urlscan.io logo urlscan.io
SecurityTrails logo

rbx.iuo.cam Open in urlscan Pro
2606:4700:3033::ac43:8b6b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rbx.iuo.cam/offers/
Effective URL: https://rbx.iuo.cam/offers/
Submission: On March 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 8 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3033::ac43:8b6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is rbx.iuo.cam.
TLS certificate: Issued by GTS CA 1P5 on February 16th 2024. Valid for: 3 months.
This is the only time rbx.iuo.cam was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::6815:1ad5 (United States)

ASN13335 (CLOUDFLARENET, US)
rbx.iuo.cam
20    2606:4700:3033::ac43:8b6b (United States)

ASN13335 (CLOUDFLARENET, US)
rbx.iuo.cam
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2400:52e0:1a00::894:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
cdn.linearicons.com
2    2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
7    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:21a2:5600:3:b5aa:ad80:21 (United States)

ASN16509 (AMAZON-02, US)
d13nu0oomnx5ti.cloudfront.net
5    2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2600:9000:26a0:c00:1a:a42a:c740:21 (United States)

ASN16509 (AMAZON-02, US)
d2jxbhlohyq6u5.cloudfront.net
11    2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c08::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 iuo.cam
rbx.iuo.cam
1 MB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
www.google.com — Cisco Umbrella Rank: 2
71 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
226 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
11 KB
5 cloudfront.net
d13nu0oomnx5ti.cloudfront.net
d2jxbhlohyq6u5.cloudfront.net
53 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 973
85 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 368
32 KB
1 linearicons.com
cdn.linearicons.com — Cisco Umbrella Rank: 55998
2 KB
57 8
Domain Requested by
21 rbx.iuo.cam 1 redirects rbx.iuo.cam
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 pagead2.googlesyndication.com rbx.iuo.cam
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 d2jxbhlohyq6u5.cloudfront.net d13nu0oomnx5ti.cloudfront.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 use.fontawesome.com rbx.iuo.cam
use.fontawesome.com
1 www.google.com tpc.googlesyndication.com
1 d13nu0oomnx5ti.cloudfront.net rbx.iuo.cam
1 ajax.googleapis.com rbx.iuo.cam
1 cdn.linearicons.com rbx.iuo.cam
1 fonts.googleapis.com rbx.iuo.cam
57 12

This site contains no links.

Subject Issuer Validity Valid
iuo.cam
GTS CA 1P5		 2024-02-16 -
2024-05-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
cdn.linearicons.com
R3		 2024-03-03 -
2024-06-01		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://rbx.iuo.cam/offers/
Frame ID: 5641F25D867EEBFE664E32EC9367113A
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: 5A442A1A84A6BC6430BF1CC179B2D994
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&adk=1812271804&adf=3025194257&lmt=1710282385&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384409&bpp=5&bdt=328&idt=744&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8532231000382&frm=20&pv=2&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=768
Frame ID: 42046DF6732CCE15AFB00159BE479208
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=9762634980&adk=432508804&adf=412809324&pi=t.ma~as.9762634980&w=1110&fwrn=4&fwrnh=100&lmt=1710282385&rafmt=1&format=1110x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384436&bpp=5&bdt=355&idt=749&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=755
Frame ID: BFB2E88A0748AFA7D2038F47107423EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=8964241401&adk=1661768605&adf=378342894&pi=t.ma~as.8964241401&w=320&lmt=1710282385&format=320x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384442&bpp=6&bdt=360&idt=758&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=762
Frame ID: 9CFE811412446FEF58C05AE3C4A7CB31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=8964241401&adk=1580532155&adf=3386027979&pi=t.ma~as.8964241401&w=320&lmt=1710282385&format=320x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384449&bpp=7&bdt=368&idt=762&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C320x280&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=768
Frame ID: 8C00A44628A0BC936ECB8B42A8CBBF44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBE02B0039A214D40F8A77E5F593A438
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B76DE83AC65137C82E999F23CAB2B6F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox Robux Generator

Page URL History Show full URLs

  1. http://rbx.iuo.cam/offers/ HTTP 301
    https://rbx.iuo.cam/offers/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

12
Subdomains

12
IPs

1
Countries

1755 kB
Transfer

2743 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rbx.iuo.cam/offers/ HTTP 301
    https://rbx.iuo.cam/offers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rbx.iuo.cam/offers/
Redirect Chain
  • http://rbx.iuo.cam/offers/
  • https://rbx.iuo.cam/offers/
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f32e2cc5dff9c3395c205576cb6c99cd5bbae7f10e34955879a7c9df56e88c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
863734a2ecf525a1-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 22:26:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgIhzDksA7S4LnZXYwijNw9SyOMMAcF%2FOnrvoPz3%2BFbPz%2FJY%2Fteudy79s1GTZkQo6xqBXfER3NRPmQiJK4CiSZZeYcpvTwkw8HcpxazXs8QLjJOi6CjCMX%2FzFU9GIhH6Iptzdl3v2ZnUhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
863734a2497f9071-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 12 Mar 2024 22:26:23 GMT
Expires
Tue, 12 Mar 2024 23:26:23 GMT
Location
https://rbx.iuo.cam/offers/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c39sWkqinfo%2FEVCo1v0Prgj8yxKYZjmflq8l7x8uTP15tQcvEhayfioPS5gYxHJtwVjWp5EoiFCud6EjHDjQoCl%2Bxlr8ylWgydUpXvgy9moHx4SiuigTTR1iPJR74N58fWaDmG4Q3Wo6w%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e64a629e1151d207e5052f35248651963fcae91ef82281fbb9a8c6e86cba52b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Mar 2024 22:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 22:25:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Mar 2024 22:26:24 GMT
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.linearicons.com/free/1.0.0/icon-font.min.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::894:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-894 /
Resource Hash
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
content-encoding
br
cdn-edgestorageid
871
cdn-cachedat
02/23/2024 08:13:59
cdn-pullzone
1459430
last-modified
Wed, 07 Jun 2023 23:52:14 GMT
server
BunnyCDN-IL1-894
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"ec26292e52e5bc20624b029974bd0adf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
656cab49554444629d0c2f2eb0f62c52
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://rbx.iuo.cam/offers/
Origin
https://rbx.iuo.cam
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkJ0mSHFu%2B7LiWSLPD6AvDaWspeuiNHVgD7MKoAZtb3J05iaCvBFTqA5a3SOlghuiz5A1r%2FYvOs9igtUfMu%2BkiGulwqWj7armNyd758iQVQOiJabN%2FiISvemSdXv5jsEGwxkioLfbZi%2Bapx%2B4XRafWUf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
863734a4faffdb21-MIA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
rbx.iuo.cam/offers/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/css/bootstrap.min.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBEdTQYQvjupJL4g9bH3d1e%2FLFjrl5FCPwYzXKg2hHLB5BbKeQRK0AOVWLbFSAOhiLmWu5eqwDbPj%2BZkfVvbSXWqo3x02F9zG3C6XBnW30S%2FXcDv7rmhOmaj2cV8VuaOv%2F4r8NVlvV9L2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4a82c25a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
animate.css
rbx.iuo.cam/offers/css/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/css/animate.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI8uywI%2Byz2d32SohIRJgJRKjBpP4zDtqAmmgDuBDDa%2BNXxMAKcGyv35ED%2B5jUq9dNL768LjSPIHGn1RKxHAxbfHyfMxMj0trYERB1ZyB%2BAFVfXYCEVMPGHAKJGee7lsdDaeE5agXgnKTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4a82e25a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
magnific-popup.css
rbx.iuo.cam/offers/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/css/magnific-popup.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b91883c19d6ac75f60c51c37cd0cdee04b4dcbf9b9aab22f724c673cfd99be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BYeSw3H6ZyP3U%2BnWoYezVguEP6Qy4TAY26jMMp7O9%2FKgi2wZvKKaoz%2B5i29GZ4IlbNg%2FcmHqAMtT2M9Nzzn9l2mYCkeX7mWUqkFr1jrD5DdbphR6fWkZXrxF3XqtTev9opsEURD1Z1IHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4a83025a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
style.css
rbx.iuo.cam/offers/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/css/style.css
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efacaaf7886c81499c213860823c9003622e7e472560590e9b80a7bb677230fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tovN0w3sAEmp1KxNOjqXh6UOT%2BolMzQ1MrgI5hKKkUw5DIi0X4QUcq4nqPn6CvXms9GNY5WYmCVBkRD%2BdPhRUAOG2%2FpkkWqSHSQHa6hYLYuRWuUDECOdmT5QOaRU1eKayt6gYKEH7yW%2F3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4a83125a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
logo.png
rbx.iuo.cam/offers/img/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/logo.png
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7676c6130614c9bae32907b5245216ada0c4889d4d20df0221bb74015da2bf72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
92489
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FmDBCr6uK4J36%2B9PwPWXLJbOEOS3VkxvdRF9FCldRS39X0btn%2B3WbBa3OLkc165slZAEhFiYOdAjOeiquh28vjA3fP%2B7FFbxqn5aJmtwl1wp%2FBipy2uMdgPbLMmCF4LeprSIkb9CXtQVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a4a83225a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6656441747792923
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a9e7712cd851cf196b697e0a97800697d32a3f57d0453584f378e46d552ec85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Origin
https://rbx.iuo.cam
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50745
x-xss-protection
0
server
cafe
etag
7039741406476185301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 12 Mar 2024 22:26:24 GMT
article-header.png
rbx.iuo.cam/offers/img/ 		333 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/article-header.png
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e78585a94079b37e4f2fe18e5072543bfb2fb61ac9b4c78f20f6fd05b81b04f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
340915
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fkhFNsqSN7J6ntMISTy3kl5LcVuMldGs4sQBmpkn%2FNfEDypylDirexg63vzynN5%2FVf8TQEFnzJ9wfdQNlig4KDGn5q%2FPoK7QpIHZbJdcEC3Hvfy1sW5Jjw5dcUWJt0iZdhoDjyaNAXn3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a4a83425a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
hero-right.png
rbx.iuo.cam/offers/img/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/hero-right.png
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620560bfb2c7c523292f661241f83f80bd8f3b1e083a2bff3997e05b528ef967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
256533
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXO%2BZyfov5ezc%2FgKVC8swI2tEzpQhrSlFXsTghm0J9UEK2lv6%2F45NFCqO9gw%2F1SX2HUQ8DDBKciy5gGvL0rPfBDwp4kSkbdLBMLVQJ4mHV6DAOEVy1RdG%2BSCz8VNDkXtoAqLw5GqTKqxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a4a83625a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
hero-left.png
rbx.iuo.cam/offers/img/ 		251 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/hero-left.png
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8e3721d0de9fe4fd6e24a56cc0d45128f3199bcb7dd0f41c8b9f274405f062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
257131
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOJ8G3thhh7q5k6cJ1N2Emb2MLqu7th25mMzDkW%2FO5MZ%2Bk0oq06hSUHlPE%2B0IpX38M9I5aDRSHv9L1IKMON%2FoQDgJaurb34p9HymNIJ%2BgIOTV5bzFvfb7bNyPcicVBW19Z8cWSQVAfBGXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a4a83825a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
a-user-img.png
rbx.iuo.cam/offers/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/a-user-img.png
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5712479d98b376a183ade66212776d51f3bf9a4244124d4aab928225bb3badce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20035
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ%2B3VkZNRamam3ExjzqJqKg7j3Ahi%2BF4imzyVOWEDFnOgcUFKEaC1d4SbIaiLY8UebJ%2FLCZWEbF9v0bR23XXzJfqSN6uPUM5E4S38vp8C%2Fd8ozk4RuALyeuKOWVLfaAzHOh7LnZr7mQIVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a4a83925a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 19:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 19:34:30 GMT
jquery.countTo.js
rbx.iuo.cam/offers/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/js/jquery.countTo.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9BrM%2BwEgvqF8NxZbcUWe96ybbvttdMDAatcvXngGF4CnuLOKu3bMwgJKMCq49F8HR44Zp27Qui%2BO%2FayR%2ByGni4TreX7oYb6ZiaeX%2Bz4MrpGnpbdC5a6%2FPTA1vWkFy5GRG8TkH7pKa%2B3tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4a83a25a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
ion.sound.min.js
rbx.iuo.cam/offers/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/js/ion.sound.min.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1520e67c06c2b44c67aec9833b5f1c5324c2cc8842d82f7cc3509adc34c95a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePJLxqEgmcaTDeyWhTYEu%2B3yqDdMGhPiHjSdCh9iORblusbETLbn3HjFX8GvTDAtA3zoKypUf64xdGWl6SAjSo%2BzZYArWYA6wIAJBARI%2B8QEFYJMhpWDGtk3Wew%2B9wsJWJOLDebO7VEJwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4c89425a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
jquery.magnific-popup.min.js
rbx.iuo.cam/offers/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/js/jquery.magnific-popup.min.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d806251606bc9565f1b81a83bc9aa04cb3ad88fcb2c53cd48cb0b57d1ffcd6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srHoRj69QplnogSTJPWwaPtPmzrjpRgtmNTIsMUFdpJLiRT2Lj8PXpYHkBWVL1GUr8B7XjProtouSCmqNoItpDQUahFvftWCxjzi9YOIkgFB2lWvHOkaQOG9rXUnaenDg7FUjmy4uuzLWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4c89725a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
main.js
rbx.iuo.cam/offers/js/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/js/main.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d373dfc79e8a65a26d902c9965105d8b832e05726527d87546890032b207426c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34yt5U5ECvmMNhBsJv%2FULJg0u0W9gl%2BO5QWBoDuWZ8Z%2F5pOUVHOuBykmhzaaks6z48frcxSdrPUAzva9BXOSnhEJiEKegsF7N%2FkJ2nsmoMaYoVdWjzCSyk6fDX1%2BWKR0i%2FEoBLs2qASQiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
863734a4c89a25a1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
76d46ed.js
d13nu0oomnx5ti.cloudfront.net/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13nu0oomnx5ti.cloudfront.net/76d46ed.js
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:5600:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c92462c5debe369f38a97357a1563271f39e700ec80fc1da883f6cd5073b43f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:18:45 GMT
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
last-modified
Mon, 26 Feb 2024 00:03:44 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
58060
etag
"d97ce0c62f38bfc5af284137ebc0e1ca"
x-cache
Error from cloudfront
content-type
application/javascript
content-length
26988
x-amz-cf-id
4clVQdHDjhCsVoTpJT30Tetusvzi5PwIWOoF4vg5Z2aiVGPfSHLv_A==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/ 		405 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6656441747792923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e9029b279aa06b4220b57cf2f2e4b789cf1605b2099963f8ee24fab7723a86e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140512
x-xss-protection
0
server
cafe
etag
2457953604062229994
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 22:26:24 GMT
main-bg.jpg
rbx.iuo.cam/offers/img/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/main-bg.jpg
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9306287ceb02916e61bd7abe98d8445dc3757705ecb171cfc5f2ae205742af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
130505
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHaRFAU43wkBcC5QAy8tB9yNA4f3Ve4jtTeDmAaEvyxzxsD5lBdJxp5Rbl5btxZLnpzOtKmLz3BIYpJhcVyvKRktlEtr%2FaB3cpm8zfgcaaERTfInNLCb7Rg6C9ObzAL2WI4ADkxtzjPrRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a6a8a78dc1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 5A44 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6656441747792923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
10316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 19:34:28 GMT
etag
5035419970550746386
expires
Tue, 26 Mar 2024 19:34:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
BurbankBigCondensed-Black.otf
rbx.iuo.cam/offers/fonts/ 		109 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/fonts/BurbankBigCondensed-Black.otf
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a997815b035b17e21219da0b04b61549e4ef11aeb8220a189b33d8a666a8031b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rbx.iuo.cam/offers/css/style.css
Origin
https://rbx.iuo.cam
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft3NCVl43Ct3ZY1PEp%2FQYi7rCYgr7t0T4S2J8bbHkERaRIOik0rSODGAghSBDU3g2m%2FIfOEGGX%2Fcwn8Wum5%2BDmYVWFuRAxtPL9vScFZQHqCIuKStZm2k%2Ffsz56JANBie8fTw7IaaPo68gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
vary
Accept-Encoding
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
863734a6d8e08dc1-MIA
gen-bg.jpg
rbx.iuo.cam/offers/img/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbx.iuo.cam/offers/img/gen-bg.jpg
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55628d3547f1cf1c2dce54b95355081098d01b3f3c9c5b0b0612a1306a39768a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
38129
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po4x6NXlWFDgVbfQxi9lfkkrY7y%2FHKh1Kyk%2BJYu0Gd1aD9mrftpR80Vicp5%2B6WDQXc7WaqxnyVl0W%2FH04t8n8Bdj7C54709%2F8wKvgI0eAwUM0416PugJYYGgWuFmdqSurJ8xKfLJqzRU8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a6e8f78dc1-MIA
expires
Tue, 19 Mar 2024 22:26:24 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://rbx.iuo.cam
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgIu6EXHO4%2FShhrvo%2FGkv4nS%2FxM33PpLB7NSwSSmrNVvDDunpzpG9UwzcEhhOvCB05REx3oNsFidyiDkD5Yrfly77E%2F8I1TmPi9h1hIMZ%2BsFnXDn9unrx2TP8OaNiYGS%2FtZ3C5DizQ6jusY4ja05YOjF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
863734a6ef7edb21-MIA
alt-svc
h3=":443"; ma=86400
content-length
74288
htmlxf.1279897.557a3.0.js
d2jxbhlohyq6u5.cloudfront.net/public/external/v2/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2jxbhlohyq6u5.cloudfront.net/public/external/v2/htmlxf.1279897.557a3.0.js
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/76d46ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:c00:1a:a42a:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
cb66e2a7f596751f2c4f4dc20483ff65e8bcb4678a7cccb28b34975658d3db96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-P2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
WsdSerCG5qxE5gJLmCtzmY84YuspBI0Vk9PX63C05ljPdtNY7UuDuw==
css_frontXF.css
d2jxbhlohyq6u5.cloudfront.net/public/external/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2jxbhlohyq6u5.cloudfront.net/public/external/css_frontXF.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/76d46ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:c00:1a:a42a:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 03:23:53 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-P2
etag
"17f6-60315f10d79b1"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6134
x-amz-cf-id
fP2dx-3WeanDz2dZuGqhV6zLHE-Z2hOwAjwRBb39rm2DT6zymGjc7Q==
button.mp3
rbx.iuo.cam/offers/audio/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/audio/button.mp3?1710282384554
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/js/ion.sound.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e078bcec23ecfeb0224bf7dc811dced1e6b6238e7f84a5b2a0d6193b609dc38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2161
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgW2tQyya8qwsADuhI7Cr%2Bh5P51q4WI%2BKkTh5eBVLBkm08%2F6V3zKw6eh7lbJc0nH%2FysEjkYhcYlkH4NIgjVFYGcEKmrOWeaiSs6SnNXpqCe2gh7%2FC7nvNjh2VvH7taaC2X%2BkgC8lx1iofw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
vary
Accept-Encoding
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a78a2d8dc1-MIA
transition-1.mp3
rbx.iuo.cam/offers/audio/ 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/audio/transition-1.mp3?1710282384554
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/js/ion.sound.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a2e2080b441e2d3f80d8b476c2da4179f49f611109c8d8387d2edd80e39200c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
25121
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywshPnFKu2%2FF7hPSPhBhezNfxQg9U%2FqZ%2Bcck5fkr8DU41jtEqWNXwxbeeSdUgo5vVrhHUfVpXEEW0eY5JIdikQuvQgTjct%2BZyOE7IErcvYaebXTO%2BRPhSfg%2BkczoIhSOswWKz9ni3YT2Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
vary
Accept-Encoding
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a78a328dc1-MIA
transition-2.mp3
rbx.iuo.cam/offers/audio/ 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rbx.iuo.cam/offers/audio/transition-2.mp3?1710282384554
Requested by
Host: rbx.iuo.cam
URL: https://rbx.iuo.cam/offers/js/ion.sound.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9eaab4a464a183dc7a427f59f140b326272fd0cbeb01793e0b3a282819d711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
25539
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Nov 2021 07:55:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R2HZ9CBmXpfxB08gEPnCQGf6LkcDqktxuO9JJO4nzHY2vyTCzmoB4lUpB3a9Vor2OkGKSR3Ffac4l0htTiqRhDDfQEHkkmpcAO8bxLL7Y8W68VKX2t9ixLIBQNFve311t70c2XxLOXBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
vary
Accept-Encoding
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
863734a78a368dc1-MIA
cssXF.css
d2jxbhlohyq6u5.cloudfront.net/public/clockers/PrimeApps/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2jxbhlohyq6u5.cloudfront.net/public/clockers/PrimeApps/cssXF.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/76d46ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:c00:1a:a42a:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
e6959d5cfed508bcc278587c05b26b361bc678f8a7f0502ca6f8ce01f2838cd5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:25 GMT
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
last-modified
Thu, 17 Aug 2023 03:34:43 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-P2
etag
"70c-6031617c40ffd"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1804
x-amz-cf-id
iFKz9pkEUp6SsBwRCz_6yIYDUb2Po4nA8L9l9PTFQ1Xwan6qNMV96w==
ads
googleads.g.doubleclick.net/pagead/ Frame 4204 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&adk=1812271804&adf=3025194257&lmt=1710282385&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384409&bpp=5&bdt=328&idt=744&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8532231000382&frm=20&pv=2&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=768
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73393cd32cb623dc20e30bd99cb4d40c7d98c6e32139d944dbf3f905474586c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4712
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 22:26:25 GMT
expires
Tue, 12 Mar 2024 22:26:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BFB2 		835 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=9762634980&adk=432508804&adf=412809324&pi=t.ma~as.9762634980&w=1110&fwrn=4&fwrnh=100&lmt=1710282385&rafmt=1&format=1110x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384436&bpp=5&bdt=355&idt=749&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=755
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ceb1f55e4343831b019dcf90076a2adaa2f68a3d1185910607f3b818bcd5cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 22:26:25 GMT
expires
Tue, 12 Mar 2024 22:26:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9CFE 		835 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=8964241401&adk=1661768605&adf=378342894&pi=t.ma~as.8964241401&w=320&lmt=1710282385&format=320x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384442&bpp=6&bdt=360&idt=758&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=762
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de0c6613aafdd0df24435ac2116cc044d76b77cc895daf88aaf4a9c45921b2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 22:26:25 GMT
expires
Tue, 12 Mar 2024 22:26:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8C00 		835 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6656441747792923&output=html&h=280&slotname=8964241401&adk=1580532155&adf=3386027979&pi=t.ma~as.8964241401&w=320&lmt=1710282385&format=320x280&url=https%3A%2F%2Frbx.iuo.cam%2Foffers%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710282384449&bpp=7&bdt=368&idt=762&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C320x280&nras=1&correlator=8532231000382&frm=20&pv=1&ga_vid=721843754.1710282385&ga_sid=1710282385&ga_hid=1922232654&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=2380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95326315%2C95320376%2C95322398%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4485305301337914&tmod=2134347493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=768
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5beec2413865bdeb2b1c9f7320609a07a07001f9f3a5f7ce1c4bc51bf80f3137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 22:26:25 GMT
expires
Tue, 12 Mar 2024 22:26:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-6656441747792923
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6656441747792923?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
509d31967194faf56993c5d36b4245134219584566b179569e3ddaf35dd867c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uAyxX49snXbvMlaD-aC40A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-uAyxX49snXbvMlaD-aC40A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx8S1h9ezCcxYOa2NGQD0wS2V"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVpwlU5MjJB4C0ABtSPaiHbJqE2ZVKyxZK8st6weLzXcE3dEQRDdhdSJlgu9wTdzXpGXEBMGUhwLtj9G0ZcCZBAJoKJ5OFlXpZKY1mjJ9uYIU3B3N52F6hdwSPh35c-P7hHkcuKaQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpwlU5MjJB4C0ABtSPaiHbJqE2ZVKyxZK8st6weLzXcE3dEQRDdhdSJlgu9wTdzXpGXEBMGUhwLtj9G0ZcCZBAJoKJ5OFlXpZKY1mjJ9uYIU3B3N52F6hdwSPh35c-P7hHkcuKaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjgyMzg1LDk2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yYnguaXVvLmNhbS9vZmZlcnMvIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5486a236c5bc72178958806fb140302b407b0ca94d65054bd672125b556f9fd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2AXKQMeubSzRdILto8OqvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2AXKQMeubSzRdILto8OqvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRA3x6S1h9ezCbzY3MkGAMp8LWU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUfIsQ3VZVgNBaydNndqVlI2_abket8HhPXW5axrardJDrY2N_b8XfnYQC5wUqEvtQgvIK8qfJGoMimm-ZMRgERXRyGZbNTcw6RMMPoxQifF8-8nEVP6sh4mZneC5ZZlE8lVNlS0w==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUfIsQ3VZVgNBaydNndqVlI2_abket8HhPXW5axrardJDrY2N_b8XfnYQC5wUqEvtQgvIK8qfJGoMimm-ZMRgERXRyGZbNTcw6RMMPoxQifF8-8nEVP6sh4mZneC5ZZlE8lVNlS0w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjgyMzg2LDYwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly9yYnguaXVvLmNhbS9vZmZlcnMvIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5eaebb5d607b3a35b17bd1655fa5a2118bdd83b6b45dc9630ac7e199c581a7c8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v5SIEkgTT4Q8Wi0eSOpS-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v5SIEkgTT4Q8Wi0eSOpS-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4h3-Hiw8K2bzqoCxIbrp7NGAnHM8-msKUDslD6DNQSIfepnsMYB8ckF51kvArEQN8ektYfXswk8eNFlDAD7hDLA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b735be2a8fc7ea8ef0ce8a30f8a741231495cd91add866e35b38cb3f9a3a5d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12094
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 22:26:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBE0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
272472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 18:45:14 GMT
expires
Sun, 09 Mar 2025 18:45:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B76 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
17150632df9b05662d7fd12ef387adf94cdf960d05a9f8158311dd5d196ae5ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HdCNkzXwrTgoaR8Mi0sUIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rbx.iuo.cam/offers/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HdCNkzXwrTgoaR8Mi0sUIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 22:26:26 GMT
expires
Tue, 12 Mar 2024 22:26:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
pagead2.googlesyndication.com/bg/ Frame DBE0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 15:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
25550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15541
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 15:20:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=4485305301337914&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DBE0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ztOk_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
fundingchoicesmessages.google.com/f/AGSKWxUslzcxBu0WFM7VZzVABkeYpXi1bEqt8TAZti0ZrNRAvyWhKkCpF7_mQLbd5ueXNP9R5-v54lofCrDtcOQjcvjV1ca_cVuCPmhFiFsyMhxrhtnUO-ZPtAV0yOH66wXu22Yn_pqiOVho-72zrsuBZErfutSNk... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUslzcxBu0WFM7VZzVABkeYpXi1bEqt8TAZti0ZrNRAvyWhKkCpF7_mQLbd5ueXNP9R5-v54lofCrDtcOQjcvjV1ca_cVuCPmhFiFsyMhxrhtnUO-ZPtAV0yOH66wXu22Yn_pqiOVho-72zrsuBZErfutSNkhafex8OTQWOJtPk3kiRMHlRP8VH-BGO/_/ad-openx./sponsor/click.=728x90&/msnpopup4..is/ads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwI1hJDnoRrpPPGA0C2XADTNmznEw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6744112d484299ca2de40f914a67f3aa1846878f1f3becc110a9b66194c16d47
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RcHgUSjjqHDYqwfwWG5G4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-RcHgUSjjqHDYqwfwWG5G4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4h3-Hiw8K2bzqoCxIbrp7NGAnHM8-msKUDslD6DNQSIfepnsMYB8ckF51kvArEQD8ektYfXswnMmLjtHxMAMPIzIg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwI1hJDnoRrpPPGA0C2XADTNmznEw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 21:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
2020
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 22:52:46 GMT
AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ulcaS5EstaDsz7aWmGwd1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ulcaS5EstaDsz7aWmGwd1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw05BiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJ7FgybyMzAPTqDVg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cGcN5bfwgPR3wRkfXPheZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cGcN5bfwgPR3wRkfXPheZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1pBiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJNHz-uZEZAPWtDcc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJhZOec78jkvlS_wcH02WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-eJhZOec78jkvlS_wcH02WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJvJhwZgMzAPV6DZ0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KApnZDCtXq0YZyN5_QkaHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KApnZDCtXq0YZyN5_QkaHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJTNh_cSMzAPW_DYI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUuzRnk2e7KnFx_MsJoMQebk2XW7woM6aATLtAN4H-DoY2HyXgm3MwnFcdGFIrAAsaJ9nyz5oiwLoTo40YwgGxbf_2eMEgYe5CuJFh_9ch0BLUWrmQZrILVWPQCFmyJSYnThFLwEQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUuzRnk2e7KnFx_MsJoMQebk2XW7woM6aATLtAN4H-DoY2HyXgm3MwnFcdGFIrAAsaJ9nyz5oiwLoTo40YwgGxbf_2eMEgYe5CuJFh_9ch0BLUWrmQZrILVWPQCFmyJSYnThFLwEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMjgyMzg2LDg0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yYnguaXVvLmNhbS9vZmZlcnMvIixudWxsLFtbOCwiczdoaUdyb012eFUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d57eecbb22c8e9b9cb83bf3e80d8d419f27d4e9f02c5e6725b7bb5b66e20f2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QlIN1ZNNT98mU59ni0_5iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-QlIN1ZNNT98mU59ni0_5iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx6S1h9ezCRyY9XMZMwD0LS4s"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
check.php
d2jxbhlohyq6u5.cloudfront.net/public/external/ 		72 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2jxbhlohyq6u5.cloudfront.net/public/external/check.php?it=1279897&time=1710282386888
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/76d46ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a0:c00:1a:a42a:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
YUL62-P2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
72
x-amz-cf-id
UZgO8GI5yKwAVQI8JSlYDO4fghRiy_wNBtI_grS1T__5Cq_amm5DYw==
AGSKWxVmt908DLe0omg2f-nu1vGPAOKaWwcp8zMT8Q_8fcgxtYnP6ZGk-irdpUjTtqSYwBj4Y162Y3_P4TApAosJw5mmD1O6S8jIxNkHee7sHNBlSf1wfrDZFF0jEnhzMZq5iz05eEziPQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVmt908DLe0omg2f-nu1vGPAOKaWwcp8zMT8Q_8fcgxtYnP6ZGk-irdpUjTtqSYwBj4Y162Y3_P4TApAosJw5mmD1O6S8jIxNkHee7sHNBlSf1wfrDZFF0jEnhzMZq5iz05eEziPQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KPPEjPSGk8mu91yoTdeJiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KPPEjPSGk8mu91yoTdeJiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJ_JjTd4YZAPY2DZw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWMv-BncsocpHbO9Z7rQBfepPw8CCL0AqGm81wWRLwI2UBhzE-_4mshKYCQPGa7dhRDCLUZpXW2CP27bffQcQ7awFgQj58daXgR4BihkG2wESizFOw1xV_kaH_Nf1H4SG1H212XzQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.s7hiGroMvxU.es5.O/am=wA/d=1/rs=AJlcJMyM_jr8RvrXE105utb8YiWSdMrSNA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3r58F4SIeO2Z8o3F6VMtHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbx.iuo.cam/offers/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Mar 2024 22:26:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-3r58F4SIeO2Z8o3F6VMtHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0ZBiqGV4xtQKxDt8PFic0mewhgCxEA_HpLWH17MJXLjy5DQzAPbcDf4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://rbx.iuo.cam
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=4485305301337914&bg=!v7ylvPPNAAZsmiNCTJo7ADQBe5WfOLIBe-HE3JAu2IzHeD_TVuQkksJdJzT0K5OSMDx_X9c5Ae93Gyu9sFpz9HLeIXW7AgAAAJFSAAAAAmgBB5kCzBbOoxAlQ3KRVlw3jifwsjqZ7jrBEdsa5FOYEF5CXY6hNB7rHMSBFzXhZu5FQfConU1dJJFrFihDeSz3FMOP2MvBmJTl_iW_1RB5tFLNSzopWphqLsWHwxXzY0LUC3C6EYskh-J-eHZWJKihgha28f8j_EQkGbIM6ZuO6PFXG5FAh30BdVAafjF-ZLduxoMl8Ygexp8BpmMDdtgnDD-oIs545JHu9JQt9Vustq3w1tUGJz7RDwujFvlmPiLipWtMhhnAGHJTHlgH4SKrg1Sar7NsG7bEdDNC9sAIvX9hy1gjc0fdQ2MRO-aHLjn4RMzhI9oo1O4zee4tVj0gdAg_6R32H3EE1HAM_q8E1PkmoKQU0HiJWZm3s7U7x7gopvivdMdNe7EXDyCwSQzcmuf9WVsyVAXg7V8JyaoFQ9Wn-8SJHsAhlE7oFg-sw_sXVF_oRAuP-q6brdY6H5gG38VTLCTvuMSggYJaXgZ2dRMJz5lQl2SwajUyUR79T3RwTBKG9svAfmUIpynLscRM4v3Ov5cOc-F-ptuBpzeeCwSvguxxW4rYg2GTjIGQxowhh-W1vT2WTqYhj0k6dC1vGDBByIq2KMtBLNJrdn0qT6NtQcqIma7jzxm3qB32Bcl3htg9MZJFX_Qt4ANIHVZtaTcEe2KXqSxwjhgHsNZ8vhsDYAo5QgjN-_Dbwr5Jvape3arW4L5292CGy3ruxXPnPrKi2Cg1GHWYF3Vg02I2pkdkmTZcgzw8uR6YBysgA84QTpKLIgagWC9z6FKQL54ZVBWsy08QRBK4ExsA9iKJZHDUECJDURMXpC7A7OkbQL52ofntWTFWSy4U_PbMI_pRZQr6qZdXBUmsm53ofmp-jlenRGGnao6RuVmYbRlhAHtsAn_cWGnEW_KWXsk-1a0A8Yc99Litxc7sUEgPiPc0cghbCbgZzgY7Y0mK5hIv_7vc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rbx.iuo.cam/offers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery object| ion function| rng function| Random object| human_verification_timer object| CPABUILDSETTINGS object| xfContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| xfLock function| xfGetFeedURL function| xfGetIframeURL function| xfGetIframeHTML function| xfUnlock function| xfOfferComplete function| xfOffersComplete function| xfCheckForLead function| xfComplete function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| CPABuildComplete function| _RH function| _Vm function| _uj function| _Ew function| _HW function| _oy function| _Jf function| _Mz function| _EQ function| _ZU function| _lL function| _yk function| _Tm function| _Ht function| _nS function| _Xy function| _qr function| _Tt function| _du function| _OS function| _Ts function| _ET function| _om function| _Wi function| _xb function| _GK function| _CS function| _kt function| _iE function| _Ut function| _yi function| _TR function| _iD function| _aj function| _lI function| _Ri function| _Th function| _gD function| _iH function| _ff function| _uG function| _KE function| _VR function| _HL function| _VX function| _Nr function| _di function| _Ul function| _WT function| _Cd function| _cy function| _jb function| _tx function| _Yf function| _zl function| _Pg function| _CJ function| _Jl function| _GX function| _nO function| _JF function| _KB function| _VU function| _MS function| _cn function| _xA function| _Kx function| _eN function| _yy function| _bC function| _JW function| _cW function| _Cm function| _xY function| _Gi function| _Ns function| _bu function| _Ci function| _cZ function| _vH function| _ou function| _Tu function| _ux function| _xS function| _wg function| _vs function| _Nl function| _LF function| _gu function| _Yg function| _Hj function| _dS function| _VE function| _TG function| _qd function| _FD function| _rp function| _Hn function| _my function| _qW string| $resource_1_amount_1 string| $resource_1_amount_2 string| $resource_1_amount_3 string| $resource_1_amount_4 string| $console_message_1 string| $console_message_2 string| $console_message_3 string| $console_message_4 string| $console_message_5 string| $console_message_6 string| $console_message_7 string| $console_message_8 string| $console_message_9 number| $sound_setting function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ODk0OWNmMThkMGZhMDYzNWxvYWRlcl9qcw== string| ODk0OWNmMThkMGZhMDYzNWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| ad71a22e-6d45-42d5-8283-e63e8380770f object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.iuo.cam/ Name: __gads
Value: ID=0badac5e248bec0c:T=1710282385:RT=1710282385:S=ALNI_MZ4-gtTmqlwsJEK9Xp_0pnrKhBWjA
.iuo.cam/ Name: __gpi
Value: UID=00000dd1f2ba5aee:T=1710282385:RT=1710282385:S=ALNI_MYAP49AHPkmFM55FjuLaAosdtaSzQ
.iuo.cam/ Name: __eoi
Value: ID=abe06e530a8c7634:T=1710282385:RT=1710282385:S=AA-AfjZalWo0OTLlJl8TCJyc7l9a
.iuo.cam/ Name: FCNEC
Value: %5B%5B%22AKsRol9XtexdDp-3R9jLV2ElV3rmFP3-G3vg1ewYU0L9E75nHQGZdumCcxaDCA3ztOegVoD3bXu7Y33aGSqqVi7XZQMxzYx_OuNz9RHiBN10FWQ_pNqngX0Su3j4Lb1byui0FlWH6a7xdYvNKcFHDq6TKNEUuQcGTw%3D%3D%22%5D%5D

5 Console Messages

Source Level URL
Text
other warning URL: https://rbx.iuo.cam/offers/js/ion.sound.min.js(Line 4)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://rbx.iuo.cam/offers/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rbx.iuo.cam/offers/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rbx.iuo.cam/offers/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rbx.iuo.cam/offers/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.linearicons.com
d13nu0oomnx5ti.cloudfront.net
d2jxbhlohyq6u5.cloudfront.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rbx.iuo.cam
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
2400:52e0:1a00::894:1
2600:9000:21a2:5600:3:b5aa:ad80:21
2600:9000:26a0:c00:1a:a42a:c740:21
2606:4700:3033::ac43:8b6b
2606:4700:3036::6815:1ad5
2606:4700:e6::ac40:cf26
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::63
2607:f8b0:4004:c17::84
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::9d
00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2
05b91883c19d6ac75f60c51c37cd0cdee04b4dcbf9b9aab22f724c673cfd99be
0e78585a94079b37e4f2fe18e5072543bfb2fb61ac9b4c78f20f6fd05b81b04f
1520e67c06c2b44c67aec9833b5f1c5324c2cc8842d82f7cc3509adc34c95a0a
17150632df9b05662d7fd12ef387adf94cdf960d05a9f8158311dd5d196ae5ae
1d57eecbb22c8e9b9cb83bf3e80d8d419f27d4e9f02c5e6725b7bb5b66e20f2b
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2c92462c5debe369f38a97357a1563271f39e700ec80fc1da883f6cd5073b43f
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
3a2e2080b441e2d3f80d8b476c2da4179f49f611109c8d8387d2edd80e39200c
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
509d31967194faf56993c5d36b4245134219584566b179569e3ddaf35dd867c6
55628d3547f1cf1c2dce54b95355081098d01b3f3c9c5b0b0612a1306a39768a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5712479d98b376a183ade66212776d51f3bf9a4244124d4aab928225bb3badce
577d248638c57941b7e35d9a19ef4b5d88d52482f6e59254142d4266c57bad38
5beec2413865bdeb2b1c9f7320609a07a07001f9f3a5f7ce1c4bc51bf80f3137
5ceb1f55e4343831b019dcf90076a2adaa2f68a3d1185910607f3b818bcd5cac
5eaebb5d607b3a35b17bd1655fa5a2118bdd83b6b45dc9630ac7e199c581a7c8
60a0f85900cf8e56c1607c8c120f68064a4f8d22a40637b224774cb611e93c2f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620560bfb2c7c523292f661241f83f80bd8f3b1e083a2bff3997e05b528ef967
6744112d484299ca2de40f914a67f3aa1846878f1f3becc110a9b66194c16d47
6a9e7712cd851cf196b697e0a97800697d32a3f57d0453584f378e46d552ec85
73393cd32cb623dc20e30bd99cb4d40c7d98c6e32139d944dbf3f905474586c4
7676c6130614c9bae32907b5245216ada0c4889d4d20df0221bb74015da2bf72
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b8e3721d0de9fe4fd6e24a56cc0d45128f3199bcb7dd0f41c8b9f274405f062
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
8d806251606bc9565f1b81a83bc9aa04cb3ad88fcb2c53cd48cb0b57d1ffcd6e
9e9029b279aa06b4220b57cf2f2e4b789cf1605b2099963f8ee24fab7723a86e
9f32e2cc5dff9c3395c205576cb6c99cd5bbae7f10e34955879a7c9df56e88c5
a997815b035b17e21219da0b04b61549e4ef11aeb8220a189b33d8a666a8031b
b735be2a8fc7ea8ef0ce8a30f8a741231495cd91add866e35b38cb3f9a3a5d9f
bd9eaab4a464a183dc7a427f59f140b326272fd0cbeb01793e0b3a282819d711
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5486a236c5bc72178958806fb140302b407b0ca94d65054bd672125b556f9fd
cb66e2a7f596751f2c4f4dc20483ff65e8bcb4678a7cccb28b34975658d3db96
d373dfc79e8a65a26d902c9965105d8b832e05726527d87546890032b207426c
de0c6613aafdd0df24435ac2116cc044d76b77cc895daf88aaf4a9c45921b2c5
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e078bcec23ecfeb0224bf7dc811dced1e6b6238e7f84a5b2a0d6193b609dc38a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64a629e1151d207e5052f35248651963fcae91ef82281fbb9a8c6e86cba52b9
e6959d5cfed508bcc278587c05b26b361bc678f8a7f0502ca6f8ce01f2838cd5
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
efacaaf7886c81499c213860823c9003622e7e472560590e9b80a7bb677230fc
f9306287ceb02916e61bd7abe98d8445dc3757705ecb171cfc5f2ae205742af8