www.r6loot.com Open in urlscan Pro
52.212.52.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.r6loot.com/
Effective URL:
https://www.r6loot.com/
Submission: On May 03 via api (May 3rd 2024, 1:17:10 am UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 6 domains to perform 51 HTTP transactions. The main IP is 52.212.52.84, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.r6loot.com.
TLS certificate: Issued by R3 on March 13th 2024. Valid for: 3 months.

This is the only time www.r6loot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	52.212.52.84 52.212.52.84	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:f400:15:1def:a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:272... 2600:9000:2724:e00:6:ea06:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a04:4e42:600... 2a04:4e42:600::720	54113 (FASTLY) (FASTLY)
10	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	18.235.190.72 18.235.190.72	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
51	12

12 52.212.52.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com

www.r6loot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:f400:15:1def:a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

r6loot.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:e00:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42:600::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.190.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-190-72.compute-1.amazonaws.com

r6loot.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646	71 KB
12	prismic.io r6loot.cdn.prismic.io static.cdn.prismic.io — Cisco Umbrella Rank: 17564 images.prismic.io — Cisco Umbrella Rank: 13964 r6loot.prismic.io	189 KB
12	r6loot.com www.r6loot.com	706 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	232 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	gstatic.com fonts.gstatic.com	21 KB
51	6

	Domain	Requested by
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	www.r6loot.com	www.r6loot.com
9	images.prismic.io	www.r6loot.com
9	pagead2.googlesyndication.com	www.r6loot.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.googleapis.com	www.r6loot.com
1	r6loot.prismic.io	static.cdn.prismic.io
1	static.cdn.prismic.io	www.r6loot.com
1	r6loot.cdn.prismic.io	www.r6loot.com
1	fonts.gstatic.com	fonts.googleapis.com
51	10

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
airtable.com

Subject Issuer	Validity	Valid
www.r6loot.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.cdn.prismic.io Amazon RSA 2048 M03	`2023-08-16` - `2024-09-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
images.prismic.io Certainly Intermediate R1	`2024-04-17` - `2024-05-17`	a month	crt.sh
*.prismic.io Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.r6loot.com/
Frame ID: 2291A226C459AE92EE8A7587EF6129D6
Requests: 45 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/zrt_lookup_fy2021.html
Frame ID: E77473107BF212DB92A8F330EF551ECB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7999445332437196&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1714699025&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.r6loot.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025078&bpp=26&bdt=148&idt=97&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7602750150788&frm=20&pv=2&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fsapi=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=131
Frame ID: FCDF7A415C41AC804C2E123B807FCD3A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7999445332437196&output=html&h=280&adk=996700658&adf=150841471&pi=t.aa~a.2075287690~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x280&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025104&bpp=3&bdt=174&idt=133&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=140
Frame ID: E1DEB770F1F6089DF018827D2D3787CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&us_privacy=1---&gpp_sid=-1&client=ca-pub-7999445332437196&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x90&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025554&bpp=1&bdt=624&idt=-M&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Dc864184bddbe43e4%3AT%3D1714699025%3ART%3D1714699025%3AS%3DAA-AfjYuksvRktSAyXs_nfYavkP6&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=209
Frame ID: 58FB7961A1ABAFBF700E46D07E95542E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&us_privacy=1---&gpp_sid=-1&client=ca-pub-7999445332437196&output=html&h=90&adk=497989681&adf=3575527047&pi=t.aa~a.1154906089~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x90&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025554&bpp=1&bdt=623&idt=0&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Dc864184bddbe43e4%3AT%3D1714699025%3ART%3D1714699025%3AS%3DAA-AfjYuksvRktSAyXs_nfYavkP6&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=217
Frame ID: B22C3FDEA0B25EF1E9678154FF133558
Requests: 1 HTTP requests in this frame

Frame: https://r6loot.prismic.io/prismic-toolbar/4.1.0/iframe.html
Frame ID: 8E01513D1DB74020F3F4AF7F0CBB2A8E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 282BEC7316DD6FB2B1912BD9D1BAAD03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News | R6 Loot

Page URL History Show full URLs

http://www.r6loot.com/ HTTP 307
https://www.r6loot.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

51
Requests

98 %
HTTPS

64 %
IPv6

6
Domains

10
Subdomains

12
IPs

3
Countries

1222 kB
Transfer

3538 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/r6loot
Title: support R6 Loot!

Search URL Search Domain Scan URL

URL: https://airtable.com/shro6SqrMnu0j22y2
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.r6loot.com/ HTTP 307
https://www.r6loot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.r6loot.com/
Redirect Chain

http://www.r6loot.com/
https://www.r6loot.com/

289 KB
48 KB

200ms
91ms

Document
text/html

52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 98ace1f1dfc2e198d2ee2ee420bc239157bb45f6018c24a4d5d0c95cbbc266be

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges: none
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 03 May 2024 01:17:04 GMT
Etag: "483da-q8Xl3KuogQen+xles5EstSiPLQE"
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699024&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=2KuEaa6Cwuqgpo6sZtW4wFT19WQ%2FHhJAQQnSsEWEieo%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699024&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=2KuEaa6Cwuqgpo6sZtW4wFT19WQ%2FHhJAQQnSsEWEieo%3D
Server: Cowboy
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur

Redirect headers

Location: https://www.r6loot.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300|Roboto&display=swap

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cdfae3f3c3ffed9b62c1087df5ab6e25b43acc11622b9d32245277389a0c8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 01:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 01:17:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 01:17:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
2 KB 46ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans&display=swap

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50656ce00cd943d9221f4d1f4a12a928f4023a094cee75b73de9c4e434ba0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 01:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 01:17:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 01:17:04 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 56ms
23ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

617c6d0b44a0ce0807875ff80a6127df14a4d35de0140f2113f8ea7ba6392ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51752
x-xss-protection: 0
server: cafe
etag: 14044290532874918436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 03 May 2024 01:17:05 GMT

GET
H/1.1 200
OK 855fd56.js Show response
www.r6loot.com/_nuxt/ 3 KB
2 KB 78ms
30ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/855fd56.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: d603f8eb21d58c8aa41d72ad3f9e922af315274f3326d06e9cb7d23d2026301b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:04 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"a1d-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699024&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=2KuEaa6Cwuqgpo6sZtW4wFT19WQ%2FHhJAQQnSsEWEieo%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699024&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=2KuEaa6Cwuqgpo6sZtW4wFT19WQ%2FHhJAQQnSsEWEieo%3D

GET
H/1.1 200
OK e003551.js Show response
www.r6loot.com/_nuxt/ 212 KB
75 KB 93ms
33ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/e003551.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: f643a2d4cf9f199f3bf2e467c5dfebdde0cbe4c8564ef5b60a0a09acfa1e88ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"35150-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
H/1.1 200
OK dc33bef.js Show response
www.r6loot.com/_nuxt/ 1 MB
289 KB 94ms
33ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/dc33bef.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: a30a07d270ee6100ee34064e57bcd3fb25d39fc1c6e354689a0af779c111af64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"14f5c1-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
H/1.1 200
OK 617439b.js Show response
www.r6loot.com/_nuxt/ 72 KB
22 KB 97ms
36ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/617439b.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: fc8906d3f64a64eb974c78fd27eac2f6c26d13353c71c8ff20eb5ee8bc68decc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"120d6-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
H/1.1 200
OK da485a7.js Show response
www.r6loot.com/_nuxt/ 6 KB
3 KB 96ms
35ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/da485a7.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e421cd0516e6690678b6c92380634d827ae63308471cab6b2d6ee6b47d97b12b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"19e8-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
DATA 200
OK truncated
/ 184 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 4UaOrEtFpBISc36j.woff2
fonts.gstatic.com/s/exo/v21/ 21 KB
21 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v21/4UaOrEtFpBISc36j.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

533560ab5ad5c4f2c81404249e7277e57c2ea8e434b5a4965932d93ad5fc56d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.r6loot.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:57:12 GMT
x-content-type-options: nosniff
age: 235193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21400
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:57:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/ 412 KB
139 KB 44ms
43ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7999445332437196&plah=www.r6loot.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8ee00eada4eed96fff4d33b69a2fc0563c38f0096fc512cb05d5ff44e151af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142585
x-xss-protection: 0
server: cafe
etag: 9704915655381300455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 01:17:05 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/ Frame E774 0
0 17ms
7ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7999445332437196&plah=www.r6loot.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 24229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 18:33:16 GMT
etag: 5035419970550746386
expires: Thu, 16 May 2024 18:33:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame FCDF 0
0 64ms
64ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7999445332437196&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1714699025&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.r6loot.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025078&bpp=26&bdt=148&idt=97&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7602750150788&frm=20&pv=2&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fsapi=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=131

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 01:17:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame E1DE 0
0 172ms
171ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7999445332437196&output=html&h=280&adk=996700658&adf=150841471&pi=t.aa~a.2075287690~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x280&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025104&bpp=3&bdt=174&idt=133&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=140

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 01:17:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 v2 Show response
r6loot.cdn.prismic.io/api/ 1 KB
894 B 62ms
13ms Fetch
application/json 2600:9000:2251:f400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r6loot.cdn.prismic.io/api/v2
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/dc33bef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d11bc04c2a74e441b063cecfc74f6ddb171b53b016eceff89aef4415ec786be9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: bDPz4vX0ACpe4zGCpruJXstELrWxZ0dajuCCzqd1zQToHZDQznvDhA==

GET
H2 200 ca-pub-7999445332437196 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 112ms
56ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7999445332437196?href=https%3A%2F%2Fwww.r6loot.com&ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

060f5a7652aa30bd9b8e7abf042b43e557e20585ee572a5ec06e3c7ca560519a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ouFuQam7TnortaInN2Y1RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ouFuQam7TnortaInN2Y1RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAuKdiy-wHgRiIR6Oid8ubGQTuLFk2UwmAH40L58"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prismic.min.js Show response
static.cdn.prismic.io/ 29 KB
10 KB 97ms
1ms Script
application/javascript 2600:9000:2724:e00:6:ea06:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn.prismic.io/prismic.min.js?repo=r6loot&new=true
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/617439b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 429fdbe0956c41be7f220f9e0a991eb989dedb3a7ff24906ec55c132d196868a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:32:15 GMT
content-encoding: gzip
via: 1.1 3f257ae011e1a2ab12346ea11fad9a18.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 12:37:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 81890
x-amz-server-side-encryption: AES256
etag: W/"09bb23ec473fade43e53dc24d63a35d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NIKav4EhZjcOiNWrAbAS3LVt5UImtzv0VfV39RuiEYrwBAnW5FDnHw==

GET
H/1.1 200
OK ccc267c.js Show response
www.r6loot.com/_nuxt/ 22 KB
8 KB 34ms
34ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/ccc267c.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/855fd56.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 5d3e3288b73b8aac6a18b8febc6b36a1a92b5fbf5171a7f502d54e9d1b7a26f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"580c-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
H2 200 63ef7a25-17a8-4791-be75-660d3353075b_cav_elite-min.webp
images.prismic.io/r6loot/ 19 KB
19 KB 95ms
11ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/63ef7a25-17a8-4791-be75-660d3353075b_cav_elite-min.webp?auto=compress,format&rect=420,0,540,540&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ae98cdb009ee7a40e1e000a5f7861076230b765c3ec97ab3fbd26f0c25b9129a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 2554799
x-cache: HIT, HIT
x-imgix-id: c17bfabe29aea0a2ea75b90afcbb98c0d59cfdc6
cross-origin-resource-policy: cross-origin
content-length: 19636
x-served-by: cache-sjc10074-SJC, cache-fra-etou8220092-FRA
last-modified: Wed, 03 Apr 2024 11:37:06 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a7c21437-43b4-442e-a418-0774344cd015_neon+dawn.jpg
images.prismic.io/r6loot/ 6 KB
6 KB 87ms
5ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/a7c21437-43b4-442e-a418-0774344cd015_neon+dawn.jpg?auto=compress,format&rect=421,0,1080,1080&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0422b9ca7903b571a232dc85188ccaf212dbc3b13e78d447e718074a7b21c0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 1424143
x-cache: HIT, HIT
x-imgix-id: 86d006a6cb0ef84d25a5873b58656047aa6b04f0
cross-origin-resource-policy: cross-origin
content-length: 6305
x-served-by: cache-sjc10082-SJC, cache-fra-etou8220092-FRA
last-modified: Tue, 16 Apr 2024 13:41:22 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK placeholder.png
www.r6loot.com/ 216 KB
217 KB 32ms
31ms Image
image/png 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.r6loot.com/placeholder.png
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 8c4316c945193b0cf887e896c49169caa8641a376b1151e8b348bf8cb3169b67

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:13:38 GMT
Etag: W/"35f56-17a3b2684d0"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221014
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

GET
H2 200 2471d0cb-314f-44fc-942b-503a14e0080f_chrome_20-02-05_30560.png
images.prismic.io/r6loot/ 30 KB
30 KB 83ms
4ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/2471d0cb-314f-44fc-942b-503a14e0080f_chrome_20-02-05_30560.png?auto=compress,format&rect=1000,0,638,638&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

c91d9353250fe342f617669e0ba776edaf5df4925c5b71d952601a54bbf0fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 1983766
x-cache: HIT, HIT
x-imgix-id: e5726e9ac7b13b2b56914b77862dfa117e3c201b
cross-origin-resource-policy: cross-origin
content-length: 30728
x-served-by: cache-sjc10052-SJC, cache-fra-etou8220092-FRA
last-modified: Wed, 10 Apr 2024 02:14:20 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 41db722f-3a09-472f-a97d-bd1b65652ee5_r6s-battlepass-header.webp
images.prismic.io/r6loot/ 17 KB
17 KB 80ms
5ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/41db722f-3a09-472f-a97d-bd1b65652ee5_r6s-battlepass-header.webp?auto=compress,format&rect=210,0,540,540&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

d21fbcf6a299285df9e59f2ce1457a5aae96bde404ad82c7b9ec541d61b36fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 4445454
x-cache: HIT, HIT
x-imgix-id: 392192a1d3c1b4d5547e76642b4eadec5bee2845
cross-origin-resource-policy: cross-origin
content-length: 17146
x-served-by: cache-sjc1000087-SJC, cache-fra-etou8220092-FRA
last-modified: Tue, 12 Mar 2024 14:26:11 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bbd43d39-f155-418b-b8c9-20087983a1ab_mute+proto.jpeg
images.prismic.io/r6loot/ 37 KB
37 KB 87ms
12ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/bbd43d39-f155-418b-b8c9-20087983a1ab_mute+proto.jpeg?auto=compress,format&rect=500,0,500,500&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4caf4ee991de857cda06bb8e0a204680303ad2023ac43a7a0acfed6b3ea88a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 2124838
x-cache: HIT, HIT
x-imgix-id: e11f1e4fb9e1cd92964ccf9859498e0fe13dd75d
cross-origin-resource-policy: cross-origin
content-length: 38075
x-served-by: cache-sjc1000109-SJC, cache-fra-etou8220092-FRA
last-modified: Mon, 08 Apr 2024 11:03:07 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2bd32ec1-060d-4fbb-9fea-4a304945e818_operation-void-edge-operators.webp
images.prismic.io/r6loot/ 6 KB
6 KB 87ms
12ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/2bd32ec1-060d-4fbb-9fea-4a304945e818_operation-void-edge-operators.webp?auto=compress,format&rect=182,0,450,450&w=200&h=200

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

42f783447f47f7ea4ec68e0cd89e574053684408733ac82fe3792027671eb2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 18366
x-cache: HIT, HIT
x-imgix-id: 84eaf1d017cd2167c485c6635fa3f1cc9c1f4688
cross-origin-resource-policy: cross-origin
content-length: 6205
x-served-by: cache-sjc10079-SJC, cache-fra-etou8220092-FRA
last-modified: Thu, 02 May 2024 20:10:59 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 8f5eb987-cc56-437a-a8d2-d8c93f55dcc6_rainbow-six-siege-road-to-si-2020-580x334.jpg
images.prismic.io/r6loot/ 17 KB
17 KB 17ms
0ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/8f5eb987-cc56-437a-a8d2-d8c93f55dcc6_rainbow-six-siege-road-to-si-2020-580x334.jpg?auto=compress,format&rect=67,0,334,334&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

746b79e6750d050243f69052f65fdca4361a825185e5a80c1f795b891c6c285f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 1336741
x-cache: HIT, HIT
x-imgix-id: e3dda7ba517dfc76aad26516ccf678ce397d921c
cross-origin-resource-policy: cross-origin
content-length: 17665
x-served-by: cache-sjc1000138-SJC, cache-fra-etou8220092-FRA
last-modified: Wed, 17 Apr 2024 13:58:04 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 d4ec7258-614f-4b92-b8db-cdf48056a2c7_rainbow_six_siege_year_5_pass.jpg
images.prismic.io/r6loot/ 24 KB
25 KB 17ms
0ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/d4ec7258-614f-4b92-b8db-cdf48056a2c7_rainbow_six_siege_year_5_pass.jpg?auto=compress,format&rect=0,0,731,731&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

c9f15f536c34ebd8df38cdb205f0dc5f3da48a3d85d41f6816bf0674e7952530

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 2403466
x-cache: HIT, HIT
x-imgix-id: 5f85bb4cda283ed4192ff2b37f54b14af7e248d8
cross-origin-resource-policy: cross-origin
content-length: 25040
x-served-by: cache-sjc1000134-SJC, cache-fra-etou8220092-FRA
last-modified: Fri, 05 Apr 2024 05:39:19 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3a3c1ce9-a4b3-422d-8a6a-d2f763d9825b_vigi-dok.jpg
images.prismic.io/r6loot/ 20 KB
20 KB 31ms
13ms Image
image/avif 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/r6loot/3a3c1ce9-a4b3-422d-8a6a-d2f763d9825b_vigi-dok.jpg?auto=compress,format&rect=804,0,1080,1080&w=480&h=480

Requested by

Host: www.r6loot.com
URL: https://www.r6loot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5449c444f2ecd73c10c24732a8aca7c376a2f803106068c91e52c36f2e964b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
x-content-type-options: nosniff
age: 4169086
x-cache: HIT, HIT
x-imgix-id: 825c8e72f62cdf79e6b9054b322686604cc1bacf
cross-origin-resource-policy: cross-origin
content-length: 20014
x-served-by: cache-sjc10054-SJC, cache-fra-etou8220092-FRA
last-modified: Fri, 15 Mar 2024 19:12:20 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

POST
H3 204 AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
23ms XHR
text/html 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.dr0v27XM6Q8.es5.O/am=AAM/d=1/rs=AJlcJMynT4VaKhR91h2ZzS--GI-r7ORKdg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-65d1bN4VmJQwn6rECV_PxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-65d1bN4VmJQwn6rECV_PxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh2Pitwsb2QROXL3_nAkAyfgNFg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 58FB 0
0 105ms
101ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&us_privacy=1---&gpp_sid=-1&client=ca-pub-7999445332437196&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x90&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025554&bpp=1&bdt=624&idt=-M&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Dc864184bddbe43e4%3AT%3D1714699025%3ART%3D1714699025%3AS%3DAA-AfjYuksvRktSAyXs_nfYavkP6&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 01:17:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame B22C 0
0 116ms
99ms Document
text/html 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&us_privacy=1---&gpp_sid=-1&client=ca-pub-7999445332437196&output=html&h=90&adk=497989681&adf=3575527047&pi=t.aa~a.1154906089~rp.1&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1714699025&rafmt=1&to=qs&pwprc=7192026247&format=1200x90&url=https%3A%2F%2Fwww.r6loot.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714699025554&bpp=1&bdt=623&idt=0&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Dc864184bddbe43e4%3AT%3D1714699025%3ART%3D1714699025%3AS%3DAA-AfjYuksvRktSAyXs_nfYavkP6&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=7602750150788&frm=20&pv=1&ga_vid=1846187900.1714699025&ga_sid=1714699025&ga_hid=2119369212&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2748&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329718%2C95331982%2C31082144%2C95331042&oid=2&pvsid=1546399053165791&tmod=1193901495&uas=0&nvt=1&fc=1408&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 01:17:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWUx89lI1SFoINW7cSp0yJSlg4myo5kPuXGz8hHLIrTyehGoLz8GF0NnL_j37Xw2wgksusniNCtwrTbQ7jUJ_Z7cWP9NApBWh6bNO5YemcEGPfereWdpF5awPEoj_Zxz_zhIb3-gw== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 49ms
40ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWUx89lI1SFoINW7cSp0yJSlg4myo5kPuXGz8hHLIrTyehGoLz8GF0NnL_j37Xw2wgksusniNCtwrTbQ7jUJ_Z7cWP9NApBWh6bNO5YemcEGPfereWdpF5awPEoj_Zxz_zhIb3-gw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0Njk5MDI1LDc4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucjZsb290LmNvbS8iLG51bGwsW1s4LCJkcjB2MjdYTTZROCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIxNDZdLG51bGwsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f0ce00a114cee9003d1c8fd82eb6c4cd936d0c7d601af9be0834ad228c4ae5a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eCthXk1cyQRimOVINgKHOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-eCthXk1cyQRimOVINgKHOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAuKdiy-wHgTi7-wXWf8DsRAPx8RvFzayCTw4NqeHGQAXCTNu"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.html
r6loot.prismic.io/prismic-toolbar/4.1.0/ Frame 8E01 0
0 313ms
111ms Document
text/html 18.235.190.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://r6loot.prismic.io/prismic-toolbar/4.1.0/iframe.html
Requested by: Host: static.cdn.prismic.io
URL: https://static.cdn.prismic.io/prismic.min.js?repo=r6loot&new=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.190.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-190-72.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 03 May 2024 01:17:06 GMT
etag: W/"003ac4812b9c042ca6c8a9dd9e4cbe83"
last-modified: Thu, 21 Mar 2024 12:37:46 GMT

GET
H/1.1 200
OK ae8fb2c.js Show response
www.r6loot.com/_nuxt/ 3 KB
2 KB 34ms
33ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/ae8fb2c.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/855fd56.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: aeea9b50db10f140c72b25c8f3e41999b3ba8275196b383b023c7f002521c8f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:05 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"b50-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699025&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=ONCWrjtwhZ8nG8cHWOyROC7MUWX6Ixgk%2B25%2FRDq1SWU%3D

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Aqtp3E6t-HFIGa21I6_bpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-Aqtp3E6t-HFIGa21I6_bpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2Pitwsb2QQ6lk-ZxQwAxzAMFg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUErF_dw9LhzJlZULDXKMovScn8ye56R4Za3mdO6wGZyVDklMdiw9rnMe7ySGXjy1N67h6F-btpAEdWZP9ncxK1-G4I2uRHK2CpFEzKXrzFwL96W1hi-ZKqnSfReJmrZ9pAOCt-kw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 42ms
42ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUErF_dw9LhzJlZULDXKMovScn8ye56R4Za3mdO6wGZyVDklMdiw9rnMe7ySGXjy1N67h6F-btpAEdWZP9ncxK1-G4I2uRHK2CpFEzKXrzFwL96W1hi-ZKqnSfReJmrZ9pAOCt-kw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0Njk5MDI1LDg1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cucjZsb290LmNvbS8iLG51bGwsW1s4LCJkcjB2MjdYTTZROCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIxNDZdLG51bGwsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

b1d6aa07e194e4e81b4f019f0ffc5a9afe1fa510c97f2d625dfeff41591f02c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7yEiI0t4qdWc_06XmdwSkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-7yEiI0t4qdWc_06XmdwSkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAuKdiy-wHgTi7-wXWf8DsRAPx8RvFzayCTS8vLCEGQAX1zOA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ee3403b.js Show response
www.r6loot.com/_nuxt/ 1 KB
2 KB 33ms
33ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/ee3403b.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/855fd56.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 2dce8388ffa6dde6e99c2489e34a2575cabe5a7e7756af5a366dc666eaa5189f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:06 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"4f7-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D

GET
H/1.1 200
OK c685373.js Show response
www.r6loot.com/_nuxt/ 1 KB
2 KB 34ms
34ms Script
application/javascript 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/_nuxt/c685373.js
Requested by: Host: www.r6loot.com
URL: https://www.r6loot.com/_nuxt/855fd56.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: d6ad161d785b490ae85ecfaee317276ee152d80ef9ce8054c2d5ae56511a2086

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:06 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:15:26 GMT
Etag: W/"4a6-17a3b282ab0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 44ms
22ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240501&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a82017514d3a8a5404a4e145881962ae86d1f6f463caa5355db9c47920ed0f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12440
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
www.r6loot.com/ 264 KB
36 KB 40ms
34ms Other
image/x-icon 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.r6loot.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: ce0d2775ffaf94cff01e4b72725b82a135765ede3321e6cc82110df8fdae5504

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 01:17:06 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Wed, 23 Jun 2021 23:13:38 GMT
Etag: W/"4203e-17a3b2684d0"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D"}]}
Content-Type: image/x-icon
Transfer-Encoding: chunked
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1714699026&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=VXFv92vtVnFNLx4i%2BYdxTaDox4F%2F5Q7dSfABnlOArV4%3D

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 May 2024 01:17:06 GMT

GET
H3 200 ima3.js Show response
fundingchoicesmessages.google.com/f/AGSKWxWkoE0qtphyjrSHRUnZ72zp8F4ivA2UKpDbaPhCXyJhNcxBlFAoZrx8crxElRf4Sgi6bUK2bGp-9RLXK2SHAODEVgFmiAvyORs2cXdfE_vMHCiSNpcXcdb7YKPhcxLA7v5JTkTFzuerHQ07yVZ8VRWvbmnfG... 54 B
110 B 22ms
21ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkoE0qtphyjrSHRUnZ72zp8F4ivA2UKpDbaPhCXyJhNcxBlFAoZrx8crxElRf4Sgi6bUK2bGp-9RLXK2SHAODEVgFmiAvyORs2cXdfE_vMHCiSNpcXcdb7YKPhcxLA7v5JTkTFzuerHQ07yVZ8VRWvbmnfGMIvYtE-l_o5S4ZlAciQ4QEMO-XCfvF6/_/ads_server_/googlempu./advertisements_.shortcuts.search./ima3.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.dr0v27XM6Q8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_signal_executable/ed=1/rs=AJlcJMyrSmq0qpeA7HRV8aK-o3ig48A2Yw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

3daa3fc0c8fd72572575c247e68b737c1b13dfbefb58ad273d09ed5ab5edaada

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iAB1g3YrvnJtQ0acKMqOcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-iAB1g3YrvnJtQ0acKMqOcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMGEMc8n86aAsRO6TNYg4DYp34GawwQt948xzoViE8uOM96EYiT_p1nLQLinYsvsB4EYiEejknfLmxkEzhx7MA3RgCnpDU4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 9ms
7ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d7455b0830b383226457384f086a9c36064de3f173a5be49db0e564b2c7b2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 00:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24241
x-xss-protection: 0
server: cafe
etag: 8786648585250272355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 01:43:14 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-apJfx2X3PL8hcQGkV5oIEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-apJfx2X3PL8hcQGkV5oIEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1hDgFiIh2PStwsb2QQatp_9xggAxz4Mpw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D-7Y2QaC1VOiP6NGv2jlng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-D-7Y2QaC1VOiP6NGv2jlng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1pBiWMy_i6mW4RlTKxA7pc9gDQFiIR6OSd8ubGQT6Fi0rp0JAPlNDX4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7OwyyYmnAizavAVEb-NemQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-7OwyyYmnAizavAVEb-NemQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIh2PStwsb2QRmdO3oZwIAx0oMIQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUK_B1-dERYLR8h3YHCifPrEviObPcFXdNzIoGX7SG-CKw6gz-B47uuCzdbkZ39EkinuHxX7r8QcNofajvg6c8ne4fFwhQklorKS4RSOyeaf7IroLldzTCwYDigYr1mwzmruQlWGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9o5amkVCwd88L0TpPtRVCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9o5amkVCwd88L0TpPtRVCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIh2PStwsb2QRWzDwyiQkAxkYMQg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.r6loot.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWmq92Jsu-iWPR_e4YytxHmehZGAtXFIP6XPZdG2NcJ3DS0Ay_4BMr2ToS1u8cV4nbj6lEYIOup6SUPHUCMGsKUuXC1wg_IFch55X4Cxc2qRxiOn5pSbYYaEHdkA2ADh8lh5NiSZg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 52ms
51ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWmq92Jsu-iWPR_e4YytxHmehZGAtXFIP6XPZdG2NcJ3DS0Ay_4BMr2ToS1u8cV4nbj6lEYIOup6SUPHUCMGsKUuXC1wg_IFch55X4Cxc2qRxiOn5pSbYYaEHdkA2ADh8lh5NiSZg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0Njk5MDI2LDUyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnI2bG9vdC5jb20vIixudWxsLFtbOCwiZHIwdjI3WE02UTgiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMTQ2XSxudWxsLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

86aa79130317d395c9bac8b9e0fe400ec459f0813e16ea08e2e96c235dd6f6ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c_0FYPpNpG1VcaPro-UyMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-c_0FYPpNpG1VcaPro-UyMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0ZBiUAzbyXTe6Q7TdSCuZXjG1ArEBhrPmSyAWOLrSyYNII55Pp01BYid0mewBgGxT_0M1hggbr15jnUqEJ9ccJ71IhAn_TvPWgTEOxdfYD0IxN_YL7L-A2IhHo5J3y5sZBM4sXPuRCYAoDo0ew"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 282B 0
0 30ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.r6loot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 18891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 20:02:15 GMT
expires: Fri, 02 May 2025 20:02:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxUM75f9JHWruDEIe4np4HhKSrQQfVkB3F0ebsxDVH0PoEQjjUcSeG60xK8oBDGg6cXAZjW7z2GXeiTlGtP3anF_-VWLLs-Hq1PxZ48nJRUDi4H-xyiJZ33-CdnWHQEoOa4fSYm9lQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 23ms
23ms XHR
text/html 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUM75f9JHWruDEIe4np4HhKSrQQfVkB3F0ebsxDVH0PoEQjjUcSeG60xK8oBDGg6cXAZjW7z2GXeiTlGtP3anF_-VWLLs-Hq1PxZ48nJRUDi4H-xyiJZ33-CdnWHQEoOa4fSYm9lQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o0VOLwOTNBap8RoM9Il--g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.r6loot.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 May 2024 01:17:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-o0VOLwOTNBap8RoM9Il--g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2PStwsb2QQWzFu_iAkAx-8MSA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.r6loot.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240501&jk=1546399053165791&bg=!bG-lbyDNAAY3z2SHF887ADQBe5WfOJ_KCf-Y8-kqJezbjONwIQfKqHG4Zvq4NvCybk9hWoueaOMj5QWdtvNXiEdkVYcOAgAAAGFSAAAAA2gBB34ANYvN5c1dYkZviDuNDrD6jwMQhKaumhbh5NpJF-7CZbIyQDOOxCvgr-unGQKEM0p11uaQBVGdmQKP41YNbzwHOFT_iHfJHOwiImrmY42GBrFdAYbM6ZirCdwSsDhAa0CiTrnrOCaHHWsS3Wkv2NFRUQczhuZiFFG8naVSALuuSuamK7K9ubn1nuPnVrw_8-FS-HRDl5e2V3sd37oO40DicD_tx2nD_eaMZ7Ri0HE5KSj1flhE7e-42R3CCrWEM3DdWrtMnpL9f7hzZDhC8VMnFjlnbNg4NWeddebLMT1Bdx7O74vmndIg-QyCVDSLwlhkDIWmnre7git-307Yrrh6Jr4L0iPzb6XdWR1bIdkPxJOG6ab_FaEVy52R0vr-YNiKlMj3Vy8DzcMx738ticZT8KwHGiBtNNSiDC7Jyu2LTfRd547_vOeZLPEND6izzzmJ6RGK-OXe1zjkeUiuD4nATXeSUdEQQ9Uh2FjPKR4It-WNq_SmiQlfBTGBMwZzMjtb8RVtlLdexrX_M3X8y7HaR-6ujA-o_Q0a-J-xEFdJD4oJZ98MRkNcJTU85jJjhJFqK25ynt-3KHOsxTrFLD066ZwQ9dpQ7qNpDPFxcoLRljHlNlzPSs05rBPUYcoKLvvmOZMa2VkosZfCXmRVveH39SKr1nNw9IqHAIjJtAM-Z6RF9fFhrCer-syxEAdSKIRi3utb9XyzLv0gMRoDClnTnka7MXbZYw-87jUmpQoYL__VN56m3iO4JH81CuQS_l65TZGMeL1Fa6lTJDjppE7zuFdm9JEfRa2RnH1cDKLPml7SPiyleOEinkA7ZV2roYHNUn-z_vwiIcXnNS93Q1YImEI_zb5W92LyB8vErCUM4bwYq1NAPCmYHph4jVgP9P_sWFB0AQphrvcw26vdITB-T9pedLbWkCyV1CjJ2Y5oAJTPfqc7QToE6Q

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.r6loot.com/	1970-01-21 00:37:31	Name: __eoi Value: ID=c864184bddbe43e4:T=1714699025:RT=1714699025:S=AA-AfjYuksvRktSAyXs_nfYavkP6
.criteo.com/	1970-01-21 05:39:55	Name: receive-cookie-deprecation Value: 1
.r6loot.com/	1970-01-21 05:03:55	Name: FCNEC Value: %5B%5B%22AKsRol-8DRrE9lHSQgZ2LKkW4Emkvcoo3aQy6j1sC0Cq_fsnw3o4jvCGjxzEKEe80Zw3jP71SuQH4yaaJsyrpSzQ_FlzcyoHesV_zWB0ZfU-xWzMkmQX9y6-vrdayywCjCCvm207MuxVm4qyy7bkUhOw1C6ghzTP1A%3D%3D%22%5D%5D

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.r6loot.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
images.prismic.io
pagead2.googlesyndication.com
r6loot.cdn.prismic.io
r6loot.prismic.io
static.cdn.prismic.io
tpc.googlesyndication.com
www.r6loot.com
pagead2.googlesyndication.com
172.217.23.110
18.235.190.72
216.58.206.66
2600:9000:2251:f400:15:1def:a40:93a1
2600:9000:2724:e00:6:ea06:d140:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a04:4e42:600::720
52.212.52.84
0422b9ca7903b571a232dc85188ccaf212dbc3b13e78d447e718074a7b21c0e2
060f5a7652aa30bd9b8e7abf042b43e557e20585ee572a5ec06e3c7ca560519a
0f0ce00a114cee9003d1c8fd82eb6c4cd936d0c7d601af9be0834ad228c4ae5a
2dce8388ffa6dde6e99c2489e34a2575cabe5a7e7756af5a366dc666eaa5189f
2e8ee00eada4eed96fff4d33b69a2fc0563c38f0096fc512cb05d5ff44e151af
3daa3fc0c8fd72572575c247e68b737c1b13dfbefb58ad273d09ed5ab5edaada
429fdbe0956c41be7f220f9e0a991eb989dedb3a7ff24906ec55c132d196868a
42f783447f47f7ea4ec68e0cd89e574053684408733ac82fe3792027671eb2e6
4caf4ee991de857cda06bb8e0a204680303ad2023ac43a7a0acfed6b3ea88a88
533560ab5ad5c4f2c81404249e7277e57c2ea8e434b5a4965932d93ad5fc56d8
5449c444f2ecd73c10c24732a8aca7c376a2f803106068c91e52c36f2e964b97
5d3e3288b73b8aac6a18b8febc6b36a1a92b5fbf5171a7f502d54e9d1b7a26f9
617c6d0b44a0ce0807875ff80a6127df14a4d35de0140f2113f8ea7ba6392ce7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069
746b79e6750d050243f69052f65fdca4361a825185e5a80c1f795b891c6c285f
7d7455b0830b383226457384f086a9c36064de3f173a5be49db0e564b2c7b2c6
86aa79130317d395c9bac8b9e0fe400ec459f0813e16ea08e2e96c235dd6f6ab
8c4316c945193b0cf887e896c49169caa8641a376b1151e8b348bf8cb3169b67
8cdfae3f3c3ffed9b62c1087df5ab6e25b43acc11622b9d32245277389a0c8a4
98ace1f1dfc2e198d2ee2ee420bc239157bb45f6018c24a4d5d0c95cbbc266be
a30a07d270ee6100ee34064e57bcd3fb25d39fc1c6e354689a0af779c111af64
a82017514d3a8a5404a4e145881962ae86d1f6f463caa5355db9c47920ed0f3d
ae98cdb009ee7a40e1e000a5f7861076230b765c3ec97ab3fbd26f0c25b9129a
aeea9b50db10f140c72b25c8f3e41999b3ba8275196b383b023c7f002521c8f2
b1d6aa07e194e4e81b4f019f0ffc5a9afe1fa510c97f2d625dfeff41591f02c9
c91d9353250fe342f617669e0ba776edaf5df4925c5b71d952601a54bbf0fcb2
c9f15f536c34ebd8df38cdb205f0dc5f3da48a3d85d41f6816bf0674e7952530
ce0d2775ffaf94cff01e4b72725b82a135765ede3321e6cc82110df8fdae5504
d11bc04c2a74e441b063cecfc74f6ddb171b53b016eceff89aef4415ec786be9
d21fbcf6a299285df9e59f2ce1457a5aae96bde404ad82c7b9ec541d61b36fdb
d603f8eb21d58c8aa41d72ad3f9e922af315274f3326d06e9cb7d23d2026301b
d6ad161d785b490ae85ecfaee317276ee152d80ef9ce8054c2d5ae56511a2086
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e421cd0516e6690678b6c92380634d827ae63308471cab6b2d6ee6b47d97b12b
e50656ce00cd943d9221f4d1f4a12a928f4023a094cee75b73de9c4e434ba0a7
f643a2d4cf9f199f3bf2e467c5dfebdde0cbe4c8564ef5b60a0a09acfa1e88ec
fc8906d3f64a64eb974c78fd27eac2f6c26d13353c71c8ff20eb5ee8bc68decc

www.r6loot.com Open in urlscan Pro 52.212.52.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

64 %IPv6

6 Domains

10 Subdomains

12 IPs

3 Countries

1222 kBTransfer

3538 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.r6loot.com Open in urlscan Pro
52.212.52.84 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

64 %
IPv6

6
Domains

10
Subdomains

12
IPs

3
Countries

1222 kB
Transfer

3538 kB
Size

3
Cookies

51 HTTP transactions
1 data transactions