roblox.allyoucanget.buzz Open in urlscan Pro
2606:4700:3033::ac43:92c6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://roblox.allyoucanget.buzz/
Submission: On May 14 via api (May 14th 2023, 3:19:12 pm UTC) from US — Scanned from US

Summary HTTP 78 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 18 domains to perform 78 HTTP transactions. The main IP is 2606:4700:3033::ac43:92c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is roblox.allyoucanget.buzz.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.

This is the only time roblox.allyoucanget.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::ac43:92c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
3	104.243.38.177 104.243.38.177	23470 (RELIABLESITE) (RELIABLESITE)
6	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:2140:4400:d:e9c:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:804::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:202... 2600:9000:202c:6200:b:dc8d:b7c0:21	16509 (AMAZON-02) (AMAZON-02)
1	23.22.126.183 23.22.126.183	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:24f... 2600:9000:24f1:9000:15:7da0:ecc0:21	16509 (AMAZON-02) (AMAZON-02)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2600:9000:251... 2600:9000:2512:5200:1c:b3e3:eb40:21	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:5fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
12	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
78	29

2 2606:4700:3033::ac43:92c6 (United States)

ASN13335 (CLOUDFLARENET, US)

roblox.allyoucanget.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.243.38.177 (United States)

ASN23470 (RELIABLESITE, US)
PTR: disuanqi.dadongeng.cn

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2140:4400:d:e9c:2500:21 (United States)

ASN16509 (AMAZON-02, US)

d2bb5k76l7oivo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:202c:6200:b:dc8d:b7c0:21 (United States)

ASN16509 (AMAZON-02, US)

d28uhswspmvrhb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.126.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-126-183.compute-1.amazonaws.com

appinstallcheck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:24f1:9000:15:7da0:ecc0:21 (United States)

ASN16509 (AMAZON-02, US)

d3ikgzh4osba2b.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o425163.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2512:5200:1c:b3e3:eb40:21 (United States)

ASN16509 (AMAZON-02, US)

d13pxqgp3ixdbh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:5fe (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cloudfront.net d2bb5k76l7oivo.cloudfront.net d28uhswspmvrhb.cloudfront.net d3ikgzh4osba2b.cloudfront.net d13pxqgp3ixdbh.cloudfront.net	252 KB
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 449	40 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	204 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	42 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 translate.googleapis.com — Cisco Umbrella Rank: 1046 fonts.googleapis.com — Cisco Umbrella Rank: 50	106 KB
3	sentry.io o425163.ingest.sentry.io — Cisco Umbrella Rank: 588426	1003 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
3	google.com translate.google.com — Cisco Umbrella Rank: 1346 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	29 KB
3	ibb.co i.ibb.co — Cisco Umbrella Rank: 12330	336 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 15911 s4.histats.com — Cisco Umbrella Rank: 13074	5 KB
2	allyoucanget.buzz roblox.allyoucanget.buzz	40 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 266	528 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	607 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649	7 KB
1	appinstallcheck.com appinstallcheck.com	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	73 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4328	21 KB
78	18

	Domain	Requested by
12	js-agent.newrelic.com	appinstallcheck.com
12	d13pxqgp3ixdbh.cloudfront.net	roblox.allyoucanget.buzz
6	pagead2.googlesyndication.com	roblox.allyoucanget.buzz pagead2.googlesyndication.com browser.sentry-cdn.com tpc.googlesyndication.com
5	d3ikgzh4osba2b.cloudfront.net	d2bb5k76l7oivo.cloudfront.net
4	www.gstatic.com	roblox.allyoucanget.buzz www.gstatic.com
4	www.google-analytics.com	roblox.allyoucanget.buzz browser.sentry-cdn.com www.googletagmanager.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	o425163.ingest.sentry.io	browser.sentry-cdn.com
3	d28uhswspmvrhb.cloudfront.net	d2bb5k76l7oivo.cloudfront.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	i.ibb.co	roblox.allyoucanget.buzz
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	appinstallcheck.com
2	roblox.allyoucanget.buzz	roblox.allyoucanget.buzz
1	www.google.com	tpc.googlesyndication.com
1	bam.nr-data.net	appinstallcheck.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	roblox.allyoucanget.buzz
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stackpath.bootstrapcdn.com	appinstallcheck.com
1	appinstallcheck.com	roblox.allyoucanget.buzz
1	www.googletagmanager.com	www.google-analytics.com
1	translate.googleapis.com
1	ajax.googleapis.com	roblox.allyoucanget.buzz
1	d2bb5k76l7oivo.cloudfront.net	roblox.allyoucanget.buzz
1	translate.google.com	roblox.allyoucanget.buzz
1	browser.sentry-cdn.com	roblox.allyoucanget.buzz
78	28

This site contains links to these domains. Also see Links.

Domain
translate.google.com

Subject Issuer	Validity	Valid
allyoucanget.buzz GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
i.ibb.co R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
appinstallcheck.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://roblox.allyoucanget.buzz/
Frame ID: C73993DD5FA7321B1A0D2AB029650F35
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 7C47E7561ED01EFB771011400263FF00
Requests: 1 HTTP requests in this frame

Frame: https://appinstallcheck.com/fl/eglne
Frame ID: 85CC7E1C4B7B71EADBB9CAAE3D845065
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9604483111298619&output=html&adk=1812271804&adf=3025194257&lmt=1684077545&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Froblox.allyoucanget.buzz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684077544682&bpp=5&bdt=257&idt=289&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=865401897308&frm=20&pv=2&ga_vid=979568280.1684077545&ga_sid=1684077545&ga_hid=1498334152&ga_fc=1&ga_cid=117514243.1684077545&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788442%2C44790154&oid=2&pvsid=464266127412240&tmod=1571615105&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=349
Frame ID: 8058226CB86127C4A75FFA1FFCCEB845
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9604483111298619&output=html&h=280&slotname=2974103421&adk=621789044&adf=2449933453&pi=t.ma~as.2974103421&w=1090&fwrn=4&fwrnh=100&lmt=1684077545&rafmt=1&format=1090x280&url=https%3A%2F%2Froblox.allyoucanget.buzz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684077544687&bpp=4&bdt=261&idt=384&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=865401897308&frm=20&pv=1&ga_vid=979568280.1684077545&ga_sid=1684077545&ga_hid=1498334152&ga_fc=1&ga_cid=117514243.1684077545&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788442%2C44790154&oid=2&pvsid=464266127412240&tmod=1571615105&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mtCeDCGYTB&p=https%3A//roblox.allyoucanget.buzz&dtd=398
Frame ID: 4DF7CCB91AC7FD5E02A7BF7A0A27DDBB
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A2C50F026726904C3D7C394173705B80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E32C4C5D09174F2F25CB60A03F4A4BC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D35A39072ABC756C92C4C6FF0CE83407
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Gift Cards Giveaway

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

29
IPs

2
Countries

1205 kB
Transfer

2199 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
roblox.allyoucanget.buzz/ 32 KB
8 KB 244ms
208ms Document
text/html 2606:4700:3033::ac43:92c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:92c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38d4341cfbe623fe2ef5295c9fb1f1482d9d12921e3644108f4b33bf5e4f2e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c741e0b5d850f95-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 May 2023 15:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHdAjK2puxhsfVFf1MY9lh6yjpQTFzxVxbe96n4Pk4U%2F2WVXcIeVDDoPH0CsN9SfVu9du%2F%2FxmjJenGSiItaCmp%2FxCXwOoCojBfErCRUITp%2Bfu6Dlqc4AgESdAd3xdZzVK9KTZR4MwAdXjf8aNqXLZt4bRDeGQm4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.4.1/ 66 KB
21 KB 31ms
5ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Origin: https://roblox.allyoucanget.buzz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 19 May 2021 16:36:38 GMT
server: Fastly
age: 2283049
etag: "42639cce5db857005b8285dedd67553d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20972
expires: Wed, 17 Apr 2024 05:08:15 GMT

GET
H2 200 Logogiftcard.png
i.ibb.co/XWGhfmk/ 296 KB
297 KB 281ms
251ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/XWGhfmk/Logogiftcard.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 120cb0be75d77196ef6b3813b5a24d23075a6d14dd5cd1b39020b6eb3ebdb6ab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
last-modified: Mon, 11 Jul 2022 09:54:51 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 302868
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 108ms
60ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9604483111298619

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5423daa354a40159acebdbabfc31a949c9d439ae3cada7c5b18a494274566b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://roblox.allyoucanget.buzz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47444
x-xss-protection: 0
server: cafe
etag: 8000180178169301532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 15:19:04 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 78 KB
27 KB 100ms
56ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80d8ef832eec8b0e15132c57ce2b1cee65d46e4600f6107ab21b62f78b187c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7f6dded.js Show response
d2bb5k76l7oivo.cloudfront.net/ 24 KB
7 KB 224ms
179ms Script
application/javascript 2600:9000:2140:4400:d:e9c:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:4400:d:e9c:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:01:49 GMT
content-encoding: br
via: 1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
last-modified: Sat, 13 May 2023 22:59:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 1037
etag: W/"2bfd2a5b8ac2dbc95efed9f39bf259ff"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-id: WpyMSR8sFraa-oTdl-tTRvUwtI0BHfRaAAp0BGGu5gjrvNt-wE5giA==

GET
H2 200 free-gift.png
i.ibb.co/qCycDzF/ 9 KB
9 KB 5ms
4ms Image
image/png 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qCycDzF/free-gift.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 448c9ace7b42876399fabdb9d02253e7be4667b6fdbb8e0a3eeff086754fc164

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
last-modified: Mon, 11 Jul 2022 12:41:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9164
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 verifyuser.jpg
i.ibb.co/mCRbQyx/ 30 KB
30 KB 309ms
308ms Image
image/jpeg 104.243.38.177
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/mCRbQyx/verifyuser.jpg
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.177 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: disuanqi.dadongeng.cn
Software: nginx /
Resource Hash: 51e91dd535891502cf4fe61f9c9bc52a9dc9dfcfea1fd3d5ba832028f2dada0a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
last-modified: Mon, 11 Jul 2022 20:31:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30730
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 56ms
13ms Script
text/javascript 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 08:14:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 59ms
12ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 May 2023 15:18:40 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 24
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 14 May 2023 17:18:40 GMT

GET
H2 200 /
roblox.allyoucanget.buzz/ 32 KB
32 KB 204ms
202ms Image
text/html 2606:4700:3033::ac43:92c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roblox.allyoucanget.buzz/
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:92c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB%2BUufzqyP07G3PE%2Fit%2BKwXYMgrwFnKzy%2BEiPd473%2FId9AKD7Jhg%2BrSb2LkXpFRn6VGOxm5jRht5PKWa0jMGCVY4XogqTxJHP4qCrVjFYQAU76qq9SOwpoWtWj4sHy%2F4MGP67esvSkHlQae6iXNbSCCBaHw3UtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7c741e0d4eed0f95-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
228 B 37ms
36ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1498334152&t=pageview&_s=1&dl=https%3A%2F%2Froblox.allyoucanget.buzz%2F&ul=en-us&de=UTF-8&dt=Free%20Gift%20Cards%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2034692682&gjid=801350687&cid=979568280.1684077545&tid=UA-220165625-1&_gid=117514243.1684077545&_r=1&_slc=1&z=1763583495

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aeb69c82560a722e264cfed39f63b891e8a809804e61be254fbc41369170e76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 15:19:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roblox.allyoucanget.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 25 KB
5 KB 55ms
12ms Stylesheet
text/css 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.WYPRFnOi8do.O/d=1/rs=AN8SPfpuhFJPZIC1bAeelVoE7UV7Vt-MPA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4396
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 14:16:06 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.WYPRFnOi8do.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpuhFJPZIC1bAeelVoE7UV7Vt-MPA/ 212 KB
75 KB 53ms
13ms Script
text/javascript 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.WYPRFnOi8do.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpuhFJPZIC1bAeelVoE7UV7Vt-MPA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.WYPRFnOi8do.O/d=1/rs=AN8SPfpuhFJPZIC1bAeelVoE7UV7Vt-MPA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebde9f239364de4d5178cf65e57cafd8a33acf780df5cb60ecf38a1e6769380b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 17:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76181
x-xss-protection: 0
last-modified: Wed, 10 May 2023 21:13:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 17:19:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 96ms
43ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3W7PE80J60&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3330aa5943e06e5157e4d95a58deeca26a43b98727d8f3daaeffeb23d5621da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74031
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 May 2023 15:19:04 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 101ms
74ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9604483111298619

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7ce6adefb5723f3e603275e7f4eca08819706555f1cf3abe0b16f047cb46e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122645
x-xss-protection: 0
server: cafe
etag: 16273390448533077257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 15:19:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 7C47 10 KB
5 KB 68ms
14ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9604483111298619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 75994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 18:12:30 GMT
etag: 15057649708203361565
expires: Sat, 27 May 2023 18:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html.3441003.6cf2c.0.js Show response
d28uhswspmvrhb.cloudfront.net/public/external/v2/ 9 KB
10 KB 216ms
174ms Script
application/javascript 2600:9000:202c:6200:b:dc8d:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d28uhswspmvrhb.cloudfront.net/public/external/v2/html.3441003.6cf2c.0.js
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:6200:b:dc8d:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 752b660e63f2f27ae5e173f921735cd8f232425b8911660ed57289b9f17110dd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: EWR52-C2
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: z1UfoDed3Vvg3EzAbwUwHEzttIvTJmfYGG771PXH-QEIFryI2kd8XQ==

GET
H2 200 css_front.css
d28uhswspmvrhb.cloudfront.net/public/external/ 6 KB
7 KB 177ms
135ms Stylesheet
text/css 2600:9000:202c:6200:b:dc8d:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d28uhswspmvrhb.cloudfront.net/public/external/css_front.css
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:6200:b:dc8d:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: EWR52-C2
etag: "19c4-5a8c5e62e9d0a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: pYwM81EYVnYHB2-Jpyi_q5JD-EcbR_jgzhQXDndP5igDdRFUExBt8g==

GET
H2 404 eglne Show response
appinstallcheck.com/fl/ Frame 85CC 57 KB
20 KB 84ms
37ms Document
text/html 23.22.126.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://appinstallcheck.com/fl/eglne

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.22.126.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-126-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

43dd9005d5cab6decac7409ac2299bcf371621a188e74108137403fb9a98431b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 14 May 2023 15:19:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: DENY
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 html.3441003.6cf2c.0.js Show response
d3ikgzh4osba2b.cloudfront.net/public/external/v2/ 9 KB
10 KB 211ms
171ms Script
application/javascript 2600:9000:24f1:9000:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/v2/html.3441003.6cf2c.0.js
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:9000:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 752b660e63f2f27ae5e173f921735cd8f232425b8911660ed57289b9f17110dd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: JFK50-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 97Hx8Q2hB81pkC_TjMGL1OeyqzCM0vNWINjKOhCpoEuA2JjRBsk2YA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 37ms
37ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3W7PE80J60&gtm=45je35a0&_p=1498334152&cid=979568280.1684077545&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&sid=1684077544&sct=1&seg=0&dl=https%3A%2F%2Froblox.allyoucanget.buzz%2F&dt=Free%20Gift%20Cards%20Giveaway&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3W7PE80J60&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 15:19:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roblox.allyoucanget.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 429 / Show response
o425163.ingest.sentry.io/api/5780930/store/ 198 B
574 B 74ms
33ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://roblox.allyoucanget.buzz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 16:default;error;security;attachment:organization:error_usage_exceeded
retry-after: 16

POST
H2 429 / Show response
o425163.ingest.sentry.io/api/5780930/store/ 198 B
322 B 73ms
34ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://roblox.allyoucanget.buzz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 11:default;error;security;attachment:organization:error_usage_exceeded
retry-after: 11

POST
H2 200 / Show response
o425163.ingest.sentry.io/api/5780930/store/ 41 B
107 B 72ms
33ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ac570e73ff965aab067468665d8e39871e5ecf419c213564a99c02cec6deb232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://roblox.allyoucanget.buzz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 16454931964ae4b735cb411f2de267110a434da371.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 29 KB
30 KB 22ms
6ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16454931964ae4b735cb411f2de267110a434da371.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31634d2128e7d2b92f4577e21919d12818c3d4928ff3a4b1f277a61bb3de4f52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 1olNR3_tZwPsSMFIzeclXxTG8ffZPmbR
date: Sun, 14 May 2023 04:14:08 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 01:26:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 39925
etag: "672376c9d36a74a875752b88f2ccf289"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 30101
x-amz-cf-id: 631po6SEowaK7DLYMjm3ex8-tz_4tmr0no7Z1FpgCsLd4r8qM0YvDg==

GET
H2 200 1645606690860b44915e39951ccef2f78aae356a84.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 31 KB
31 KB 21ms
6ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1645606690860b44915e39951ccef2f78aae356a84.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: RQYIgMchvr6G6gI3kkzRz2_v3JIfeLza
date: Sun, 14 May 2023 04:14:08 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 39925
etag: "cf9c06469236cd8e8d2088087b10b5b8"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 31679
x-amz-cf-id: t_grZLDVf-gI3g-fTpBV-8w73UPjhXMMFgtfOpL3PiOwZc4ZPPVAmQ==

GET
H2 200 16456066910ad995c478735eeb59daf47640f653e3.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 31 KB
32 KB 25ms
10ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16456066910ad995c478735eeb59daf47640f653e3.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: jESQ7VF8lhOQmEKpco8QJsEG4PY.lIh1
date: Sun, 14 May 2023 04:14:08 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 39925
etag: "3ea539d676fccf2fef78a5c74e5cc5dc"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 31861
x-amz-cf-id: pEQ4R7qUgZq5fyg2SN_8yypCuWYpmOwI54NRaxBFtESWNwraDZ5N3A==

GET
H2 200 1645606690dfe4c50e8dab48f102c825bbb91242c3.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 7 KB
7 KB 31ms
16ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1645606690dfe4c50e8dab48f102c825bbb91242c3.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: W6axW.sMqNSWP4B7a9GQEzzaYOmvzKOC
date: Sun, 14 May 2023 11:21:13 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 14272
etag: "e2a36e05f872ff1f960328d91954a724"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6729
x-amz-cf-id: mYg5H0oc4qsfL6zJlLvn3YNAA1xhieWkj6HPRrnN3keuhz0gfn5BLw==

GET
H2 200 16456066913af5eafc1e8f4b67bdb9fad531193dd3.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 9 KB
10 KB 29ms
14ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16456066913af5eafc1e8f4b67bdb9fad531193dd3.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: QPZwrvOa2SGRY6j1Pkocfk2.CcPFUmtI
date: Sun, 14 May 2023 11:45:52 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 12796
etag: "ccaa833c45dcb4ea162881be6dc91e0c"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9529
x-amz-cf-id: p0BZMb8rltfNFwYfzEHo4ctoTiTmrqqbCReJd6DZBjmufS4NXkOWRQ==

GET
H2 200 16456066916e6559533a5e292ccba8bb80f9149007.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 12 KB
13 KB 22ms
8ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16456066916e6559533a5e292ccba8bb80f9149007.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: qWhXdWD6ozQaJ.1oJMOpmTjlkVn6l6k0
date: Sun, 14 May 2023 07:14:35 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 29234
etag: "677e596f3cd64052974585aa7e123c1e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12769
x-amz-cf-id: MHyiKo30Ic4mpiJdnlfGGtVMA-ARwvEAJjuw7jrZC95uI3-2MtLoVw==

GET
H2 200 1645606691ccf0a7bdb704e85631127b851dc0e997.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 6 KB
7 KB 13ms
5ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1645606691ccf0a7bdb704e85631127b851dc0e997.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Hh5GCdeMrVnnrp5ASrE4eMIJ8HaFIhOY
date: Sun, 14 May 2023 07:59:44 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 26360
etag: "72cd5bca1317cb4ccb7744a82a5b92cc"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: hFDKAfUGvidhCmOui2AbB3Xk2viWmQnUfV3oDLkX4X2zFyQfT80KuA==

GET
H2 200 164560669197909a539d87aced1c1438c4da903d01.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 8 KB
8 KB 18ms
9ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/164560669197909a539d87aced1c1438c4da903d01.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: yVMr_pqF8bM_T5zFyFeflToGbc2nMQn_
date: Sun, 14 May 2023 06:39:49 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 31159
etag: "2ad10c7fd2ca9ff2c30c60316256f42d"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7959
x-amz-cf-id: bvbeVRvnV0BkJmJasB8amVNOLzf0W2_Dwz4K8SsQHA3PYjiGpW5IDA==

GET
H2 200 16456066905c80182c84eecb81c8441ca9307becc7.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 6 KB
7 KB 26ms
17ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16456066905c80182c84eecb81c8441ca9307becc7.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 735c5ced19acfc830398b83e3a818cf30acecca4826ae79fa3f399c6818599a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: AprD6ziPbpiwhZoAmzRBgb_cAFXbRGq1
date: Sun, 14 May 2023 15:19:04 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 44919
etag: "275dd5cb46b5daabe0c4aa878da4f589"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6411
x-amz-cf-id: mNM6MKnjtY7e_LCobbrtJnMpvEUiNSoX7NT17GSBYX9-XA6w64N56Q==

GET
H2 200 16454932785b7b640a16766af88f84901c26fde30d.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 29 KB
30 KB 19ms
10ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16454932785b7b640a16766af88f84901c26fde30d.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d951f1b331c622645082362bb5016ea5544a83ae12c03abd58a647310e87c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: LXr30fUSVRI5OmOP22bMvd4hA5INHMG_
date: Sun, 14 May 2023 07:02:20 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 01:27:59 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 29846
etag: "72c9812370f8235fdb1cff05170ef915"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 30037
x-amz-cf-id: 9K3Qz2kr0mcC3gvAMPixCYdNlzkQeEqZDYkK5LWhUXiOfq-Iw-X8VQ==

GET
H2 200 1645606690bc25555bab4430a7900a83e596aef47d.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 13 KB
14 KB 13ms
1ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1645606690bc25555bab4430a7900a83e596aef47d.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Lge6SHJh03SQ6P2vJ6l8595_6NBefZsV
date: Sun, 14 May 2023 14:00:05 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 4743
etag: "12ab420eb2f85783090f0d149cce0373"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 13473
x-amz-cf-id: GCH_re-_XYpJygMK7iQRLAHtKrM3irsYCCHHcY1_mssrRYbl0ehZSg==

GET
H2 200 1645606690250c6c064370ec8752e020ce647d55a1.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 29 KB
29 KB 14ms
2ms Image
image/png 2600:9000:2512:5200:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1645606690250c6c064370ec8752e020ce647d55a1.png
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:5200:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roblox.allyoucanget.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: cRdaK9HhLLcS9_wllPQb.ZMwmx1tSKec
date: Sun, 14 May 2023 11:45:53 GMT
via: 1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:58:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 12796
etag: "959fb4eb8ce68f4120db1a1c19362c71"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 29488
x-amz-cf-id: 9Bzu4UF6FjMOSaAk4rqLNsRW8xQm7Uqt-xuWu09PX01-uIwUeoBY8Q==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 33ms
32ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1498334152&t=pageView&_s=1&dl=https%3A%2F%2Froblox.allyoucanget.buzz%2F&ul=en-us&de=UTF-8&dt=Free%20Gift%20Cards%20Giveaway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1138262843&gjid=1300067146&cid=979568280.1684077545&tid=UA-85922709-2&_gid=117514243.1684077545&_r=1&_slc=1&cd1=0&z=807319283

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 15:19:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roblox.allyoucanget.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 85CC 2 KB
965 B 79ms
36ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fed7047795c7e1f4273e3c89f04f413ca71d72a8407cdbcaf842f7140460aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 15:07:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 15:19:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 85CC 717 B
443 B 80ms
37ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 13:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 15:19:05 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 85CC 30 KB
7 KB 35ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 947
age: 5786967
cdn-cachedat: 07/16/2022 17:19:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7fff6f56e3c1c5da18962c449190bec3
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7c741e102b2541b5-EWR
cdn-requestpullsuccess: True

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
607 B 83ms
35ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=roblox.allyoucanget.buzz&callback=_gfp_s_&client=ca-pub-9604483111298619

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa65f63f1198fde81984485f693cdeee8d872a9a9c4ec3598e85bb5452a260c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 90ms
41ms Script
application/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=roblox.allyoucanget.buzz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8058 603 B
245 B 62ms
60ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9604483111298619&output=html&adk=1812271804&adf=3025194257&lmt=1684077545&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Froblox.allyoucanget.buzz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684077544682&bpp=5&bdt=257&idt=289&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=865401897308&frm=20&pv=2&ga_vid=979568280.1684077545&ga_sid=1684077545&ga_hid=1498334152&ga_fc=1&ga_cid=117514243.1684077545&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788442%2C44790154&oid=2&pvsid=464266127412240&tmod=1571615105&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=349

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:19:05 GMT
expires: Sun, 14 May 2023 15:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 63ms
24ms Script
text/javascript 2606:4700:10::6816:5fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:5fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 1479
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c741e10ce4143cd-EWR
content-length: 4547

GET
H3 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DF7 603 B
67 B 66ms
56ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9604483111298619&output=html&h=280&slotname=2974103421&adk=621789044&adf=2449933453&pi=t.ma~as.2974103421&w=1090&fwrn=4&fwrnh=100&lmt=1684077545&rafmt=1&format=1090x280&url=https%3A%2F%2Froblox.allyoucanget.buzz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684077544687&bpp=4&bdt=261&idt=384&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=865401897308&frm=20&pv=1&ga_vid=979568280.1684077545&ga_sid=1684077545&ga_hid=1498334152&ga_fc=1&ga_cid=117514243.1684077545&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788442%2C44790154&oid=2&pvsid=464266127412240&tmod=1571615105&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mtCeDCGYTB&p=https%3A//roblox.allyoucanget.buzz&dtd=398

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame 85CC 10 KB
10 KB 76ms
23ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://appinstallcheck.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 22:24:58 GMT
x-content-type-options: nosniff
age: 320047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 22:24:58 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 85CC 23 KB
24 KB 66ms
13ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://appinstallcheck.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 17:29:53 GMT
x-content-type-options: nosniff
age: 424152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 17:29:53 GMT

GET
H2 200 css.css
d3ikgzh4osba2b.cloudfront.net/public/clockers/CustomButton/ 1010 B
1 KB 163ms
162ms Stylesheet
text/css 2600:9000:24f1:9000:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/clockers/CustomButton/css.css
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:9000:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: JFK50-P4
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: 4fpvJ3nWYypCw_oKasnTbcKQGV60cAiovQjarTDIi_aago3YbEtbfA==

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 3 KB
2 KB 30ms
3ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: XX4GV61DE8320X0G
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: ZIq4hB8wPMdQckjzllCrG4H16cX9nWNMwNx5szBCZUDA30l4ON5xHmrkFqss3orb/ZLQrthVdM0=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.232998,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8060

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 15 KB
6 KB 30ms
5ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: XX4XN1DVX2WM5TJQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: hBmfqkblN0x7C2TynemPx3BwRDpH7mSyVl7+aK++zsmrq8D2hxW0vgd/ZVyRw8dQqWQuGo7q/QY=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.232980,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8041

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 49 B
183 B 56ms
14ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3430514&@f16&@g1&@h1&@i1&@j1684077545217&@k0&@l1&@mFree%20Gift%20Cards%20Giveaway&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:195344540&@b3:1684077545&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Froblox.allyoucanget.buzz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 8a5ee74a0b0652d311ddd54c2c6847c2d38b6db8fbfa55da5d029b3c2185873e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 15:19:05 GMT
Connection: close
Content-Length: 49
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated Show response
/ Frame A2C5 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 14ms
12ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:13:11 GMT
x-content-type-options: nosniff
age: 79554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 May 2024 17:13:11 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 18ms
16ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: roblox.allyoucanget.buzz
URL: https://roblox.allyoucanget.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:01:18 GMT
x-content-type-options: nosniff
age: 105467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 May 2024 10:01:18 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 16ms
14ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:29:11 GMT
x-content-type-options: nosniff
age: 103794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 May 2024 10:29:11 GMT

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 921 B
616 B 5ms
5ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: XX4XY1GRGP215W5E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: W40Yl+Cfad2nfmPUOtW1/aa6i1ApslPbHMuXr08vDGkLG3Rnu3rZDs+MC0i1NJO9anKt2oaTd10=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.319281,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5006

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 9 KB
4 KB 19ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: ZW3XMS1B2V16BCCA
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: EMPMY6LAzopwxCEAr4ssYcvcqZjOrTK7RC8GcOrlOpx1rqLeB8XOzuG8k9dyTEv+XcWxK8etKq4=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.353177,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3115

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 11 KB
4 KB 21ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: XX4ZNX4AA4PVYTTW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: bfBn7X0qmDZWzqx0dZ3b6bhHUoD8lM++WhfWxv5QWofPVMK+tn6vYctbrDNU5dD74nGPl8EWmb0=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.353310,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5071

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 12 KB
5 KB 22ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MDSY2MKC454CX0Z1
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: pJ2S679RJTsGExHj0Ugf4zpNy6RC9E6qmrhPt9zp4IUeVZydzEMV/xkDEyQdMY/+f3/UozoMtt4=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.353740,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9991

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 4 KB
2 KB 22ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: C3B5JPNR1ND879D6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: 1c1HQxED3t2fMmCg0qrin5S/RtJVgWPTeb4s0AwXGt1UQ9Uvc8Q1DnIiW2/fnBtc5giC+MO631g=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354036,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5076

GET
H2 200 jserrors-aggregate.017d6ea4-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 7 KB
3 KB 22ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: NAR7T2V3M5YE8K9Y
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2704
x-amz-id-2: C2fLqLqmObf3U5hDD3ekwR4QEtfi9bQ61ji3jY0yVNouYCEdF2Vu4xkgN4EJzNRuKJc+QvHGe2A=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354094,VS0,VE0
etag: "3eccc20152284ae6154ef68728b49a85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3638

GET
H2 200 ajax-aggregate.666f66ea-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 5 KB
3 KB 23ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: 7278PED1QE21V973
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2159
x-amz-id-2: knum391aN4Sr7vmnQay8XgTioxMJi3Jfj8nbXYv0pWxuSCUZpt1W7e8GaN37HyfmbVDn/gj9gCw=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354164,VS0,VE0
etag: "6f55903bceeb36daf6c5579103364266"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7132

GET
H2 200 session_trace-aggregate.c0ef217a-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 8 KB
3 KB 24ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: C3B73R9K930JZQT2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3302
x-amz-id-2: p0uwtRj11G/Gw88vezCOMSzBk78M6o3cgn7mLs5UF0qszhtVkHFuEr3C7Swye3itdWW3niI8HAw=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354187,VS0,VE0
etag: "8658ef92a475808fc6ed23b10731217d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3634

GET
H2 200 page_action-aggregate.64dc4751-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 2 KB
1 KB 24ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: C3B9TZA4NQWN49KN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 985
x-amz-id-2: Suet5S8jOtYnPVUEB1YZRflMkJzTj3jkVMu2bYKKPqxiqJvMdrDfo567HMrVsFEWu0yvPksDO+0=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354775,VS0,VE0
etag: "19f8af5dbc48da5cec8a15e4e37572a2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3632

GET
H2 200 spa-aggregate.342172b1-1.232.0.min.js Show response
js-agent.newrelic.com/ Frame 85CC 18 KB
7 KB 24ms
0ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js

Requested by

Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 15:19:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: C3B0ZHYDKKRD51B2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6574
x-amz-id-2: N19b4Gma9k1VpVzG3mSu08uQxuB4OCB+HJlCTW5wwZHzv3Ed6e5baYwp6fh8T8VLSrEetzKpa0U=
x-served-by: cache-lga21976-LGA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684077545.354812,VS0,VE0
etag: "cd8a824b2ab07e7b696cf7565028153b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2838

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 75ms
50ms XHR
application/json 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec396defca87334defa383967f73565844b82e3ee58bcf56fa5dd0440ec8c50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11184
x-xss-protection: 0

GET
H/1.1 200
OK c25b69ac34 Show response
bam.nr-data.net/1/ Frame 85CC 49 B
528 B 258ms
170ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c25b69ac34?a=1824637757&v=1.232.0&to=ZgFQYktXWUMCWkVZDV9LcUNKQlhdTE1eXw5CSlRfVVMaXAxaWlUQHw1cUlxO&rst=583&ck=0&s=0&ref=https://appinstallcheck.com/fl/eglne&ap=16&be=91&fe=312&dc=207&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1684077544804,%22n%22:0,%22f%22:5,%22dn%22:7,%22dne%22:33,%22c%22:33,%22s%22:41,%22ce%22:53,%22rq%22:54,%22rp%22:91,%22rpe%22:92,%22di%22:298,%22ds%22:298,%22de%22:298,%22dc%22:398,%22l%22:398,%22le%22:403%7D,%22navigation%22:%7B%7D%7D&at=SkZTFANNSk0%3D&jsonp=NREUM.setToken
Requested by: Host: appinstallcheck.com
URL: https://appinstallcheck.com/fl/eglne
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appinstallcheck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 15:19:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7c741e133d198c2a-EWR

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 106ms
58ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 15:19:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E32C 13 KB
5 KB 15ms
12ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 164214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 17:42:11 GMT
expires: Sat, 11 May 2024 17:42:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D35A 783 B
1 KB 82ms
42ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

730c610ff09e254d3d3372b418494c29b28d643b8a4dfbe145d23787c4c130c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b3cb39RXFAkNv6Mr5xQUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-b3cb39RXFAkNv6Mr5xQUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 15:19:05 GMT
expires: Sun, 14 May 2023 15:19:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame E32C 37 KB
14 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 21:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 21:03:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D35A 0
0 43ms
43ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=464266127412240&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E32C 0
10 B 17ms
15ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WvRCdQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 guid Show response
d28uhswspmvrhb.cloudfront.net/public/ 0
278 B 82ms
82ms Script
text/html 2600:9000:202c:6200:b:dc8d:b7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d28uhswspmvrhb.cloudfront.net/public/guid?cpguid=fzvexd70u&e=ll&t=1684077545797
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:6200:b:dc8d:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:05 GMT
via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: EWR52-C2
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: KiiCkY-4nOcL2vrJbhGjHFx_-JfBD7HvKIwnZGylhRHWMlLOc554mw==

GET
H2 200 guid Show response
d3ikgzh4osba2b.cloudfront.net/public/ 0
277 B 163ms
160ms Script
text/html 2600:9000:24f1:9000:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/guid?cpguid=fzvexd70u&e=ll&t=1684077545888
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:9000:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:06 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: JFK50-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: J9Rf6f2RzFEI1utKRSh97B8E4zoDxtyk7sAKZgVkKWPOz_w4lm2Kng==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
48ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=464266127412240&bg=!urmlue3NAAYldGN0BXQ7ADkAdvg8Wg9IeCZ8tfuNfBXtHwag13fecZ2vld7Cto9f5y2KpRqTgjy_no4x3is-nNWZk1_Z3N9h6tgCAAAAt1IAAAAFaAEHCgBK6xp6JXJQJk575S8Jp_ZHM4VmStO6b0siHSt-yAxVsHj1n8ZwulGdrKbVmi_PNQwfg7kPqXAW6Ka-Lfuf8OV8CYs37RY6d-dnlmaZAq0XLxbPbw44mHtsd4W0Nq0jFF7Lnc7vST3ABoiDguOUkzsoWefpqicAk2WpfVAO6nmaEGDt9f3wGVr3ZnD7M4nUyZwYdK52IrmwuGAusVZ1of1IrVuf7hKj-AANe4VCF1hmVQgpqNDFCK6ZSv-BkKhT2UwnqA4lVycqCSyrmtW6hdVcC4MW9GZpz8aN95PkfSxD_QRoTc9IRzfMnGniqEJpnn3It4mP9-Izj0laZUYDI9OgSl8uIJZDo1vEeNlOgoA7qkvzPH1QAuWZKKPyzAJknqiLXGswQMPIm2gKDzjGcHdXSLGmiQP-LH2ivF1sG0Epm9Yx9_LgcbLHHx48TxI0O4FCtakQBHO4QN9VA12HN9a2thOtlei3zBZM07QB5rYLzgXKzZVjqcI5g0D6RhNN7pwyHBLryjyuIe1rqc53AmgSILUXXdGJp8h4bYFyXSqpOl6fmHmLpXNt4BDeMmNKTGrBnpGk0k1sSeVsJyJ4iHPMG0nSbC3zYgasa39gXk9r_txf3-hyLmRBQDOakKk0M_50u6PgVmEYsBZYUH-gcny8cJQmECLrVEbzDtvK2ue72H2xoLNvlh1LZa4ApOgtOAwLIcqtvfc13tDyEmWebCyS3G8sHUTMO6m8za5HZu6XMpXySivlbW_kapLWGtQAnvJMbq73TPSQLHpijZT1Rrujcj-8GTHuDoMxBrkPxstm9K88Lc9i2tbws1Z7bQ5ME0O2OExxHg1IbTFeteTiqjHNILFJ7YlW06J1cvK7NCkBAX_BguLX0Ft6Ben42QlldkwcpdoyGQD_9h62bEL3JZV3JaCzNm_w-qXqDLVLkgejBaxRubi3BqxFpFDeUz5QyfDfN-RrJ2ko7xruRzkj3yxN7xSKdni38hMqokyk4pTvnke6FzqMMscKRxME
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 check.php Show response
d3ikgzh4osba2b.cloudfront.net/public/external/ 78 B
372 B 167ms
167ms Script
application/javascript 2600:9000:24f1:9000:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/check.php?it=3441003&time=1684077547182
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:9000:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:07 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: JFK50-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: 6_Db8qvjJwcKtl6t3fna8ArdIiZfV5g6KxJxuD-712Lh6vRvpCmvSQ==

GET
H2 200 check.php Show response
d3ikgzh4osba2b.cloudfront.net/public/external/ 78 B
371 B 87ms
87ms Script
application/javascript 2600:9000:24f1:9000:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/check.php?it=3441003&time=1684077547215
Requested by: Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/7f6dded.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:9000:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:19:07 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: JFK50-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: KQmlLlsZBX4PLheol7raVIz1s0wUi3objkpuQhmdru6_VF6z8h58cQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.allyoucanget.buzz/	1970-01-20 11:49:23	Name: _gid Value: GA1.2.117514243.1684077545
.allyoucanget.buzz/	1970-01-20 11:47:57	Name: _gat Value: 1
roblox.allyoucanget.buzz/	1970-01-20 12:02:21	Name: _cpguid Value: fzvexd70u
appinstallcheck.com/	1970-01-20 11:49:09	Name: XSRF-TOKEN Value: eyJpdiI6IjladlVHb2E5clFuSEhxUkhGd2VPYWc9PSIsInZhbHVlIjoiVVBMelZkdmc3enkvRTMvRkdicEY4cHB3U1BBT01YeTlCWkFQREF1VkdxZG1RSDZ1QnVxOWpyNzRielRFYjNPRFVZWHJXNy9McnhVNXc2VjRYMUxMSWVtL0MwVzUwWG5KaHUwNUdSZVZnR2ZjUU9EUFBOb1dQclh6YkJHMGk3dE0iLCJtYWMiOiIwY2Y0ZDc5YjliNmE3ZTMwNjk5ZDZjOWY3ZWVjNTA4ZTAzNDY2YzY3MjI2MjE2OTFiMzgzNDA2M2FjYzhhZDBkIiwidGFnIjoiIn0%3D
appinstallcheck.com/	1970-01-20 11:49:09	Name: ogads_session Value: eyJpdiI6InZ0UENZUDdQMlNyNjNDYTFYQ0JQWFE9PSIsInZhbHVlIjoiWTBJRUN5alo2a2dKSENXNHpseUdhSTIwbVAyTXdLbCtDUmFoa01EZjh2UU56MTNkTWhCdnkyV1RlMDJRY3ZNRkQ4YU1kN3N4VHQxU3plT0JZVTlrSDVtNkZBYzhFU3ZOeERsTE02Z3QvZDFMWjlyWmVlMStjcjZyL2hrTzZaWFkiLCJtYWMiOiI2NWExZTA0ZjcwN2I0YWM3ZmU1Y2VjZmUyZWMwODAyZTE4YjdjOTdlOTBlMzU1NWU2ZWZjZDcxZjdhM2IwZjk3IiwidGFnIjoiIn0%3D
.allyoucanget.buzz/	1970-01-20 21:23:57	Name: _ga_3W7PE80J60 Value: GS1.1.1684077544.1.0.1684077544.0.0.0
.allyoucanget.buzz/	1970-01-20 21:23:57	Name: _ga Value: GA1.2.979568280.1684077545
.allyoucanget.buzz/	1970-01-20 11:47:57	Name: _gat_customTemplateGlobal Value: 1
.doubleclick.net/	1970-01-20 11:47:58	Name: test_cookie Value: CheckForPermission
.allyoucanget.buzz/	1970-01-20 21:09:33	Name: __gads Value: ID=07e15e7dd34eb5de-22ab314d9fdf0050:T=1684077545:RT=1684077545:S=ALNI_Mb2DsgTDd5CkWKTwjR4ui8hQuro2A
.allyoucanget.buzz/	1970-01-20 21:09:33	Name: __gpi Value: UID=00000bf7ea198773:T=1684077545:RT=1684077545:S=ALNI_MZNjLEiBsQkCZbs2eTkjyUcAup7aA
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstCfa3430514 Value: 1684077545217
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstCla3430514 Value: 1684077545217
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstCmu3430514 Value: 1684077545217
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstPn3430514 Value: 1
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstPt3430514 Value: 1
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstCnv3430514 Value: 1
roblox.allyoucanget.buzz/	1970-01-20 20:33:33	Name: HstCns3430514 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://appinstallcheck.com/fl/eglne Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9604483111298619&output=html&h=280&slotname=2974103421&adk=621789044&adf=2449933453&pi=t.ma~as.2974103421&w=1090&fwrn=4&fwrnh=100&lmt=1684077545&rafmt=1&format=1090x280&url=https%3A%2F%2Froblox.allyoucanget.buzz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684077544687&bpp=4&bdt=261&idt=384&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=865401897308&frm=20&pv=1&ga_vid=979568280.1684077545&ga_sid=1684077545&ga_hid=1498334152&ga_fc=1&ga_cid=117514243.1684077545&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788442%2C44790154&oid=2&pvsid=464266127412240&tmod=1571615105&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mtCeDCGYTB&p=https%3A//roblox.allyoucanget.buzz&dtd=398 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
appinstallcheck.com
bam.nr-data.net
browser.sentry-cdn.com
d13pxqgp3ixdbh.cloudfront.net
d28uhswspmvrhb.cloudfront.net
d2bb5k76l7oivo.cloudfront.net
d3ikgzh4osba2b.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
js-agent.newrelic.com
o425163.ingest.sentry.io
pagead2.googlesyndication.com
partner.googleadservices.com
roblox.allyoucanget.buzz
s10.histats.com
s4.histats.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.243.38.177
149.56.240.127
151.101.194.137
162.247.241.14
23.22.126.183
2600:9000:202c:6200:b:dc8d:b7c0:21
2600:9000:2140:4400:d:e9c:2500:21
2600:9000:24f1:9000:15:7da0:ecc0:21
2600:9000:2512:5200:1c:b3e3:eb40:21
2606:4700:10::6816:5fe
2606:4700:3033::ac43:92c6
2606:4700::6812:bcf
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200a
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200a
2a04:4e42::729
34.120.195.249
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0807e8f7ee5b126649b8815fbcfb23d0eb5a5809066299bdc9e3ad2cfd94030f
120cb0be75d77196ef6b3813b5a24d23075a6d14dd5cd1b39020b6eb3ebdb6ab
17abeedfe0763eff8133623a2b24502d116f561c2ca907e0263b490a958e2072
1b20575865a1cb75844e1b88a862c90932305f38c7e9f25068e8ab6f50b82473
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2fed7047795c7e1f4273e3c89f04f413ca71d72a8407cdbcaf842f7140460aff
31634d2128e7d2b92f4577e21919d12818c3d4928ff3a4b1f277a61bb3de4f52
3330aa5943e06e5157e4d95a58deeca26a43b98727d8f3daaeffeb23d5621da3
36372b5fdfae8de8e99b7a209ef8d6831b531644877b91bea3f5be51b7fa2adc
43dd9005d5cab6decac7409ac2299bcf371621a188e74108137403fb9a98431b
448c9ace7b42876399fabdb9d02253e7be4667b6fdbb8e0a3eeff086754fc164
47722d99cdc263f3783855402a9e9c81d12cbce823b6dba6b9ac3b948afd0075
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
51e91dd535891502cf4fe61f9c9bc52a9dc9dfcfea1fd3d5ba832028f2dada0a
5423daa354a40159acebdbabfc31a949c9d439ae3cada7c5b18a494274566b5d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
730c610ff09e254d3d3372b418494c29b28d643b8a4dfbe145d23787c4c130c8
735c5ced19acfc830398b83e3a818cf30acecca4826ae79fa3f399c6818599a4
752b660e63f2f27ae5e173f921735cd8f232425b8911660ed57289b9f17110dd
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
80d8ef832eec8b0e15132c57ce2b1cee65d46e4600f6107ab21b62f78b187c0e
8a5ee74a0b0652d311ddd54c2c6847c2d38b6db8fbfa55da5d029b3c2185873e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b75ddbb788541f2b625130f823a6a26bc8106f1b7d30bd31a4fedd1a6d856b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a71a66d454123464159618ae7fefc696774ce6b64b25c87b589c26778151d03e
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ac570e73ff965aab067468665d8e39871e5ecf419c213564a99c02cec6deb232
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
aeb69c82560a722e264cfed39f63b891e8a809804e61be254fbc41369170e76a
b2d951f1b331c622645082362bb5016ea5544a83ae12c03abd58a647310e87c9
b38d4341cfbe623fe2ef5295c9fb1f1482d9d12921e3644108f4b33bf5e4f2e9
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274
b7ce6adefb5723f3e603275e7f4eca08819706555f1cf3abe0b16f047cb46e23
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
ce0e7beb9853e79a93344cec332447dad72d4ed2f18b703cfee28bed8e77b038
cfa65f63f1198fde81984485f693cdeee8d872a9a9c4ec3598e85bb5452a260c
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ebde9f239364de4d5178cf65e57cafd8a33acf780df5cb60ecf38a1e6769380b
ebfd40e9d2070bd61499d490fc4ba516d4e1f9baef1a8a271433051cdb25ab23
ec396defca87334defa383967f73565844b82e3ee58bcf56fa5dd0440ec8c50b

roblox.allyoucanget.buzz Open in urlscan Pro 2606:4700:3033::ac43:92c6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

79 %IPv6

18 Domains

28 Subdomains

29 IPs

2 Countries

1205 kBTransfer

2199 kBSize

18 Cookies

1 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

roblox.allyoucanget.buzz Open in urlscan Pro
2606:4700:3033::ac43:92c6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

29
IPs

2
Countries

1205 kB
Transfer

2199 kB
Size

18
Cookies

78 HTTP transactions
1 data transactions