urlscan.io logo urlscan.io
SecurityTrails logo

robloxsong.com Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Submission Tags: falconsandbox
Submission: On September 23 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 22 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is robloxsong.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2022. Valid for: a year.
This is the only time robloxsong.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
robloxsong.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2057:cc00:7:78ed:2ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.enthusiastgaming.net
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
enthusiastgaming-com.videoplayerhub.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:223c:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:214f:4800:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
4 robloxsong.com
robloxsong.com
44 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
134 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1041
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 915
api.btloader.com — Cisco Umbrella Rank: 1033
8 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
550 B
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 178
664 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
1 KB
1 videoplayerhub.com
enthusiastgaming-com.videoplayerhub.com — Cisco Umbrella Rank: 17818
478 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1607
4 KB
1 enthusiastgaming.net
api.enthusiastgaming.net — Cisco Umbrella Rank: 16781
7 KB
22 13
Domain Requested by
4 robloxsong.com robloxsong.com
3 sb.scorecardresearch.com 1 redirects robloxsong.com
3 www.googletagmanager.com robloxsong.com
www.googletagmanager.com
2 ad-delivery.net robloxsong.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api.btloader.com enthusiastgaming-com.videoplayerhub.com
1 pixel.quantserve.com robloxsong.com
1 pxl.qccerttest.com robloxsong.com
1 ad.doubleclick.net robloxsong.com
1 rules.quantcount.com secure.quantserve.com
1 btloader.com robloxsong.com
1 enthusiastgaming-com.videoplayerhub.com 1 redirects
1 pghub.io www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 api.enthusiastgaming.net robloxsong.com
22 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
api.enthusiastgaming.net
Amazon		 2022-05-24 -
2023-06-22		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-08-21 -
2022-11-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Frame ID: 14C18C4146B4A5C65A5F850DE22345AC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

22
Requests

91 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

13
IPs

2
Countries

235 kB
Transfer

628 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://enthusiastgaming-com.videoplayerhub.com/videoplayer.js HTTP 301
  • https://btloader.com/tag?h=enthusiastgaming-com&upapi=true
Request Chain 13
  • https://sb.scorecardresearch.com/b?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9=

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4636891726-what-are-you-doing-step-bro
robloxsong.com/song/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe644cec45c7a4d5ea58baa5e290193faf53f591fefb33515825d329ab6b2b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=14400
cf-cache-status
MISS
cf-ray
74f64b9a9d7fb927-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 21:15:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVYV88yubowDuXD8E1RFAORXJx%2F12eZ31dppRc5dOtMpfrWyRiImVa2ZwDwkujy5BqJWJEC8nrGcje1vJYBtj%2Bh39mshiIh0nzvv3kkHa1eVYygb08N1lJtU6ymu2SERkUgX6%2BXrqa7QKugSow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.min.css
robloxsong.com/assets/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://robloxsong.com/assets/css/style.min.css
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a13288e9445441e6f681997c1bbfdc70442f8f2bbb33a50aac1b6431544a1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Aug 2022 18:17:23 GMT
server
cloudflare
age
61366
etag
W/"5735-5e687fe3d07a1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F410Mg3sxtowNWHUa1xKSEU1qmmX6%2Bq6anaqvIuWvmEO5kU5VmlbL3aPYHhIsZs%2FJHg%2Bi0%2BpaTO3TgHZy69sne40BKMQHbYKnyXEHfuxzeO2VHsr6vld7QJ%2BhRx9eUQ%2BB9NRlEhpaj7%2BWdvmwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f64b9cf9c3b927-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90987450-22
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0503bab7d6edc8a864662ea9afa190db2d511690a15588960a2893de74f0c1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42228
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 21:15:23 GMT
logo.svg
robloxsong.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://robloxsong.com/assets/img/logo.svg
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6facf24e9ff93988d30a7553af656290662e223522e64287c896b9a7bf5d3da3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2019 14:19:30 GMT
server
cloudflare
age
65387
etag
W/"9a7-590b560bc8080"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZd8mGnGG2yUMJXdMq7Rabw0tbMilhce2rG0MABzq1adVTwlvSK2EDW5g4E0G6KF%2FKQWQgudLZuOMtxlnc9vXK2F1ti9Ly2ZZZ0Vj8wCH9CSBGJSdlfuaGkWZo7ZkQV1Iu48WLMFTbTxcgq4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f64b9d2d6cb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.min.js
robloxsong.com/assets/js/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxsong.com/assets/js/main.min.js
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f98d4804e0c597ec8858e25454d8f261a099da1227576578a3535591375c37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 14:02:15 GMT
server
cloudflare
age
61316
etag
W/"18776-5c0176d634ba0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAXNqc6HN5hTXDl1N95203JZLa7JHIOb3%2Bkbp%2BTy0h7Z7popb2DzGlX7t5VpAgNW6Er7%2BYO49Ik4zmxbUqYs2%2BR2fa3FJjH6WuB56l0g%2BI0skzaQ03cIIBaN4%2BWdMwl0r2ApcWTAKa%2FFyU1%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f64b9d3d6fb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eg-aps-bootstrap-v2.0.0.bundle.js
api.enthusiastgaming.net/scripts/cdn.enthusiast.gg/script/eg-aps/release/ 		20 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.enthusiastgaming.net/scripts/cdn.enthusiast.gg/script/eg-aps/release/eg-aps-bootstrap-v2.0.0.bundle.js?site=robloxsong.com
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:cc00:7:78ed:2ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f0e58771999146aceb058f656d110713abd21ec044fdc8675caa08c4482fdb07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:50:46 GMT
content-encoding
gzip
age
1477
x-amzn-requestid
f3d15055-c233-448a-ad38-592a929ed274
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amzn-trace-id
Root=1-632e1c26-1e28e7f86fd7615d127a8814;Sampled=0
buildnumber
998
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Y7lWFH8BoAMF64w=
content-length
6938
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id
TWhFis2aCnzH_xon_kTKefKJ1ENAzU7WZPpNhdPq44wKu5lUDe4uuw==
gtm.js
www.googletagmanager.com/ 		139 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54N5TF3
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f5af43c4ec6add18d32ab1caf6b883d3fac6f6f511f9fab5e06d85364c2353e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52334
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 21:15:23 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54N5TF3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 30 Sep 2022 21:15:23 GMT
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54N5TF3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:13:18 GMT
content-encoding
gzip
age
125
x-guploader-uploadid
ADPycdum9mdLZ9jQzuBE37E_WCF8P__QqTajWmi3wPxXOCK5N5qW6Ivnm4MH4gIQWTvawaw0UhMQtGN9WCc53GeEW-lrUCU7X1rQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-meta-last-modified
2022-07-11T15:04:42.732Z
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
x-goog-meta-cache-control
public, max-age=230400
tag
btloader.com/
Redirect Chain
  • https://enthusiastgaming-com.videoplayerhub.com/videoplayer.js
  • https://btloader.com/tag?h=enthusiastgaming-com&upapi=true
29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=enthusiastgaming-com&upapi=true
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ed82a1e059be847aaf1d4a2bea07df6946c14b3550ee3257bb67ad93aaf8506

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f64b9f4c29d0bd-AMS
date
Fri, 23 Sep 2022 21:15:23 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 20:50:11 GMT
server
cloudflare
age
1511
etag
W/"4372adb434609e850f91cdf506453993"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j84bmTYaKu9EShgQ9%2Fb0nnOnL1UDI8gqnEX9Y93BUFJny2qOYzoIQmME426bGwMYlyR%2BjOQoIDAoBpwX4EHoryqtoBz%2BgNU2HZZIFvu%2FfVSIeVUcpDYBw6yrmtF39AjllkgBqT4OIA7J1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br

Redirect headers

date
Fri, 23 Sep 2022 21:15:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHSw1m7ObJUyfyjelWsAeOqQGorWkZkxocjj7ql%2BlsjyB9V0KwbI4VXYGVC4buiUGrd7y2alNv1dFLu6yYhRZEXfOVvORYPxFxquBuMANvd1JkdLNqree4nWScC6Kclpam8n3Jwd5qPhTwCdT9r7WFtYq83DapbF5KvkTU0UQgYax%2F%2F5SA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=enthusiastgaming-com&upapi=true
cache-control
max-age=3600
cf-ray
74f64b9eaa50b7ac-AMS
expires
Fri, 23 Sep 2022 22:15:23 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 05:45:57 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
55767
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
vm3WKx_njvmLQ1nLo2KHoUjzTyt2bvMJmnWGDL-eAHnq1KaFGQmvJA==
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90987450-22&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54N5TF3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77fb65ecfdbe34e1af5c706424ee0a8b7a2563980d65d4c0e888c515707fc340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42272
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 21:15:23 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90987450-22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
803
date
Fri, 23 Sep 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Fri, 23 Sep 2022 23:02:00 GMT
rules-p-5pR25819dph-b.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-5pR25819dph-b.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4f83e0baf87ab1c318f1f4df75999e7e0367006eca96682484309cac5e4a08c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:58:09 GMT
content-encoding
gzip
age
1035
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 19 Aug 2022 19:03:25 GMT
server
AmazonS3
etag
W/"95773f873fe9e6f21c420c920cec1d2c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
lfoSDH5p8tFWmb6uiED3SmD1t4Vgwnz8OsL50_Q8amn5miwvk88Xow==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9=
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9=
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:15:23 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
u-bay0ifJAGE5kCq2EJBR_NLm4qmOxLP8UQxHXm9t8M1oH1eSMK1zQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=22419751&cs_it=b3&cv=3.8.0.210223&ns__t=1663967723369&ns_c=UTF-8&c7=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&c8=&c9=
date
Fri, 23 Sep 2022 21:15:23 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
NrN3WcwZqk5q8YeozSFwonTOborMVXEqO4hW9wjjasg5TEA7S-7hJw==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1393846424&t=pageview&_s=1&dl=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2066592114&gjid=310874741&cid=171997806.1663967723&tid=UA-90987450-22&_gid=354473689.1663967723&_r=1&gtm=2ou9l0&z=1800736175
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://robloxsong.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 21:15:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://robloxsong.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 23 Sep 2022 21:15:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1177677
x-guploader-uploadid
ADPycdtw4LA8EUvyFAIjX3-ofkIYJ__-7Wy7ijEdPGQ--kuhXe28FTJTXdtGfU8j6rnDy4FfsdnE0ELoTkujjOt0gypkag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8v0eTgFkgeynZEI2upHOm%2BkDv4S1sKMBkeAa%2B8HWCE6XNZGEac6Qv91%2F4O9Of5gofiUvnMgXwG%2FGvNpoJ7xiphF56LI5fbMACAnAZQlL3KgklXr4vYd6HlWPHmaqLDYVf69mbqhwsoufyDSnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
74f64b9febc7d0b9-AMS
expires
Sat, 10 Sep 2022 07:07:26 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 13:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 13:30:54 GMT
px.gif
ad-delivery.net/ 		43 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.370377089693783
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 23 Sep 2022 21:15:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1177677
x-guploader-uploadid
ADPycdtw4LA8EUvyFAIjX3-ofkIYJ__-7Wy7ijEdPGQ--kuhXe28FTJTXdtGfU8j6rnDy4FfsdnE0ELoTkujjOt0gypkag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3UZ4cU83spbO7E5R4roJV1nHiW4xUGrMgw3Ex8ogKTWskQz2Yy%2FQQGcyfXggmKY2x6Htt7S97q9zP28BjonqvfpR%2Fa4TLg2l4h3U3%2BlgqI4yzpI4WMjPoL%2F00semuoqGubBCDWmo4zcfktuCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
74f64b9febc8d0b9-AMS
expires
Sat, 10 Sep 2022 07:07:26 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1534432333;fpan=1;fpa=P0-1492810675-1663967723483;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=robloxsong.com;dst=0;et=1663967723483;tzo=0;url=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro;ogl=
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4800:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 01:48:50 GMT
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
69994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
r2kkYL-F_wcrLNNzlYBWnUmaG5vPAbe_XNHAVSYQA4ImyIAc8M9maA==
pixel;r=53073665;source=gtm;rf=0;a=p-5pR25819dph-b;url=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro;uht=2;fpan=0;fpa=P0-1492810675-1663967723483;pbc=;ns=0;ce=1;qjs=1...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=53073665;source=gtm;rf=0;a=p-5pR25819dph-b;url=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro;uht=2;fpan=0;fpa=P0-1492810675-1663967723483;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=robloxsong.com;dst=0;et=1663967723486;tzo=0;ogl=;ses=3e4d66fb-128a-4579-806d-1e9b7e91519c
Requested by
Host: robloxsong.com
URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 21:15:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=YTXzQK3e&w=4865994867081216&o=5655179321933824&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=https%3A%2F%2Frobloxsong.com%2Fsong%2F4636891726-what-are-you-doing-step-bro&upapi=true
Requested by
Host: enthusiastgaming-com.videoplayerhub.com
URL: https://enthusiastgaming-com.videoplayerhub.com/videoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://robloxsong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 21:15:23 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| gtag function| $ function| jQuery function| ClipboardJS function| egApsDpQListener string| bsInitUrl object| google_tag_manager object| _qevents object| _comscore object| google_tag_data string| GoogleAnalyticsObject function| ga function| Tapad object| metadata object| config object| tagger object| data function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| COMSCORE function| udm_ object| ns_p object| gaplugins object| gaGlobal object| gaData object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked

7 Cookies

Domain/Path Name / Value
.robloxsong.com/ Name: _ga
Value: GA1.2.171997806.1663967723
.robloxsong.com/ Name: _gid
Value: GA1.2.354473689.1663967723
.robloxsong.com/ Name: _gat_gtag_UA_90987450_22
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1457f730c43e85e82ec7cf41663967723
robloxsong.com/ Name: qcSxc
Value: 1663967723486
.quantserve.com/ Name: mc
Value: 632e21eb-7b31e-6773f-08688
.robloxsong.com/ Name: __qca
Value: P0-1492810675-1663967723483

1 Console Messages

Source Level URL
Text
network error URL: https://robloxsong.com/song/4636891726-what-are-you-doing-step-bro
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.enthusiastgaming.net
btloader.com
enthusiastgaming-com.videoplayerhub.com
pghub.io
pixel.quantserve.com
pxl.qccerttest.com
robloxsong.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
www.google-analytics.com
www.googletagmanager.com
130.211.23.194
142.250.186.134
143.204.215.108
2600:9000:2057:cc00:7:78ed:2ac0:93a1
2600:9000:214f:4800:11:615:7240:93a1
2600:9000:223c:7000:6:44e3:f8c0:93a1
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700:20::ac43:4acf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a06:98c1:3121::c
35.241.45.217
04f98d4804e0c597ec8858e25454d8f261a099da1227576578a3535591375c37
0503bab7d6edc8a864662ea9afa190db2d511690a15588960a2893de74f0c1d0
0f5af43c4ec6add18d32ab1caf6b883d3fac6f6f511f9fab5e06d85364c2353e
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
5ed82a1e059be847aaf1d4a2bea07df6946c14b3550ee3257bb67ad93aaf8506
65a13288e9445441e6f681997c1bbfdc70442f8f2bbb33a50aac1b6431544a1b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6facf24e9ff93988d30a7553af656290662e223522e64287c896b9a7bf5d3da3
77fb65ecfdbe34e1af5c706424ee0a8b7a2563980d65d4c0e888c515707fc340
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
c4f83e0baf87ab1c318f1f4df75999e7e0367006eca96682484309cac5e4a08c
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe644cec45c7a4d5ea58baa5e290193faf53f591fefb33515825d329ab6b2b3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f0e58771999146aceb058f656d110713abd21ec044fdc8675caa08c4482fdb07