
368 B 123ms
100ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7858ad2456f859aa783d5569eb7f66a3b564387698375d1c9b9cf52ba234e545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT8nIivctowU6F8y92WgyxzveKpQTalQ3he4N9QDNDAFPurjLX6g8nFoEk6aVQrXJ4ZGrguIwmzqLDBFOKGKSO7I0fgXEo%2F5Lnqlo6nKtn06OxHfyHzMIu1WuDVlk2PX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890bd37bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
yiddiquitejuk.com/ 0
491 B 130ms
105ms XHR
text/plain 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/utx?cb=AeEnlmrsTqCJ&top=robloxscripts.net&tid=955748
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:55 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: _C6AajPakjXJdMJ3Z5zNQZeIsbmca57CiaYuLQo0ToCSqwIVl9w1Bw==

GET
H2 200 FAITEQpeSWNNTllFYERLX0R7FlVeRTETS15eIVtXVERwR39CYzgaQFRlDAV7Z0czEG0FdAMeaxQCExMICXYBLQxCcRAwbnp0JS1vWl8QJXtadRocWkdyAyBffEkUAGtnCCw4eAVgBiJ4XHNkAlxUAiIlYXNAYhAJSWQdJmsCaD0kd39ZADd9RlclPGgIaBAPbBQCE... Show response
yiddiquitejuk.com/OTEwVXVYU1M4SlgMUnMAS10NcEd/ Frame 5BCA 3 KB
2 KB 113ms
103ms Document
text/html 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/OTEwVXVYU1M4SlgMUnMAS10NcEd/FAITEQpeSWNNTllFYERLX0R7FlVeRTETS15eIVtXVERwR39CYzgaQFRlDAV7Z0czEG0FdAMeaxQCExMICXYBLQxCcRAwbnp0JS1vWl8QJXtadRocWkdyAyBffEkUAGtnCCw4eAVgBiJ4XHNkAlxUAiIlYXNAYhAJSWQdJmsCaD0kd39ZADd9RlclPGgIaBAPbBQCEzRsRVYYDE1paC0sAXhHDxB+dn5hOXhVaDEYAGhxOTBBeEcHIn9bdWAhTnN6HjEMYXEQGQpUWwQ2YXllHCFOc3oYJnR0chBEU1RjMi1qAmksLXgcagQsCllRAAJSA3oyTH95cwQdeAFqNhF4SVYUIAxeVQMCYWIDDxx4Z18bPkBrYBQxSVtVEwVcdHNlA21Gch88agl6AidjR1JkEnp2WWFBe2cINiwKVkMURVEDahMaWmV4HwxuSUgcEVdBYBQwUgB7Ig1tcklsA255YhgRYQB1FCAAVmBkFn0XWiYaV0ENMUZ7R0NjNlhUXzITTFt0Ig
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 10284d1cbc20a5e57200ad0d9b2c9adb0d20d70ab5ca7cc172d06d62d5d5a3ad

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1244
content-type: text/html
date: Sat, 18 Feb 2023 17:37:55 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-id: 18oBOkFnd4mRwVgUZ6vihomYNOE0E0SgrIRnNki1nPFAh4dIg0ZNlg==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 27ms
24ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vzKrQ0r6itK0zx1R%2BmhGktpCQvFsI6wsNY35jzzWXEzxvlsaXuDAuPZrkBuyrzR52iwfTScu4r9Mp%2BvYinAfFvoFra43O2rzwPBxKYejIdXvW2aWQUKwVuYtEBaRjhm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890bd39bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
350 B 114ms
111ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f08abf550588ea67e8871aa2511b5e3aae4b22f00f463c15a40a2fb1e5ac01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvSYnd4mg%2FYCkuRUzFEvl50RZ3GvPi2moACWgbkJsMOCy7yjg1CdgnSczI4pXjFoAAxbxbOeNrYPB3mkfwCYYM%2FiC0Iu%2BR9cDxxARMsSsIHEOZE3VS%2Fse7GBmT72RIdi"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890bd3abbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 JXoLfwgPfCZ5aHpqDnxoO20FYA0yaiZjaBlVLmZqD2IuawgsXRADCCZte2hDGW8TY3syeRl4eDh8EHZvIm0MdA0Zfwh0fHpMCRRTO1ckQgQ9anpkSThSHXQOCQ Show response
yiddiquitejuk.com/SjI5SDgrUFolBysPW25NOF4EbQoMFwsOXHldQH4APVpMfQk4XE1mWyZdTCxeOF1XPBYkV01tCgxKbyZ2HWsLEQkCdl4Obxl7WAVUf1RgeGI/ZG8GTw1hbAV7CWh2AUIMZXgJdSdxbQ1pGHBdDn0jRWEpCQRzdiBxfnB/PE8MWF4Jb3hWbwZ... Frame 71CB 3 KB
2 KB 104ms
104ms Document
text/html 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/SjI5SDgrUFolBysPW25NOF4EbQoMFwsOXHldQH4APVpMfQk4XE1mWyZdTCxeOF1XPBYkV01tCgxKbyZ2HWsLEQkCdl4Obxl7WAVUf1RgeGI/ZG8GTw1hbAV7CWh2AUIMZXgJdSdxbQ1pGHBdDn0jRWEpCQRzdiBxfnB/PE8MWF4Jb3hWbwZPKXdYeFw9dEERDQ11Sh97DntuBXkle3QwXD10XixKAlhSEnwwXV8GCBBnfA1ifmcJBlMbAQ0dfDBVYQdqG2RaeH4ndmsCQhtlYxtuJFp9KwkLWVp4fid0eHAMGGVzD24YYG4SfgdXYA1cbwB/GlQYX3whFRNmeiJ1D39ODXYaRV0ybRlwUxl/DHxvH3odaH8GdxpgSiF8LUJDGWocdW8PYSxiTi98KQJ/JXoLfwgPfCZ5aHpqDnxoO20FYA0yaiZjaBlVLmZqD2IuawgsXRADCCZte2hDGW8TY3syeRl4eDh8EHZvIm0MdA0Zfwh0fHpMCRRTO1ckQgQ9anpkSThSHXQOCQ
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a687d0929f9fa9781cc1d8a7a19cb8528d352a4ba9d82f20c82479e472ca18ca

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Sat, 18 Feb 2023 17:37:55 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-id: SWxvE5oRLE11baDefmPhYg0ppREdgh-G4KUnuj3veAVgiFBYJC3ruA==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront

GET
H2 204 JiALMzEZC1U+PhBzSn9iRX1CbCcdKk57cQc6Ej4iB3NCbD4aKBx3cQJzQmRkQGBAeHlFaAZ3ZlI6AyswSX9VOiMAIk57YUN4RH5mTHlGeGJC
ylasthepoityelthenl.xyz/dE5zSldbcRA5ahcbJQIFRQw1Lh8QOSl6EQ4oHRw/ 0
417 B 184ms
106ms Image
text/plain 172.67.221.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylasthepoityelthenl.xyz/dE5zSldbcRA5ahcbJQIFRQw1Lh8QOSl6EQ4oHRw/JiALMzEZC1U+PhBzSn9iRX1CbCcdKk57cQc6Ej4iB3NCbD4aKBx3cQJzQmRkQGBAeHlFaAZ3ZlI6AyswSX9VOiMAIk57YUN4RH5mTHlGeGJC
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDbkrXE8HdHrXskR5rwTCAY0DinACgGa14KV3HhtA8V1F2%2B3q8drpCQH%2B0Ked89osxm5e65HhsMXo%2FGQiYaRRHPcXoCb4zy1HB8UhwmxftV6Fv0bPYeJZptTlSJSWgQIYBsepMD6916C0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 79b888913d172bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 154ms
88ms Image
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S537783395%3A1676741875463108&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...

0
0

82ms
81ms

Image
text/html

2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S537783395%3A1676741875463108&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdfKhGt8ONQXoiCI5R7JXukuEJxsQW_GYiB4gb2BLpqFtXDRiuWEQCA_1t9lw166npiYpniEA
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Server: 2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-L-kFQaYfVLhhcvJHIcoC4w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S537783395%3A1676741875463108&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdfKhGt8ONQXoiCI5R7JXukuEJxsQW_GYiB4gb2BLpqFtXDRiuWEQCA_1t9lw166npiYpniEA
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-939432337%3A1676741875567835&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

72ms
72ms

Image
text/html

2a00:1450:400d:807::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-939432337%3A1676741875567835&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpEc_lDxwsd0TmeC671pzM1Ec9_dPMdvPay2YcSnTiumGeGKeyRD48W3fBn3xSEqnMSo-GkA
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-FTHHJx2tPPrEN8qm5bmjwQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-939432337%3A1676741875567835&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpEc_lDxwsd0TmeC671pzM1Ec9_dPMdvPay2YcSnTiumGeGKeyRD48W3fBn3xSEqnMSo-GkA
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 V0xCcnZ4cyEBSxknEBMkHw0EFjFidREjPG8tCkM8FiI6BBUSK2QGHzNxe0dDYHh6VAY+KH9DUCQ4IwYDJHFzVB85Ki1PUCFxc1xFY2JxQFhmajdPR3E4MhMRan1kAgIjIH9DQGB6dUZHb3t3QE5v
ylasthepoityelthenl.xyz/ 0
264 B 186ms
109ms Image
text/plain 172.67.221.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylasthepoityelthenl.xyz/V0xCcnZ4cyEBSxknEBMkHw0EFjFidREjPG8tCkM8FiI6BBUSK2QGHzNxe0dDYHh6VAY+KH9DUCQ4IwYDJHFzVB85Ki1PUCFxc1xFY2JxQFhmajdPR3E4MhMRan1kAgIjIH9DQGB6dUZHb3t3QE5v
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFhqx4PRjqYIRJVUnY9C%2BJc6nz6DoTVdjoD%2B2%2F6uH6Tq%2B09B84XHGr3Ii7rf4%2FCq0xSa68Gn8wOtTpJpTVPPaTWQao5Zt0%2BaiK2zNyAv%2BI%2BoTn9wQk4dDfttm%2BbJpZceUhgmi1TD3DccfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 79b888913d182bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 b2V0Q0hAWhcwdSJXPikGXig8FHk+Ji0kDj0zAw0hLjMAFQkoClI3IQtYTXZ9V1NBZTgGAUlwfUkWACI8GhZJcm4GCxIsdUkTSXNmW0tGbXhJEElybhsVFSR1XkMENzwDWEV1f1lSQHJwWFBHc34
ylasthepoityelthenl.xyz/ 0
255 B 185ms
108ms Image
text/plain 172.67.221.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylasthepoityelthenl.xyz/b2V0Q0hAWhcwdSJXPikGXig8FHk+Ji0kDj0zAw0hLjMAFQkoClI3IQtYTXZ9V1NBZTgGAUlwfUkWACI8GhZJcm4GCxIsdUkTSXNmW0tGbXhJEElybhsVFSR1XkMENzwDWEV1f1lSQHJwWFBHc34
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp0FLFuEmwxbSSTknpenSm2AfdSk4RkhI%2BFiFasF90CzyrsYRpQ72jye62WBi0xzeyyYXBC%2B88ZPIeMNbj6fkepS7pcnsQMTDhQP0KIl1NoewiN7krtWIZ9KOQMIwxJUrtWzqfooNTHW1w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 79b888913d192bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 23ms
22ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6OYSaZOxs8aN%2B65rzXBq39cE8zZhMXq34X5syT5b9%2B7xazpWCn0plcXVw9AyIeqbYkIgPfj4p85w%2Fo592Wt1VFCPAAXTFTbIR6Ov9RstdCFLDD4IRuM92VAyR1yyvkM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890bd43bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
353 B 103ms
102ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cea0acfdce9d6f11f970dc6242c26b6f27de4dfa806876b0a4aa5695b35271e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jUqhgI7jijIZRt22bar57aH6i9Nd2uPkWcZhuTt37BPTJ1B0oczY6IZdd0BT8rcng1ZW%2BAiQalXhYKzYTZTA3%2FdP9Vju0%2BP3In%2FfZbeppYi%2B2su2P0BR62x0%2BnR78v3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890bd45bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
yiddiquitejuk.com/ 0
490 B 101ms
101ms XHR
text/plain 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/utx?cb=mfmNmj8jVMc9&top=robloxscripts.net&tid=955131
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:55 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Si2Dzl5aoVmLA8B8oqexpoXrCAqZ-b5uIlT3_h9cDFt2-tXwU-ERXw==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 21ms
20ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5gOgQQDRMnQonDI%2Ftg78JUWJJQEsclASxc%2B4QjCAE7FquXKQ5peVfiyA9%2BkxS5y24aCAH0uhBqTNuywMwr%2B3xUztSkQLR3HBWOXqkD03sZfsBszOyk%2FvknX6kUCVyUa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890cd49bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
350 B 203ms
203ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e399ef631146d63ba8cd88c340de531729da45a74b645d1dcc253ec14ec3581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjVg6DkX7Af55CV9IEbACpmngh6acmkWwozTOMQTv382iMyxCxkMc5NOt4x30jVVahp1FljOZE%2BLvy%2Bb4XfEsLY1R3diV4Mb4pxsPGdFoBpSKNQQsJFVxXsl4dwFb8WE"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890cd4abbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
yiddiquitejuk.com/ 0
490 B 104ms
104ms XHR
text/plain 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yiddiquitejuk.com/utx?cb=lnQouWzzBftT&top=robloxscripts.net&tid=955748
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:55 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: UpYyfZ7XTlIVbgTft81Re6ago0q4LSOuNeug1KmeUspmVnhSYN4bjw==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 17ms
15ms Fetch
binary/octet-stream 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Feb 2023 16:26:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vonEPaRxXmHsuX37Up4RICazNYowU9xLDOBdiE1DVDZsWxFxSaAnr38h6wErSrKQZkRto%2Fu3mXWX3LjyiHLbprCQJI9xSMcWAXelZbAID8qj%2Bc3C%2B6iwybGpry7EnrLh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79b88890cd55bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
350 B 202ms
201ms Fetch
text/plain 172.64.133.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fcec9df5b9600686c48aa086385b8260ae7273e21087670c5193db5c349309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GnAb%2BiRBn5GKhYHtwQIV5wztJsXN5C3hsXkbFjy%2FBji7P4e9xSKk%2BJsWJEN0Vs1rMauKckPYfUq4TkrccyOlPWd6nN4bTN7qjoVytJtOlvJX3MYERz4V4Hlfdy%2B8Wdn"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 79b88890cd57bbd3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ajax-loader.gif
robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ 4 KB
4 KB 140ms
140ms Image
image/gif 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ajax-loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCGyjGmU8gPxKCgfXubVTUOcrOrb43UgChoMIX60iZ3c2TnfmJQbYoFYdKIaMLJ+i9URYWT1UiFPykSvPHIiM6k0cFHJBNCpWkKnDTMUwbF8x5UsN+MH605W1qa929qHjbdtu21s05o1+NtdC3dNs32wrv2Keu8lVAkt5KBtRfLa0uA6RWizyZPmMhH8DVr20H8LlVcOtaiQ0X+ugdFR9cD6wLoHjwZIaAS5DE4iQVYEwbhp1WO8ipazZXwRM6tLIjU6NTfPy2tfXyCpDJyGyHgE2brTQOfBMaGHvJyZZFz3H0SfTn8ajaRKhugxhiXX7LIRfYCypB1L4lGdvfYd4wFKMq7T/eAriVqEnfwvNnEWT0eMoMQT4Vl8bSyBX9aczcK/h16sVBMNxrOe9rXvkn2ha92fKr/tT1ef+sfb5r7Ztpvmfv0KlW9jWA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Mon, 12 Dec 2022 12:38:25 GMT
server: nginx
etag: "639720c1-1052"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
expires: Sat, 25 Feb 2023 17:37:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 37ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=209646640&post=299&tz=1&srv=robloxscripts.net&hp=atomic&ac=2&amp=0&j=1%3A11.9-a.3&host=robloxscripts.net&ref=&fcp=557&rand=0.24453644452270584
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 18 Feb 2023 17:37:55 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 150ms
88ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bfcae1ea5b37754d1e12d717b79b5c94e89d4a56d811352e6aa62627b15bfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122948
x-xss-protection: 0
server: cafe
etag: 10623711693955128332
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame BB40 10 KB
5 KB 125ms
32ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 03:12:48 GMT
etag: 10353107486223812946
expires: Sat, 04 Mar 2023 03:12:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pnj-rs-w-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 3 KB
3 KB 70ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png?fit=504%2C355&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2022 09:51:20 GMT
server: nginx
etag: "a7bc203b11e77164"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png>; rel="canonical"
content-length: 3194
expires: Wed, 04 Sep 2024 21:51:20 GMT

GET
H2 200 kiwi_x_thumb.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 82 KB
83 KB 56ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Dec 2022 17:13:47 GMT
server: nginx
etag: "fe6f4674c926a70d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp>; rel="canonical"
content-length: 84354
expires: Sat, 21 Dec 2024 05:13:47 GMT

GET
H2 200 625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 101 KB
101 KB 56ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Sep 2022 13:13:18 GMT
server: nginx
etag: "8474043a546cdd97"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg>; rel="canonical"
content-length: 103030
expires: Tue, 10 Sep 2024 01:13:18 GMT

GET
H2 200 625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 70 KB
71 KB 70ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp?fit=705%2C396&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 15:35:30 GMT
server: nginx
etag: "a80f6cb6b8793259"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp>; rel="canonical"
content-length: 72050
expires: Sat, 07 Sep 2024 03:35:30 GMT

GET
H2 200 image_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 60 KB
61 KB 70ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/image_16x9.webp?w=683&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8e8026c13312e6d7e4ab8d134083adc5dffaa5ae6ffcf677cfdda12e65477d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 12 Feb 2023 13:28:26 GMT
server: nginx
etag: "96894fbeba42c586"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/image_16x9.webp>; rel="canonical"
content-length: 61840
expires: Wed, 12 Feb 2025 01:28:26 GMT

GET
H2 200 ezgif.com-gif-maker-2023-02-12T032144.523.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 74 KB
74 KB 46ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-12T032144.523.webp?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3e4e0661754c7dbb020555993cc6cdcf0dd1252c769fc794f45d8fdbea0ed926

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Feb 2023 20:27:59 GMT
server: nginx
etag: "55acd64625e9211c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-12T032144.523.webp>; rel="canonical"
content-length: 75358
expires: Tue, 11 Feb 2025 08:27:59 GMT

GET
H2 200 milk_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 133 KB
133 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/milk_16x9.webp?w=916&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c9158280b728a98cd84d5039eda1199918d5008ed2f3bb9a5df6b80a32b86de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Feb 2023 17:57:19 GMT
server: nginx
etag: "23b71e76c71072cb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/milk_16x9.webp>; rel="canonical"
content-length: 135806
expires: Tue, 11 Feb 2025 05:57:19 GMT

GET
H2 200 Void_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 29 KB
30 KB 18ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/Void_16x9.webp?w=709&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

40fb4a383de1716b0c949e012e98335d1b660f5f5e783f256ace37634c63e81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Feb 2023 16:22:03 GMT
server: nginx
etag: "bbed348e587594f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/Void_16x9.webp>; rel="canonical"
content-length: 30016
expires: Tue, 11 Feb 2025 04:22:03 GMT

GET
H2 200 blacktrap_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 29 KB
29 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/blacktrap_16x9.webp?w=713&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

20a4654ac8f3086f29558d7c43cd184c5435fb7cadd0c62546fdb91f0bbe7133

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Feb 2023 16:22:03 GMT
server: nginx
etag: "b383ba0997538bfd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/blacktrap_16x9.webp>; rel="canonical"
content-length: 29194
expires: Tue, 11 Feb 2025 04:22:03 GMT

GET
H2 200 ezgif.com-gif-maker-2023-02-10T052757.252.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 77 KB
77 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-10T052757.252.webp?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

121026c2787b77772e1020b4bb8b7ed405811ee0baa42010197fb33bda0bbd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 22:31:31 GMT
server: nginx
etag: "61c5b06fe3cc3626"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/ezgif.com-gif-maker-2023-02-10T052757.252.webp>; rel="canonical"
content-length: 79010
expires: Sun, 09 Feb 2025 10:31:31 GMT

GET
H2 200 Pixel-Piece-script.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/01/ 57 KB
57 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/01/Pixel-Piece-script.webp?resize=1024%2C576&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

49eb0df06986c87632fe31c6ac13a719805e89265e7309437883edf93412eebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Jan 2023 17:01:43 GMT
server: nginx
etag: "f0817b7a88746e3e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/01/Pixel-Piece-script.webp>; rel="canonical"
content-length: 58090
expires: Tue, 28 Jan 2025 05:01:43 GMT

GET
H2 200 image_16x9-7.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/ 19 KB
20 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/02/image_16x9-7.png?w=692&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e4dd66e06d6612de950a6f120561c9630f63f0d81ad95c6c7a5405cdd2dbd491

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 18 Feb 2023 17:37:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Feb 2023 18:08:22 GMT
server: nginx
etag: "4c4e67a513f9de9b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/02/image_16x9-7.png>; rel="canonical"
content-length: 19902
expires: Thu, 06 Feb 2025 06:08:22 GMT

GET
H2 200 f0AOASs4QBRKfWdZE0p9ZwZXQX9yBCVKfWdADgF5YxJULWplBx9Ze3-4SVV8uJ0cLCjgyVQwGO3IFIVp8YBlUWWplB08EJyNaC0p9FBJVXyM+XAJKfWdQAgwkOB5CXX80XxUAIjISVSl+ZgdJX2FiA19eYWYHV0p9Z0QGCS4lXkJdCWIEUEF8YRESUn4 Show response
d3oy68whu51rnt.cloudfront.net/Gb09XN2cMIDlRWBsmMwpeWnpmBFZJJSRYCR9yLl8yXAVvRTMcCRwHDgx2cUMdC3JnEQsOITAKQQohNApWSS4zVVpbaSNHCARyJlgMCio9RBIENnFCBlIiOE0OAyM2ElUpenkHQl1/ Frame 087C 839 B
862 B 160ms
160ms Script
text/plain 2600:9000:2250:1c00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/Gb09XN2cMIDlRWBsmMwpeWnpmBFZJJSRYCR9yLl8yXAVvRTMcCRwHDgx2cUMdC3JnEQsOITAKQQohNApWSS4zVVpbaSNHCARyJlgMCio9RBIENnFCBlIiOE0OAyM2ElUpenkHQl1/f0AOASs4QBRKfWdZE0p9ZwZXQX9yBCVKfWdADgF5YxJULWplBx9Ze3-4SVV8uJ0cLCjgyVQwGO3IFIVp8YBlUWWplB08EJyNaC0p9FBJVXyM+XAJKfWdQAgwkOB5CXX80XxUAIjISVSl+ZgdJX2FiA19eYWYHV0p9Z0QGCS4lXkJdCWIEUEF8YRESUn4
Requested by: Host: yiddiquitejuk.com
URL: https://yiddiquitejuk.com/Ym1Md3UDDy8aSgNQLlEAEAFxUkckSH4xEVECNUFNFQU5QkQQAzhZFg4CORMTEAIiA1sMCDhSRyQqLkdMOiN+FDgrKSAlIiAeIToCEggbGQUPLwotPyg+Hi42MFQ1OxlaFBQ2IxQ/GDoWIT87PzEFFX4UIC8JD0Q/DCgdBDorOQ08JDMCJDk0EjofJEEYOxoHFwM+Aj82Iz81PRkFIA8eGls/Dj4wLAMKNDcOJCU4MFIiDQ44UCggIgUHAyc/JA5caUUzBF0NODQxHngmNzAmKiAROCh8B0w4GhYvJDpUNTU2NCYqIBEjKSsxQDsVBiI5NR0gNQ1bNylEWFY+GiFNFyd8FDkhBysOIzMaCzhGKysFIQVaNA4bIDU6PBs3UlUJPQwsDA9HBVsrDj0jOhQBUkcgNQ09PgQ6KCY0BRonODdXLhQvTVI1NCI0KwcFJCMxAWlFNzgKKD0tUCslNkRbCBUgLCo7fAdMOF0dMDYxWSAvHigJDyA8JzgJMU07PwkkIAxZah0GDQM8SgwKOH89TRA5PzE+UgQvTg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2611a993aa287656517ffa657d6b069b66e5241ace487685dd71f0a0c3ee9871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yiddiquitejuk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 585
x-amz-cf-id: 7lXO8tY61-p7W9uM6wn9HFCS_FaQPkmpcXbDvnmeArka_ZDVAlnL6g==

GET
H2 200 AUtfMytXXxY8IwZeGGN4LAdXdm9YAlExIwRWFjE5TwBJKD5PAEl3ekQCXHUITwBJMSMEBE1jeSgXS3YyXA-ZQY3haUwk2Jg9FHCQhA0ZcdAxfAU5oeVwXS3ZiAVoNKyZPADpjeFpeEC0vTwBJIS8JWRZvb1gCGi44BV8cY3gsA0h2ZFocTHJyWxxIdnpPAEk1KwxT... Show response
d3oy68whu51rnt.cloudfront.net/sSmoyeUYpBVwfeT4DVkR/f18FTX5sAEEWKDpXVkoEPBkEOicvBVUfMyAuRV8yMA4PSWAmC1wee2wPXBp7e0xTHSR3XhQNNiUBDwgpIQ9XEzU/ Frame 5BCA 884 B
885 B 155ms
155ms Script
text/plain 2600:9000:2250:1c00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/sSmoyeUYpBVwfeT4DVkR/f18FTX5sAEEWKDpXVkoEPBkEOicvBVUfMyAuRV8yMA4PSWAmC1wee2wPXBp7e0xTHSR3XhQNNiUBDwgpIQ9XEzU/AUtfMytXXxY8IwZeGGN4LAdXdm9YAlExIwRWFjE5TwBJKD5PAEl3ekQCXHUITwBJMSMEBE1jeSgXS3YyXA-ZQY3haUwk2Jg9FHCQhA0ZcdAxfAU5oeVwXS3ZiAVoNKyZPADpjeFpeEC0vTwBJIS8JWRZvb1gCGi44BV8cY3gsA0h2ZFocTHJyWxxIdnpPAEk1KwxTCy9vWHRMdX1EAU9gP1cD
Requested by: Host: yiddiquitejuk.com
URL: https://yiddiquitejuk.com/OTEwVXVYU1M4SlgMUnMAS10NcEd/FAITEQpeSWNNTllFYERLX0R7FlVeRTETS15eIVtXVERwR39CYzgaQFRlDAV7Z0czEG0FdAMeaxQCExMICXYBLQxCcRAwbnp0JS1vWl8QJXtadRocWkdyAyBffEkUAGtnCCw4eAVgBiJ4XHNkAlxUAiIlYXNAYhAJSWQdJmsCaD0kd39ZADd9RlclPGgIaBAPbBQCEzRsRVYYDE1paC0sAXhHDxB+dn5hOXhVaDEYAGhxOTBBeEcHIn9bdWAhTnN6HjEMYXEQGQpUWwQ2YXllHCFOc3oYJnR0chBEU1RjMi1qAmksLXgcagQsCllRAAJSA3oyTH95cwQdeAFqNhF4SVYUIAxeVQMCYWIDDxx4Z18bPkBrYBQxSVtVEwVcdHNlA21Gch88agl6AidjR1JkEnp2WWFBe2cINiwKVkMURVEDahMaWmV4HwxuSUgcEVdBYBQwUgB7Ig1tcklsA255YhgRYQB1FCAAVmBkFn0XWiYaV0ENMUZ7R0NjNlhUXzITTFt0Ig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bf29fb57340e72bfbe7bf0152fd88d5c7404acb5698d45314c02d072a75df4ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yiddiquitejuk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 607
x-amz-cf-id: 3EXgQqwC8RA5O2raZd3ph6YvEgoH1MhXPQqXdPIKJ9NV9enGSJktIQ==

GET
H2 200 RlRmEi-YTCjMEMwENPwdzUSBjQGFNVWBWZFNOPRsiDgpzQRVGVGYfPwgDc0FmBAM1GDlKQ2RDNQsUOR4zRlQQQmdTSGZdY1deZ11nU1ZzQWYQBzASJApDZDVjUFF4QGBFE2tC Show response
d3oy68whu51rnt.cloudfront.net/xVnNWY2Y1HDgFWSIaMl5fY0ZuVVNwGSUMCCZOIzFWAAMmCTEQRBdFEiwXa1NAOhI4BFtwFjgAW2dVNwcEa0dwFxY5GGsWCDIWMAoIMxdwFgdrHjkZDzofN0ZUEEZ4U0NkQ34UDzgXORQVc0FmDRJzQWZSVnhDc1Akc0FmFA... Frame 71CB 763 B
797 B 167ms
167ms Script
text/plain 2600:9000:2250:1c00:3:62b:d240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oy68whu51rnt.cloudfront.net/xVnNWY2Y1HDgFWSIaMl5fY0ZuVVNwGSUMCCZOIzFWAAMmCTEQRBdFEiwXa1NAOhI4BFtwFjgAW2dVNwcEa0dwFxY5GGsWCDIWMAoIMxdwFgdrHjkZDzofN0ZUEEZ4U0NkQ34UDzgXORQVc0FmDRJzQWZSVnhDc1Akc0FmFA84RWJGVRRWZFMeYEd/RlRmEi-YTCjMEMwENPwdzUSBjQGFNVWBWZFNOPRsiDgpzQRVGVGYfPwgDc0FmBAM1GDlKQ2RDNQsUOR4zRlQQQmdTSGZdY1deZ11nU1ZzQWYQBzASJApDZDVjUFF4QGBFE2tC
Requested by: Host: yiddiquitejuk.com
URL: https://yiddiquitejuk.com/SjI5SDgrUFolBysPW25NOF4EbQoMFwsOXHldQH4APVpMfQk4XE1mWyZdTCxeOF1XPBYkV01tCgxKbyZ2HWsLEQkCdl4Obxl7WAVUf1RgeGI/ZG8GTw1hbAV7CWh2AUIMZXgJdSdxbQ1pGHBdDn0jRWEpCQRzdiBxfnB/PE8MWF4Jb3hWbwZPKXdYeFw9dEERDQ11Sh97DntuBXkle3QwXD10XixKAlhSEnwwXV8GCBBnfA1ifmcJBlMbAQ0dfDBVYQdqG2RaeH4ndmsCQhtlYxtuJFp9KwkLWVp4fid0eHAMGGVzD24YYG4SfgdXYA1cbwB/GlQYX3whFRNmeiJ1D39ODXYaRV0ybRlwUxl/DHxvH3odaH8GdxpgSiF8LUJDGWocdW8PYSxiTi98KQJ/JXoLfwgPfCZ5aHpqDnxoO20FYA0yaiZjaBlVLmZqD2IuawgsXRADCCZte2hDGW8TY3syeRl4eDh8EHZvIm0MdA0Zfwh0fHpMCRRTO1ckQgQ9anpkSThSHXQOCQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 42a3aec6ba283881fd69ed635bb3b416e6693143808e6bb3840968c5aafcce3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yiddiquitejuk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 520
x-amz-cf-id: VRIsZbcBzb9AdXeZ6b4B67Py6tfEuGmDMzMJ-t9Wmre2u4Ffu4AZOA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
606 B 211ms
50ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=robloxscripts.net&callback=_gfp_s_&client=ca-pub-2249257918045069

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18f321857d364526ba0956845a681c97cc2ac87502d115c0c427fad2df023a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 182ms
50ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 166ms
50ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C36 155 KB
44 KB 1122ms
1121ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1676741756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875406&bpp=11&bdt=585&idt=303&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2150032010921&frm=20&pv=2&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d390e8fe2c05fcc9d1cf3a946e0e6e3eb87ab1e9815ea2853e8766ecd2ea098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44827
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:56 GMT
expires: Sat, 18 Feb 2023 17:37:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F05D 92 KB
33 KB 746ms
745ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875417&bpp=3&bdt=595&idt=328&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WrCGCeKHeo&p=https%3A//robloxscripts.net&dtd=336

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4046e9e67f20139d1c13546aa8dcc591f191b25466fe9a7b5c0881c82412073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:56 GMT
expires: Sat, 18 Feb 2023 17:37:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 popunder.gif
ylasthepoityelthenl.xyz/ 35 B
416 B 13ms
12ms Image
image/gif 172.67.221.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylasthepoityelthenl.xyz/popunder.gif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: public
date: Sat, 18 Feb 2023 17:37:55 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 23:23:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 152060
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkygXrvOZKYBGQUNLelwLPXNc%2FAyP%2B%2FIY9gow1d%2FznrudXLgHzCvfz7dPSkIC6%2Bxm8y%2B296f%2Bl%2FWMUvrCfwD8CWeUcGiDpTWsxbogkYvUhM%2Bf3dppiVaI2okwOJZoIUC7B75xzvYajhfUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 79b88893e91a2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame F05D 10 KB
5 KB 148ms
29ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875417&bpp=3&bdt=595&idt=328&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WrCGCeKHeo&p=https%3A//robloxscripts.net&dtd=336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 15:11:08 GMT

GET
H2 200 bc63e283f37018142f1a6ba7254ba7c6.js Show response
www.gstatic.com/mysidia/ Frame F05D 10 KB
5 KB 148ms
30ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc63e283f37018142f1a6ba7254ba7c6.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4610
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 12:40:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F05D 8 KB
1 KB 135ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 16:54:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 17:37:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F05D 2 KB
846 B 30ms
29ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 12:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:34:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame F05D 22 KB
9 KB 114ms
30ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 02:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 02:41:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F05D 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame F05D 20 KB
8 KB 117ms
34ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F05D 156 KB
48 KB 203ms
83ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:56 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame F05D 34 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 06:49:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F05D 0
0 73ms
73ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9K1W8wzxY87bMJKZ7AOHwpCYDc7p8MxtiOXkn7kRvoq91L8uEAEg_uala2CV-vCBjAegAaTdmosDyAEBqAMByAPLBKoE3wFP0HjQ27t1eVLTHZZovlz_MeVVMrxt_NsETQSeSn2v7_KDEDlXkC8PFiwZ8mfFedQUzjbb-pZhsbzs_Jgndtrb9s28SKDkTGphqLayf2k5s3F7St7OU0udx3adlGF7N4IxRbpuw64S_ejZWjUH_u57uYhSlMVcxMhBgu9ruzojfHu_Ud9WRt0uiGdGS-Z3wFcq4E1bbNYGSZZ9Shfl9QWkVylcLSSmDOMO83bgmqYdGcsgbUA5ff5Yxi1kMLDROboHFGVBbTN5-UnaM2TgiIv1FB-T-yL4ZDSenFHoF9Y7wASHrsPg-gOSBQQIBBgBkgUECAUYBIAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMPqBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYAA&sigh=5h1fVmNJNWg&uach_m=[UACH]&cid=CAQSGwDUE5ymjmZbV8RgRmq7-jSYD2f_klnU5QWE8BgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875417&bpp=3&bdt=595&idt=328&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WrCGCeKHeo&p=https%3A//robloxscripts.net&dtd=336
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Feb 2023 17:37:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Feb 2023 17:37:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7AD 143 B
166 B 29ms
29ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741875417&bpp=3&bdt=595&idt=328&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WrCGCeKHeo&p=https%3A//robloxscripts.net&dtd=336
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:11:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F05D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecfc25acb343f1aa89135acc9dea201fa92daaff8ab02920376a8c69caba31e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

109ms
109ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:56 GMT
expires: Sat, 18 Feb 2023 17:37:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F05D 28 KB
28 KB 110ms
29ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 263867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:20:09 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 107ms
107ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06103fe977eb25ff4cc4379ba8707f128d201cf99d3bd23944c9b398f7d273a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52069
x-xss-protection: 0
server: cafe
etag: 2746025458981392438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
62ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-2249257918045069&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 53ms
51ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
50ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D70 96 KB
34 KB 466ms
465ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bde5c9cc522d5296a9d7fb914821bf4d87440f6a93cb1a0eed73790a160def5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35269
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
62ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-2249257918045069&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230215_093955&sat=1676737185116&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=1&mdns=0&alldns=0.235&allp=7&fd=(0%2C7%2C5)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2381&abl=false&rr=n&su=robloxscripts.net&pvc=781475746750970&r=0.1&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
61ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-2249257918045069&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
59ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
51ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame 854F 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 22:59:42 GMT
etag: 10353107486223812946
expires: Fri, 03 Mar 2023 22:59:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 94CF 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:56:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 854F 4 KB
732 B 51ms
50ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 15:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 854F 205 B
229 B 29ms
29ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 15:37:52 GMT
x-content-type-options: nosniff
age: 7205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Feb 2024 15:37:52 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 854F 604 B
628 B 32ms
31ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:26:05 GMT
x-content-type-options: nosniff
age: 712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Feb 2024 17:26:05 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/ Frame 854F 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 03:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 03:51:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A618 8 KB
895 B 53ms
53ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 15:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame A618 2 KB
765 B 30ms
29ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 12:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:34:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame A618 22 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 02:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 02:41:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame A618 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame A618 20 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A618 156 KB
48 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame A618 34 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 06:49:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 433A 143 B
166 B 32ms
29ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:11:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 433A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
65ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
expires: Sat, 18 Feb 2023 17:37:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 28F4 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:56:18 GMT

GET
H3 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame 9D70 10 KB
4 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 15:11:08 GMT

GET
H3 200 bc63e283f37018142f1a6ba7254ba7c6.js Show response
www.gstatic.com/mysidia/ Frame 9D70 10 KB
5 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc63e283f37018142f1a6ba7254ba7c6.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4610
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 12:40:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9D70 8 KB
895 B 53ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 16:52:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9D70 2 KB
765 B 29ms
29ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 12:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 12:34:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 9D70 22 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 02:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 02:41:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9D70 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9D70 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 10:57:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9D70 0
0 50ms
50ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkJg2Z7VkcId3Fu1b-3aBy8nL5jXdjlyI9AgPpw5BS0FavpvhdR9wZOeB5gFzxei3EYbGiHqlGKhyU5A2yOFDIiBgdAg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D70 156 KB
48 KB 74ms
74ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 9D70 34 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 06:49:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D70 0
0 70ms
70ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGfCJ9AzxY9qoOumu7AOT1Y2QBc7p8Mxt9tPftIkR5bDOq8kdEAEg_uala2CV-vCBjAegAaTdmosDyAEBqAMByAPLBKoE2QFP0MT5dxDETYIG89mnemj7Kkxs6S7M7CSUBm2KgNUNUlYZydzLUrjv9ZNWIWH-saIOEi6wP4JzB3rf-UiKtwCl-A_5GZOe8K9eCdbcaWh-zFN7UUPBl18uVscathwR7U2yNckZTq59Y8agNycw7uVWoF2lEEkU8s8L26iM0ouBvtOR1URCdai6n_b8V5yx07Mha8gf5Zmc8jWykUiADX5Dp4eNDR9x9KQjYG92LtfLhmtHPLeYCFwNLhjJPjWIFmDi_IqXKj6ZgGNWsuc8psFZmHoC2yoVOjOOwASH5o-hmwSSBQQIBBgBkgUECAUYBIAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPjRAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYAA&sigh=VBT8WtcHHL4&uach_m=[UACH]&cid=CAQSOwDUE5ym64yhztHKBWrESUqMalm_zPHRi9Gf1kyaXjyaMFb1XV-c_mZP2bqAMsWWdDtQ7tSIK2Fr1h8jGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Feb 2023 17:37:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4139 143 B
166 B 32ms
30ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:11:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 71A3 1 KB
643 B 30ms
29ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 10:57:40 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 10:57:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9D70 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cccee9b99bcd4ea61d3099bccd5f7ce5ef88767be0ba5a0550080bedd9acae29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 71A3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMl...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStD...

43 B
418 B

215ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79b888a06f29904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 105
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG1a4UU0FLuauZJuKTCgFS8&google_cver=1&google_push=Aa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-Uo9AX2mJTIwFHOHYSv5Nr_qYF2P0jFX7tukYtMELshwDteIbbO2YCt8waO9EgHqvsfIFW8msMdvI4RWbaZGEKz6eZStDMlGBl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79b8889f0d86904f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 71A3 70 B
265 B 136ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBp5mNg7jvYA-N7jdSbspE4&google_cver=1&google_push=Aa02lx8AvTeOA0-OLhUUoHJZbirnylX3hwoQYIJcC5Aj_X31ldNH4gkhFqFOaexK6v4PfxoWX2Iz1aC8zTH7lyHF8C0omkmcx7Kbnek
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 71A3 0
173 B 90ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFUFPLdr0TMnwqJjl_RxG-c&google_cver=1&google_push=Aa02lx-FUNElQZIfMbnp4fhKTbyrA7YhQZyFFcuRyOOf5gpYJ_8OUE3iXCKwIbF2qSRdRLVE64s6GGP9jaKH7GZhrT7Ktc4JTbXS7RYP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1676741756&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741876901&bpp=1&bdt=2079&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D161e2b01bd319d05-2201bfeec1dc00f1%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw&gpic=UID%3D00000bb8e4744f09%3AT%3D1676741875%3ART%3D1676741875%3AS%3DALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg&prev_fmts=0x0%2C1200x280&nras=3&correlator=2150032010921&frm=20&pv=1&ga_vid=1365943002.1676741876&ga_sid=1676741876&ga_hid=1218429200&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2091&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071642%2C31072386%2C44779794&oid=2&psts=AD37Y7vI22FrUeE0pnOpTqLzw6IkSfu5Cam_4AAs-kqV4Gemj5NYMujVEfu9DiX905PvfJkRMaHAKDoC3nw0Jw&pvsid=781475746750970&tmod=716290485&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=E0uUQpSGAR&p=https%3A//robloxscripts.net&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71A3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOuhjpU8L4PdrpWZVguBaPg&google_cver=1&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOuhjpU8L4PdrpWZVguBaPg&google_cver=1&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMjA5MDAxNzQ0ODc5NDc5NA&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dS...

170 B
232 B

76ms
76ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMjA5MDAxNzQ0ODc5NDc5NA&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsxMl6TEI-C16YulreYGumE9fA

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjUwMjA5MDAxNzQ0ODc5NDc5NA&google_push=Aa02lx-rzitL6qNTm3EKC083z6Va3ia9t30GZC4ArijNxQQ17OP59QSRstK_9WIzeMLIYsnHjMQ2dSsxMl6TEI-C16YulreYGumE9fA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71A3
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOKe_0ofDbM83q9p1VOqCRM&google_cver=1&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOKe_0ofDbM83q9p1VOqCRM&google_cver=1&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQds...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC

170 B
232 B

58ms
57ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_W9kUz7Uz9lEqgcQc4CCilsPUASo949C2seDeFLClklkZmvKpZGOGgrQwyMUF3QOYDk-0LHlQ4EWFth0DpRqQdswZswnAn7rBC
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71A3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAZvvt6yTmeFvK3KZGuH5yg&google_cver=1&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obD...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAZvvt6yTmeFvK3KZGuH5yg&google_cver=1&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obD...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_&google_hm=GLahrGZHYhzKjjVdQq...

170 B
329 B

63ms
54ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_&google_hm=GLahrGZHYhzKjjVdQqesC9SM

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 18 Feb 2023 17:37:57 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx98YWj33O_jVt7kAsQvkOJ5Vi_8PYYJXY0Q6RtP85n0pQXwwHIs0fUM6z_gGf2F4sX4xhyZlhUlt_O6X9obDhHs_BAfdPvonrh_&google_hm=GLahrGZHYhzKjjVdQqesC9SM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 71A3 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 71A3 0
139 B 169ms
50ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5Nd5scedB4jmM45-hkhUywdBcBrC00GceDzEeYVXekz-4uzi7FQ4c4prjqmbO_xryKjS_LQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4139
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
68ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
expires: Sat, 18 Feb 2023 17:37:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9D70 28 KB
28 KB 30ms
30ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 263868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:20:09 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
48 KB 179ms
179ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1667520834

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c5d4414e1aa824a27008569c907940c2529d16290992525e690c49efc618c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49516
x-xss-protection: 0
server: cafe
etag: 10042832454708070099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 76ms
75ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73fc5cd6149cd9d4c7437963ea35fd4381e5641764e75477f9b96612bb782ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11227
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C4A 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:56:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 92ms
91ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DC1 13 KB
5 KB 30ms
30ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 110499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 10:56:18 GMT
expires: Sat, 17 Feb 2024 10:56:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5FB 783 B
535 B 58ms
54ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d8d3a9a8145d2c436098a5f7fd816bfd1d22846c3c79a037a5d08a0e4ca6352

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ziJ8z3SiYewV-Tg59CXaIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ziJ8z3SiYewV-Tg59CXaIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:57 GMT
expires: Sat, 18 Feb 2023 17:37:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DC1 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:56:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5FB 0
0 62ms
61ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=781475746750970&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5DC1 0
10 B 30ms
29ms Image
text/plain 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MIthNQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F05D 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDDRA2DhoAqqwcISBmD711Z5kHp7CtgfU2IfTbXS2fkgrXaKURqg3_CwgywUly4tgAPnOAZ_2c5LBq7GLu34pggrP2eoGWzoVmZ_k9Gn_5-LUMiCkj8iBOQ5jzQaWYf8x8lLtzDA&sai=AMfl-YSEClmroAKGeTOj7MXCgJRZMgGZEKoL8yY5MjboAXfuKVunuxs1kN8qCYztTgYBxOJxYbxE9ZlDW6-A&sig=Cg0ArKJSzAg_kMuz1fwdEAE&cid=CAQSGwDUE5ymjmZbV8RgRmq7-jSYD2f_klnU5QWE8BgB&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2904063243&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676741875754&rpt=1286&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
64ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=781475746750970&bg=!NTalNmLNAAZYlHKzeJQ7ADkAdvg8WpWk1HCuCuTwFCJuo9jnaphzKARx0r0sVK_0IYVdrZcGHYUq3czHy7j2ievWBUmDsDdGELACAAAATVIAAAADaAEHmQKmvYjkVrpMgCitmMyLQ_m1lM-g9av80tArOp2vYRmWccQU9gq66CCY8XhgWhjlx-7zBR1c3O8HPnSqZW1yxSpm10DM3ccGuwJVMm1cXy8FeiCie-WwO8fCRpA_O39-Dd4O9O-Zwr38zJ0ZTR9MJLF3mQWy_ScT4yTdS3wAd4nN_T0I_pllDCxsVdHm47b0yNrV9_1xZYiZ21nIBEa4xbcORNCoHnEwiJqmX-tv8TUAljjp_EI68jg5N7PsdSj9oQlIlv04Px-AKMz4JN0rRAlrILBMXuaucYOSCxVVO-4bhLEAriJ2m8mqjv2qKGJWgD9lIswSxSQkcPDL_80kFr28rkv6YgV_gxdH0p1y3iEUdMQ1YEuDfHQwv9uWwWH7SlIC4w4O8odPLg-scN0bAuMXsnO61zLtOZI4QgrbLD6NGo5JkhX4GBr0ISBLZp8nmyx_mWA6ex7GGYMJHbj_B-TNf6qbmBGLf6Rr1f3ky214cEWdn0NsseBFXZqWy7TpzMPoS8DNg34OTeyByaEm5jkNY24F4aBIsXdcF6kvf26UoR4Q8caugZrlVZMyV3Pm9A40Lb-dtkMh3HVqT58URgtw6dzhkoz5CJRp81525hCOxWeZTw_hM_WtxJC9eOoffOx1g3CyV_8KUeEZPJxeBcYYkyK8UA7brWSPtVmGQ9-Qf0cHTssrsHNf8Lb5D7ds3kWZ-z88nzin_7uSYvvOjF408QUWqKPgESw_b0ZZPGIcN8-dImLkSwM6rMaclLvukSkD0jz3a2--W8ZEgrG0dIrUiagOBnryT_54bbXrYH4zVJzne7pXqxYqyveNMOE1Iqtm02Xa-Tr3gU21IXdW36nirSX7uF-kxrkAU1RHk1Joyr7W8W08w0veSZ02UlA2joj_Z8dBd9Xj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 7ms
7ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.354&largest_contentful_paint=958&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=9800&host_name=robloxscripts.net&url_path=%2F&nt_fetchStart=0&nt_domainLookupStart=1&nt_domainLookupEnd=16&nt_connectStart=16&nt_connectEnd=31&nt_secureConnectionStart=22&nt_requestStart=32&nt_responseStart=183&nt_responseEnd=251&nt_domLoading=186&nt_domInteractive=756&nt_domContentLoadedEventStart=757&nt_domContentLoadedEventEnd=759&nt_domComplete=3060&nt_loadEventStart=3060&nt_loadEventEnd=3063&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=557&first_contentful_paint=557&resource_size=864825&resource_transferred=217481&js_size=395908&js_transferred=127810&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 18 Feb 2023 17:38:00 GMT
cache-control: no-cache
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOq6zrslsAIX7yk5m5jvKbs&google_cver=1&google_push=Aa02lx88gy63c8kdOsyePAeIhAdgmPv9uaxpT3lybbX4Q7TpQUUT10cwFp75ZOWZdPiG_VkyNoPtoyfet9ezEclow240uJT_Jq2_A2DX5A

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1970-01-20 09:45:43	Name: __cf_bm Value: nvsD1V7GY2p1NDJUHdJNcJ_WfCMOkva6.rLFl.Bivqs-1676741875-0-AVjMxTLql4gjX6ZP8i7dhL5VgFKrutlkeP8Xv2q+8+DGzIT8+/y2DbYeYDLcTypK02pNuCDaGVx6QWWtRa/NZk0=
pogothere.xyz/	1970-01-20 18:24:05	Name: csu Value: 870150044716476@1@1676741875
.robloxscripts.net/	1970-01-20 19:07:17	Name: __gads Value: ID=161e2b01bd319d05-2201bfeec1dc00f1:T=1676741875:RT=1676741875:S=ALNI_MbCP9vLTteEb9S7R7Yn9i9TYE6BCw
.robloxscripts.net/	1970-01-20 19:07:17	Name: __gpi Value: UID=00000bb8e4744f09:T=1676741875:RT=1676741875:S=ALNI_MYlLg_nufR59rMIqAJEeo6sF98Ljg
.doubleclick.net/	1970-01-20 19:07:17	Name: IDE Value: AHWqTUlm9gMp4EpjXnDRxQjIycHoe17VjPZ8zXYy9gIWUqa0JA4pQlJY42fHCDV78KA
.doubleclick.net/	1970-01-20 09:45:42	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:45:45	Name: DSID Value: NO_DATA
.lijit.com/	1970-01-20 18:31:17	Name: ljt_reader Value: GLahrGZHYhzKjjVdQqesC9SM
.blismedia.com/	1970-01-20 18:31:21	Name: b Value: 63F10CF5FCF8F113781FD2A8BLIS
.adform.net/	1970-01-20 10:26:01	Name: C Value: 1
.de17a.com/	1970-01-20 18:24:05	Name: guid Value: 1.5217694857880973141
.adform.net/	1970-01-20 11:12:05	Name: uid Value: 2502090017448794794
.tribalfusion.com/	1970-01-20 11:55:17	Name: ANON_ID Value: acnseFr2PKdFuYnRYa723WVlZagZdLo2axo7AHlVZdaLn9uqnTuNOSam6YZcavShHZcCPvEsogk3VTqPy3yZd0mGC9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S537783395%3A1676741875463108&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdfKhGt8ONQXoiCI5R7JXukuEJxsQW_GYiB4gb2BLpqFtXDRiuWEQCA_1t9lw166npiYpniEA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-939432337%3A1676741875567835&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpEc_lDxwsd0TmeC671pzM1Ec9_dPMdvPay2YcSnTiumGeGKeyRD48W3fBn3xSEqnMSo-GkA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOq6zrslsAIX7yk5m5jvKbs&google_cver=1&google_push=Aa02lx88gy63c8kdOsyePAeIhAdgmPv9uaxpT3lybbX4Q7TpQUUT10cwFp75ZOWZdPiG_VkyNoPtoyfet9ezEclow240uJT_Jq2_A2DX5A Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
accounts.google.com
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cdn.discordapp.com
cm.g.doubleclick.net
d3oy68whu51rnt.cloudfront.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i0.wp.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
pogothere.xyz
robloxscripts.net
s.tribalfusion.com
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
tr.blismedia.com
use.fontawesome.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
yiddiquitejuk.com
ylasthepoityelthenl.xyz
googlecm.hit.gemius.pl
142.250.180.194
162.159.130.233
172.64.133.29
172.67.221.62
18.66.112.119
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.139
213.155.156.165
216.52.2.16
2600:9000:2250:1c00:3:62b:d240:21
2606:4700::6812:19ad
2606:4700:e2::ac40:850f
2a00:1450:400d:805::2003
2a00:1450:400d:806::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::200d
2a00:1450:400d:808::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2002
2a03:2880:f12d:83:face:b00c:0:25de
34.96.105.8
37.157.3.29
52.223.40.198
06103fe977eb25ff4cc4379ba8707f128d201cf99d3bd23944c9b398f7d273a6
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950
0692145ea483805b728812a688cb83acd50d7901db6ebbe897276c8734b9a617
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d390e8fe2c05fcc9d1cf3a946e0e6e3eb87ab1e9815ea2853e8766ecd2ea098
10284d1cbc20a5e57200ad0d9b2c9adb0d20d70ab5ca7cc172d06d62d5d5a3ad
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
121026c2787b77772e1020b4bb8b7ed405811ee0baa42010197fb33bda0bbd9c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f321857d364526ba0956845a681c97cc2ac87502d115c0c427fad2df023a34
1995d935c3a3de4ce9fe397f5a5e0384fc241d4b96672c9370507b8a40f07f1c
1f0d89deb0987bf17b220f785d6da4b01ece65b5fde6ff6b5184dd99a3559e5e
20a4654ac8f3086f29558d7c43cd184c5435fb7cadd0c62546fdb91f0bbe7133
2611a993aa287656517ffa657d6b069b66e5241ace487685dd71f0a0c3ee9871
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8
3e4e0661754c7dbb020555993cc6cdcf0dd1252c769fc794f45d8fdbea0ed926
40fb4a383de1716b0c949e012e98335d1b660f5f5e783f256ace37634c63e81d
42a3aec6ba283881fd69ed635bb3b416e6693143808e6bb3840968c5aafcce3b
446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387
49eb0df06986c87632fe31c6ac13a719805e89265e7309437883edf93412eebd
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d3d6ae9b48be85002f025a9873817aff6536e22926fc7b45ae8f14d5340f78
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cea0acfdce9d6f11f970dc6242c26b6f27de4dfa806876b0a4aa5695b35271e
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6b777ab2af34089c7c32da0dcb6e7633a5fc3282f8b01ec452be1a77537489e1
73fc5cd6149cd9d4c7437963ea35fd4381e5641764e75477f9b96612bb782ceb
765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045
7858ad2456f859aa783d5569eb7f66a3b564387698375d1c9b9cf52ba234e545
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d8d3a9a8145d2c436098a5f7fd816bfd1d22846c3c79a037a5d08a0e4ca6352
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e399ef631146d63ba8cd88c340de531729da45a74b645d1dcc253ec14ec3581
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8650062d222876f20382a71f9de6919c5f267a8f9d22ac64085339e5d08d655d
8bfcae1ea5b37754d1e12d717b79b5c94e89d4a56d811352e6aa62627b15bfce
8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e
8c5d4414e1aa824a27008569c907940c2529d16290992525e690c49efc618c6f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8026c13312e6d7e4ab8d134083adc5dffaa5ae6ffcf677cfdda12e65477d1d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bde5c9cc522d5296a9d7fb914821bf4d87440f6a93cb1a0eed73790a160def5
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a687d0929f9fa9781cc1d8a7a19cb8528d352a4ba9d82f20c82479e472ca18ca
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
b0f08abf550588ea67e8871aa2511b5e3aae4b22f00f463c15a40a2fb1e5ac01
b9fcec9df5b9600686c48aa086385b8260ae7273e21087670c5193db5c349309
bbfba6460d76edfe77d78118eeaceeff359cd8be859257785ad4ada4341af03b
bc826d007b30995cf3550dd221e0c21f01e39e531b77387d944196343ee4d95a
bf29fb57340e72bfbe7bf0152fd88d5c7404acb5698d45314c02d072a75df4ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c8e270f884a1080449fd94fff76b3fb4005a6eca394ed260ad8b686475a751e6
c9158280b728a98cd84d5039eda1199918d5008ed2f3bb9a5df6b80a32b86de2
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cccee9b99bcd4ea61d3099bccd5f7ce5ef88767be0ba5a0550080bedd9acae29
d4046e9e67f20139d1c13546aa8dcc591f191b25466fe9a7b5c0881c82412073
d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75
e4dd66e06d6612de950a6f120561c9630f63f0d81ad95c6c7a5405cdd2dbd491
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb036bba36e01f3afcb6f2875c75fecf2e0e5205ee8a33bf55606fcbda1bb0ec
ecfc25acb343f1aa89135acc9dea201fa92daaff8ab02920376a8c69caba31e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

robloxscripts.net Open in urlscan Pro 192.0.78.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

95 %HTTPS

52 %IPv6

24 Domains

33 Subdomains

27 IPs

6 Countries

2516 kBTransfer

4916 kBSize

13 Cookies

2 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

95 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

27
IPs

6
Countries

2516 kB
Transfer

4916 kB
Size

13
Cookies

142 HTTP transactions
3 data transactions