robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://robloxexploits.net/
Effective URL:
https://robloxscripts.net/
Submission Tags: phishingrod
Submission: On January 16 via api (January 16th 2024, 3:12:16 pm UTC) from DE — Scanned from NL

Summary HTTP 112 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 112 HTTP transactions. The main IP is 192.0.78.139, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is robloxscripts.net.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.

This is the only time robloxscripts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.0.78.139 192.0.78.139	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:267... 2600:9000:2670:4200:15:9ced:b8c0:21	16509 (AMAZON-02) (AMAZON-02)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	162.159.133.233 162.159.133.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	172.64.111.13 172.64.111.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.215.129 143.204.215.129	16509 (AMAZON-02) (AMAZON-02)
4	104.21.36.53 104.21.36.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:400c:c0b::54	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
112	22

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

robloxexploits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.78.139 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

robloxscripts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2670:4200:15:9ced:b8c0:21 (United States)

ASN16509 (AMAZON-02, US)

dlh8c15zw7vfn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.133.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.111.13 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.215.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-129.fra53.r.cloudfront.net

mcurrentlysea.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.36.53 (None, )

ASN13335 (CLOUDFLARENET, US)

xukpresesmr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0b::54 (Brussels, Belgium) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	458 KB
15	wp.com i0.wp.com — Cisco Umbrella Rank: 3696 s0.wp.com — Cisco Umbrella Rank: 8186 stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	1 MB
11	gstatic.com www.gstatic.com fonts.gstatic.com	181 KB
11	robloxscripts.net robloxscripts.net	194 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	145 KB
6	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 23 www.google.com Failed	3 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 31844	302 KB
5	mcurrentlysea.info mcurrentlysea.info	6 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	5 KB
4	xukpresesmr.info xukpresesmr.info	1 KB
4	cloudfront.net dlh8c15zw7vfn.cloudfront.net	185 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 3270	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	26 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107
1	robloxexploits.net robloxexploits.net	686 B
112	17

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	i0.wp.com	robloxscripts.net
11	robloxscripts.net	robloxscripts.net
9	www.gstatic.com	googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	robloxscripts.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	accounts.google.com	4 redirects robloxscripts.net
6	pogothere.xyz	dlh8c15zw7vfn.cloudfront.net
5	mcurrentlysea.info	dlh8c15zw7vfn.cloudfront.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	xukpresesmr.info	robloxscripts.net
4	dlh8c15zw7vfn.cloudfront.net	robloxscripts.net mcurrentlysea.info
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.googleadservices.com	robloxscripts.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.discordapp.com	robloxscripts.net
2	use.fontawesome.com	robloxscripts.net
1	pixel.wp.com	robloxscripts.net
1	www.facebook.com	robloxscripts.net
1	stats.wp.com	robloxscripts.net
1	s0.wp.com	robloxscripts.net
1	robloxexploits.net
0	www.google.com Failed	tpc.googlesyndication.com googleads.g.doubleclick.net
112	23

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com

Subject Issuer	Validity	Valid
robloxexploits.net GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
tls.automattic.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
mcurrentlysea.info Amazon RSA 2048 M03	`2024-01-04` - `2025-02-01`	a year	crt.sh
xukpresesmr.info GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://robloxscripts.net/
Frame ID: 031DBD3CDF7207AD28FE4C30F740E951
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: D7FB88AA828DD12256201372C8BC3230
Requests: 1 HTTP requests in this frame

Frame: https://mcurrentlysea.info/b1J1d0oOMBYadQ5vF1E/HT5IUngpd0cxLgM6TRR7WigCQDwJPFsUJgAnERE4ADwBWSQKJlBFDA0GIEYkCjwwAgMIORYjIAQ5NEcuJjc9Hx08BzcFABcDIz8wXiU/JC1fHAIDHyIAFjAJXgNBITAEYTRHLi4zDDINKRAvACsYGyAyJC1qJCU5OR5GNR43EyBOAwgqPTEjJjszNXosGB9PGCoUFkMGKT0tPyAMOTYPEz4zPU8iO2NMTispBD4gHgA5NiV+Ch0fQgk8FzAdBToYPCYSF2smIjo6NBJOCTwXMEEALj44JR0Hd0c1ADlrMREeOQAhGyIANERaKQ0TIUciLjVFIgYWCzozJj13RzEJXhg/JSchd0c1HzlrMREdOh8wEB8IGyA9AyI/HVJ4KQQNLhMlOx00GSoXBDwLPgA9GhgABCAYGSUGTT4MFwAaETMpHiREewUERCUCCQonEhwqHE0SeiUbJCN+HBMnBA4lFR0hGioAUEUICjkZPRhdIUEgIRx0HwQlASJINRgqKDNEAQkZM0QI
Frame ID: 7C6053C493E3EE6A62DBF168F186A648
Requests: 2 HTTP requests in this frame

Frame: https://mcurrentlysea.info/YkdVVncDJTY7SAN6N3ACECtoc0UkYmcQEw4vbTVGVz0iYQEEKXs1Gw0yMTAFDSkheBkHM3BkMQQKZTIAMQAHBzwgcyABRwEyEx4hBgU7HD8EASIAOzMKOxUcLHEdDgQlIz1uQiEuHxU5JjAEHSU3PRY/DzgGOBMUKRYlAxIOHiEVGyBxBAFDJBEsADkEAh8eORp/PwEhMygdLAQmFhYhNDIgYQA6CgFkFSEVfhIFJisSOBw0JisQMhNTEWMANREwEgUuIx8RFzMAEQwSPDMVIQAQLHUEES03ATsHDgARDBI6ICw4AxAGLgQhByAGDTU+BCsUNy4Jah9iNTcKZh40UhMDPyIADgcXIAYTD28hFRUlB0RXBRQOEzsOIi4/KS8tIiEMBTwHGQUOAj8ANCUDDzMrBQAkM1M/IAAvEhIAFU8hDSI6IDssHBkhMwFmDhkKDBcOEygkADk1BiwPIiEFCmUTJFYBBAVCNCI8HzAGAjE7IRURPRQvNBFzPAQNKSVrGlElEA4+IAEkJTs6Cg
Frame ID: D8D36D907F5668E8803AF74C939E811D
Requests: 2 HTTP requests in this frame

Frame: https://mcurrentlysea.info/THNvUXQtEQw8Sy1ODXcBPh9SdEYKVl0XECAbVzJFeQkYZgIqHUEyGCMGCzcGIx0bfxopB0pjMiEXAyEfLUI6BzodHCEwEwUJLhcuPyJdaBcUJC0AOQ4QKh4DFh0jNkQuPBUYPwkbIjUtOypYMgMFFC4XLicmKwgyDiclHRINNikfHzgBPjYbNDUoNSUYICoWOh1KOBg2K1ZdEzUdQ1cWMHQyOwI1FCkYOjEAC1djNw0DGAM2NCE9BiIYEikDMAUbV2E1DSIGEyx1JDgrBw8VXgsWFjY1YSIJRgIfPHUkOCg9Kj0pGxIvNjoIJRofAxUZNCI+PzYJEgh8IS45PT5RfjUqJkB/OzscJRgeDCYWfRcMNEQaAD4HGCArBRQ5BAkIMBJ9KgAyMR4CLBA9aUEtFEd1JDgrPRg8PmkxKjUhPiINFFYTMBk5Kz82CTspBy4WJQcgJyBCAwVGAjg4BiYNFV4LFgYbDGk2HhhXBEYrGjc8Lg4XKTUQLwQhPyIdVQUiGyIDUhsSAj4HPw0KGFYzJA
Frame ID: 1A93935E4AE554C7F9DC5B691D61620F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1705417889&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705417932002&bpp=7&bdt=398&idt=272&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6741984155731&frm=20&pv=2&ga_vid=1907838616.1705417932&ga_sid=1705417932&ga_hid=2020830682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079437%2C44798934%2C31080400%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=4123167223928995&tmod=1832813924&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283
Frame ID: 45A5CC3B54C6587BAA66C57487F79255
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705417889&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705417932009&bpp=1&bdt=405&idt=281&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6741984155731&frm=20&pv=1&ga_vid=1907838616.1705417932&ga_sid=1705417932&ga_hid=2020830682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079437%2C44798934%2C31080400%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=4123167223928995&tmod=1832813924&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: 19303499B0D51C038FF11F22F16094D8
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: AE60BAB55AA460CB26028CA4E91EABFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 91F553C117BBD160311612AFA2FB8D8E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 09972AA6217D608FC80047E2F71D7549
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/pagead/drt/ui
Frame ID: 6169CA29B2D309917F6534FA9323DEC1
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 685CAAB41FB13423F7383D54591403BC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E15979A9A544E1320326EC3D1C7FC1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB46616A2128052E1334F047322D8AF1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 469C3AC85DFA63EC1757633D39BBFEFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Scripts - The best website for Roblox Scripts & Executors!

Page URL History Show full URLs

https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

112
Requests

91 %
HTTPS

57 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

3112 kB
Transfer

6021 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/robloxexploits

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrxIfKGSdOWjDatdhlSHvLw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://robloxexploits.net/ Page URL
https://robloxscripts.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2L4PXigNN_ZyzNdckL_T0KC0yYCFUj_iR76TmJmfG5msIC9mEChrS8N11z_ZUKGBRJjrat HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp25By15hcIu2ZWEh3drQwCUAdFrZExbzN7f2MbfA40vdZYprpbkZn6PeGITllxKb-0LmSM9&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905793058%3A1705417932090351&theme=glif

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp01ZNND_rKqd6KYPnOhZYNB_PV8vi4fQdIhm3E_PEsrhqYeeMnRuXCWusFlbzQ_PYs_4Cdb HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ymsWRkGo6gVFMXvDWbRwEJLo2bts-Xq-LCoc63yH-U8ORZ_P7RKfa3II0u4gFLbWo5R68&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393035130%3A1705417932091176&theme=glif

Request Chain 70

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmw3yzJymZYiXFJi-1fAPzv2yuAHPqruSdaCx-83bEMrrmu3zDhABIP7mpWtgkQSgAdfRl_8DyAEJqQIL3hSwklCyPqgDAcgDywSqBNkBT9D3wdnToYyDfDFDzkkd44iHOLei0i98GTkRSX0Hr1NSQvC0_KSMoDiy2tF10Itcs3YfTc9HcqVGr45mYBdfymAxnSNPsujHnVApHbi2ZHhA208k_tzdG5AiHYinipkZk9pVWl9lFoqQz17RcFwC2cNqe7MHORl2ALSJ2BrzXrEkJnheApM6-bW6fPMbI7SxRXrpW1It3wFvJ9gdjIJBDj_wtgFXvy3IygNFiH2dfUfKVaCy6ykBc4fUEOEOJOjXO1m0JAMPgY8YppblGrg_7TWEtiC2pHNZgsAEie-4qp8EiAXlhruHRZIFBAgEGAGSBQQIBRgEoAYugAeRrmioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDivgXSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKHhsvCY4oMDmgkxaHR0cHM6Ly93d3cuaW5mb3JtZXIubmwvYm9la2hvdWRwcm9ncmFtbWEvc3RhcnRlcoAKAcgLAaIMCCoGCgSsurEC2BMNiBQI0BUBmBYBgBcBshccChoIABIUcHViLTIyNDkyNTc5MTgwNDUwNjkYALIYBBIC1VY&sigh=3Nw7Dl6Sid4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_uKI4k5VQk0pyVHyXS0gP90FcrC_Y2mK34EiJNeCioek6Lw4GFz-C0tAUKf7n-pWLefYHV17wdRcdqgVv8KUy8k1u-24x6ZEiBo8YAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225921232922121515296%22,%22debug_reporting%22:true,%22destination%22:%22https://informer.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072031959%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221155981355825583025%22}&andc=true

112 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
robloxexploits.net/ 353 B
686 B 442ms
343ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://robloxexploits.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84674b95e8863cf2-CDG
content-encoding: br
content-type: text/html
date: Tue, 16 Jan 2024 15:12:11 GMT
last-modified: Sun, 02 Oct 2022 13:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipfzEtClmZX9z6lWP%2BGW4fomW47z11Z6Ed2uhqFhWCrnQAZV37gkY%2FVUE%2Bm9UtTQYHMLayg%2FkqFZ28eSuEmoGEr4PFQM6B3WK%2BikKBiL6fYi90Tidq6vNIi84VE%2FfkjfUegLXU6GFSws%2B0Oqt1ARKE8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 Primary Request / Show response
robloxscripts.net/ 129 KB
30 KB 72ms
24ms Document
text/html 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

57b1886e1daee35e17c6e89b6619aa8adc84bbdc988408cdc0dd9f932aa3cd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxexploits.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=297, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 15:12:11 GMT
host-header: WordPress.com
last-modified: Tue, 16 Jan 2024 15:11:29 GMT
link: <https://robloxscripts.net/wp-json/>; rel="https://api.w.org/" <https://robloxscripts.net/wp-json/wp/v2/pages/299>; rel="alternate"; type="application/json" <https://wp.me/PebEFq-4P>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 3.ams _atomic_ams HIT
x-hacker: Want root? Visit join.a8c.com and mention this header.
x-nananana: Batcache-Hit

GET
H2 200 /
robloxscripts.net/_static/ 463 KB
68 KB 15ms
14ms Stylesheet
text/css 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0df3b3ec51966c9d21ea840ca5ba6f023cc7bcd1b26f4300a8eadf95913be3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 12 Jan 2024 07:31:18 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
x-page-optimize: uncached
etag: W/"08ff1ef072edcf589d2c0789c5a95bc2"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v6.1.2/css/ 99 KB
21 KB 98ms
50ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/all.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1514431
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymG%2BsxxwEc5nlHh8FR6gi23nGTyhWoA17zpDUhsAnqHuiqNrmrRtUqKJc4Be4grXAnEsVOJtEPXuqv5EvjB3b9d3xMZRdLuILz1qiUaKxuuCQ3LJdGCrDbefeWMlXho%2F5LCpQJo7BTjILL7g%2BIeTdMWU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 84674b98f9c00bde-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.1.2/css/ 27 KB
5 KB 93ms
44ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1585275
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKGV37D4sTze5BW5Z8%2FpaI8Tjx1ZPu%2BbU5YEKx1n%2F4IKpPmP2iWToh%2Fj4PlTBdXJlbtTyDp%2BdJ3Yn8S%2FcQrIvQqnVVv4gtmetTZkwB9PpGhb2dr24jt2%2Fl1D7ijUFoICmB%2FPzNd%2By38bTMnEBEtzW8Yf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 84674b98f9c20bde-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
robloxscripts.net/wp-includes/js/jquery/ 86 KB
31 KB 15ms
14ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
robloxscripts.net/_static/ 18 KB
7 KB 15ms
14ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1686289764

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4c5e4af9e3e30984d2bf53bd83e9cd82ce3e69ecd49c35e78dcb2939a9a27512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
x-page-optimize: uncached
etag: W/"6b05bdd52149cc3f16e14ef5a5dfa687"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 133ms
62ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9736aa2c8d2bb7d8ba735f23dde37a553925d2fdcfebfc7727000342f7629d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51603
x-xss-protection: 0
server: cafe
etag: 17116010840975802601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:11 GMT

GET
H2 200 / Show response
dlh8c15zw7vfn.cloudfront.net/ 520 KB
182 KB 256ms
191ms Script
text/plain 2600:9000:2670:4200:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:4200:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: eb2bb4e0a083209f044665af1bceb750fba0c43b38cca8f9696bb2ac74adb0b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 15:12:11 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 186081
x-amz-cf-id: uI-lPZHE3wCXhvtUC7kc4D0Hd7rRXWwUz4vp03mIJAftQmXKTgnG3Q==

GET
H2 200 pnj-rs-w-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 3 KB
4 KB 50ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png?fit=504%2C355&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3194
x-nc: HIT ams 4
last-modified: Mon, 05 Sep 2022 09:25:37 GMT
server: nginx
etag: "816555f217c0a7d9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png>; rel="canonical"
expires: Wed, 04 Sep 2024 21:25:37 GMT

GET
H2 200 fluster1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 582 KB
583 KB 51ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/fluster1.png?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e8df7bd495d8fc2c7e9a7676c3aa105e1f913a2a1776bf5d01652aeb697f2bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 596112
x-nc: HIT ams 4
last-modified: Mon, 16 Oct 2023 13:48:13 GMT
server: nginx
etag: "af6fbcac55042419"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/fluster1.png>; rel="canonical"
expires: Thu, 16 Oct 2025 01:48:13 GMT

GET
H2 200 Codex.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/07/ 171 KB
171 KB 52ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/07/Codex.webp?fit=1222%2C691&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d11b3f88e8e03d8a37e85cea00c18e02f588570c061663dbd6befbcd58943bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 174630
x-nc: HIT ams 6
last-modified: Sat, 01 Jul 2023 19:32:52 GMT
server: nginx
etag: "09bb746927ad1366"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/07/Codex.webp>; rel="canonical"
expires: Tue, 01 Jul 2025 07:32:52 GMT

GET
H2 200 Furk-Ultra.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 109 KB
110 KB 16ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/Furk-Ultra.webp?fit=1280%2C720&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7210ffae4ea7badc94c99bdc514077bd4ee217433338bd11bff22201ac35294c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 111868
x-nc: HIT ams 7
last-modified: Tue, 09 May 2023 21:23:13 GMT
server: nginx
etag: "0f8b4928f3bfa1b5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2022/08/Furk-Ultra.webp>; rel="canonical"
expires: Fri, 09 May 2025 09:23:13 GMT

GET
H2 200 image-2.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2024/01/ 65 KB
65 KB 24ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2024/01/image-2.png?w=697&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

74ab28190c822255d5a5117543cdd91f01a0e007e446a93e76ccdb4bac61762d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 66062
x-nc: HIT ams 6
last-modified: Sat, 13 Jan 2024 20:32:54 GMT
server: nginx
etag: "13655160e693ffea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2024/01/image-2.png>; rel="canonical"
expires: Tue, 13 Jan 2026 08:32:54 GMT

GET
H3 200 image-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2024/01/ 179 KB
180 KB 14ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2024/01/image-1.png?w=664&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bd3bcc24eae9b172f6bcd872e3bbb8574a87eebb6575a5e8a0881c8108e3bd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 183632
x-nc: HIT ams 5
last-modified: Sat, 13 Jan 2024 19:31:41 GMT
server: nginx
etag: "d95e0a4989cb89f8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2024/01/image-1.png>; rel="canonical"
expires: Tue, 13 Jan 2026 07:31:41 GMT

GET
BLOB 200
OK ecb358aa-3a8c-4749-a93d-bc3891b0e150
https://robloxscripts.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://robloxscripts.net/ecb358aa-3a8c-4749-a93d-bc3891b0e150
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 discord.svg
cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/ 1 KB
2 KB 131ms
69ms Image
image/svg+xml 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/discord.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1730367
x-guploader-uploadid: ABPtcPpBL58V7CyOPG12QrT-cXr7svFM_T-LhEsmW6pR7Bh5FjBrSBuO2xD7otlQ4CGv-wyiDT8
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=discord.svg
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:56:01 GMT
server: cloudflare
etag: W/"ff7fb5235b904fea50cedf072826782d"
vary: Accept-Encoding
x-goog-generation: 1661954161504978
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=Mb61zA==, md5=/3+1I1uQT+pQzt8HKCZ4LQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALROpCbc1P8sXwYNJE2k13uFfHWWRiPJXSl0AbrQTgjFkowa2p7l8ZToVD4Ms3U5VgDlruIM7V4C7RMUWagJRzpw5ZscaV5JmU5yxTrwg5bnRC57s%2B1%2FYBGw3YZEjF%2Fup0ApAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1270
cf-ray: 84674b9b39038fd4-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 15 Jan 2025 15:12:12 GMT

GET
H2 200 icons8-youtube.svg
cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/ 702 B
1 KB 132ms
71ms Image
image/svg+xml 162.159.133.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/icons8-youtube.svg
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1730367
x-guploader-uploadid: ABPtcPpZ5_Yax34TPyQ8CPV_MwVDRoW8yOJcWHbcxaMFqJsHoOVgNhSoFDCStIRCNF9BBHARlC4ogtcAUm_vJLA_WQFzgicHgroo
x-goog-storage-class: NEARLINE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: attachment;%20filename=icons8-youtube.svg
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Aug 2022 13:57:21 GMT
server: cloudflare
etag: W/"382c3ebffb19403d05359a5ec7554298"
vary: Accept-Encoding
x-goog-generation: 1661954241540175
content-type: image/svg+xml;%20charset=utf-8
x-goog-hash: crc32c=mHmx0g==, md5=OCw+v/sZQD0FNZpex1VCmA==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9XFjjU0BeKQQ6ZvEeJ6sJQxpsvDa%2BjoUONhZtOmAtnUYr3OTic0UpxyqKY6sbZkBOrYtCGmBtwmRs3Wp%2B6AsjAYtwaVyirsMszpSJEZY6bGpkL6RphwOWUVGbfaVbVzLziJhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 702
cf-ray: 84674b9b39048fd4-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Wed, 15 Jan 2025 15:12:12 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 6 KB
3 KB 60ms
13ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202403
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
x-ac: 4.ams _dfw MISS
last-modified: Wed, 15 Nov 2023 17:05:24 GMT
server: nginx
etag: W/"6554fa54-161b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 00:00:02 GMT

GET
H3 200 / Show response
robloxscripts.net/_static/ 41 KB
11 KB 15ms
14ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJydkdFOwzAMRX8Ikw0q8YT4lClNvMxr6oTaadjfY7ENTUNIiCfLjs7xldMrhMKKrK7mlojFHVGrD9O17lbkWBbnm5bZq1K4vgDNPiGEyC6SqPtuH4/y0H+KLz2shF3gveFyAs8RDK7Zn6AWUajmcLWN2fZ4EVQLZOj6i9NGulhA4nTmJVPE5cvbKSbUG0vXKh3O8jufHnBGcUyMMOaSdhbKjxnjDS4TVcjEE+xLaAJ7+viHhf1KySuV+zP9Bba19gsGvs2v25fN82Y7PA3DJw4Yq2U=

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e00ef8d8e4494291e3e1041bef75833e7948ad3cc8e30748e0cbe55704ae3168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Dec 2023 19:30:44 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
x-page-optimize: uncached
etag: W/"8155a60f4787d6605f77c210b442a192"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 e-202403.js Show response
stats.wp.com/ 7 KB
3 KB 59ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202403.js
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 16:23:26 GMT

GET
H3 200 / Show response
robloxscripts.net/_static/ 50 KB
12 KB 15ms
15ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/_static/??-eJylzEEOgzAMRNEL1RgkCmwqzkJTCwWIY2VCc/36Dt2N/kivGYWsVbSyXfceFdyMisCyIn7FZ/CTLKMSrviRwhsgFXyAPYSzS1G7A4/2F9XMsAWy++2mc2t6DXP/7Mdxmpcf/T8+Ng==

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

07a15cb778fd35290ee6949422605e80525668618bb6567b22e51f4bf9c0cfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 12 Jan 2024 07:31:18 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
x-page-optimize: uncached
etag: W/"8df86fb0a15ea7c51bb91442e47724e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 110ms
56ms Fetch
binary/octet-stream 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6693
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 13:20:39 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zUluVuGGsIIOeSNTgDg8LnJ%2F6eRSF4BNlxBBKf7o2NxacXTutAhE8j%2BD4Kf7z%2BDUNMnScFppqf1Jpm8Mj9FquoJLqjmaj3YrJqkWTEEQ6GXlBoC%2FiekaZzU8KunhC30"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 84674b9b0b163a8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
357 B 176ms
126ms Fetch
text/plain 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dda2afb952272ed1a0c539518da3f22c6425ddb02206fc2b2fdeb8b13239bff2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrZM1mPNH4Cy%2BTCAASMW28LaHG%2FrlgddZXOZtF4yj%2FlYoPLGkSvb99xTidjuY3g6Tka%2FG1BJUpovEpY%2BK1hZb%2FroyECXwQn7UzhMI2MmqO4FskHqjMifCY6YuSkuSHxQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 84674b9b0b1b3a8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
mcurrentlysea.info/ 0
539 B 176ms
114ms XHR
text/plain 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcurrentlysea.info/utx?cb=6EXdcvgerHms&top=robloxscripts.net&tid=955131
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 15:12:12 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 6BWLYgC43is25zgNwGB85od1UqjmFmhWvwxm8_kC8_RalJfRobgLhw==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 104ms
56ms Fetch
binary/octet-stream 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6693
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 13:20:39 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3LtnuEUEeueudr9xTjS3iFh8%2BdL5yxqNe%2B3nXJ4lV74i58rdE%2FgrwJfxpEf6qDbJdPxvmIK%2FRXRa3y67qLbAk56i62cgRaKTL4vO2B%2Bcj5sEZ2IoYfjm1HbQ9qgYMEH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 84674b9b0b143a8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
375 B 173ms
125ms Fetch
text/plain 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd95a0cd408d777ef372d19dfdbe3c1fe5c765eab66a162cfc55289fbfbf5977

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEgVdoDw6EvKiC8A5KbsCZ5ySZAgc1ebDgx7yloBreceFyw6P5a2JrgpBbyabwYoIk5DSeI1giOwJpgHSNYLn0VHmZBCIstppwx5e%2FoFOWgd8POBwYK9y3AGo%2FrmzC94"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 84674b9b0b133a8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
mcurrentlysea.info/ 0
540 B 174ms
113ms XHR
text/plain 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcurrentlysea.info/utx?cb=gyCSxe0hL2MW&top=robloxscripts.net&tid=955748
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 15:12:12 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://robloxscripts.net
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 9a2PF1lz61oOSsEjpPvnEQFIF6CODOMKjH0AGZqcRwgaHTtYnoRmfg==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 79ms
34ms Fetch
binary/octet-stream 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6693
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 13:20:39 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://robloxscripts.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BDvTZCEtQwardohzvaY3Rl0rY148X7NipwPiq0e0BWDr8TZ3Gd2lb4OK4f8qlqBG7nv%2FL4hZZR9uLoc%2Biu6EHp0t5lLGE1mZo38AvUl2uLqN6HVXNCD64GnHyZJMgvJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 84674b9b0b0e3a8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
352 B 175ms
130ms Fetch
text/plain 172.64.111.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.111.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6802f5e18120c6e455837e79defcb9c0f15cd1d6256089a196e0f31d3ff9179a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3EAOUTq%2FVvU7Zsr8aQ0%2FesD09xAhrvpzptzbHxoOIErWtC1867%2FZc2nMcRAla4K6NDUl2s1BmHy%2FyLxTtaNLlXRKxMY4EV4n5PotBMouXKT8A6NLEokqLO%2FBHp47oPA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://robloxscripts.net
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 84674b9b0b113a8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 DWtxXGIJYzdVfR8xMgkrBHRkGDhNKX9Zewlwdll7AHZzUXgK
xukpresesmr.info/OUVCaEwWeiEbcW4Qc14ffiExDAl3MhcFIA8RGgAZWA06JClvDGQcJV14e115CHZzTjxQIX9ZakoxIxw5SnhzTiVXIy1Vak94c0Z/ 0
246 B 192ms
131ms Image
text/plain 104.21.36.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xukpresesmr.info/OUVCaEwWeiEbcW4Qc14ffiExDAl3MhcFIA8RGgAZWA06JClvDGQcJV14e115CHZzTjxQIX9ZakoxIxw5SnhzTiVXIy1Vak94c0Z/DWtxXGIJYzdVfR8xMgkrBHRkGDhNKX9Zewlwdll7AHZzUXgK
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.36.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkYdwryUVe9RRdzKXHN2hDFv58LxB%2BZB92G3EbJrE6WSTRSHeeli70Za%2BZCkU9Tb5vrMO4kGhRfjdlPMyguRwgyhOjsIfDydvqyddI5866KOBhNrWc%2B7d2lhSjOmbWyWJHEG"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84674b9b3eab3644-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 340ms
284ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2L4PXigNN_ZyzNdckL_T0KC0yYCFUj_iR76TmJmfG5msIC9mEChrS8N11...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp25By15hcIu2ZWEh3drQwCUAdFrZExbzN7f2MbfA40vdZYprpbkZn6PeGITllxKb-0LmSM9&passive=...

0
0

41ms
41ms

Image
text/html

2a00:1450:400c:c0b::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp25By15hcIu2ZWEh3drQwCUAdFrZExbzN7f2MbfA40vdZYprpbkZn6PeGITllxKb-0LmSM9&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905793058%3A1705417932090351&theme=glif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Jan 2024 15:12:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-M0Y9EYQsbBGFw2gfpq_kNQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp25By15hcIu2ZWEh3drQwCUAdFrZExbzN7f2MbfA40vdZYprpbkZn6PeGITllxKb-0LmSM9&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905793058%3A1705417932090351&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp01ZNND_rKqd6KYPnOhZYNB_PV8vi4fQdIhm3E_PEsrhqYeeMnRuXC...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ymsWRkGo6gVFMXvDWbRwEJLo2bts-Xq-LCoc63yH-U8ORZ_P7RKfa3II0u4gFLbWo5R68&passive...

0
0

42ms
42ms

Image
text/html

2a00:1450:400c:c0b::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ymsWRkGo6gVFMXvDWbRwEJLo2bts-Xq-LCoc63yH-U8ORZ_P7RKfa3II0u4gFLbWo5R68&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393035130%3A1705417932091176&theme=glif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H3
Server: 2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Jan 2024 15:12:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6-VcFtBT3Y7Pw5Z7m6Jz9A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ymsWRkGo6gVFMXvDWbRwEJLo2bts-Xq-LCoc63yH-U8ORZ_P7RKfa3II0u4gFLbWo5R68&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393035130%3A1705417932091176&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
xukpresesmr.info/ 35 B
528 B 96ms
35ms Image
image/gif 104.21.36.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xukpresesmr.info/popunder.gif
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.36.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 17:48:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77028
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp4yL4SsiqBR08ru2XjDP7xXKWDxXDqJbV6tA9PaQRLJ1qKg0eDDP9VSEebOzRn2QTSyotTYhh%2BLtPQJy7fIEUGcE3syHX76eSTxQxlnMSuU5iFHiuHIr4GH%2B366cN8ZmFUR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 84674b9b3ea83644-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 W0MRQiwSHgoDb1ZHAwNvX0EGC2xe
xukpresesmr.info/ZnI3MlhJTVRBZSk2X3Y9Ch1+djYSMVVjPyoRckYtJRV1BQsxBRFGMQJPDgdtUUYPFCgPFgoDfhUGVkYtFU8GFDEIFFgPfhBPBhxrUlwEBnZWVEIPaUAGR1M/ 0
247 B 177ms
131ms Image
text/plain 104.21.36.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xukpresesmr.info/ZnI3MlhJTVRBZSk2X3Y9Ch1+djYSMVVjPyoRckYtJRV1BQsxBRFGMQJPDgdtUUYPFCgPFgoDfhUGVkYtFU8GFDEIFFgPfhBPBhxrUlwEBnZWVEIPaUAGR1M/W0MRQiwSHgoDb1ZHAwNvX0EGC2xe
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.36.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7uEnLBxMzknRWdJYwpYX%2BX6e0qdnXOoSC%2F38KtvSp6%2BKovZEGSQkr06yGXGacwNJH2F%2F2x6WiSQypSNJnynZHuszyLayNUdRuNq0RtHxBhw7Ns%2Focxzh5cagsn4y05OsoHg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84674b9b3eaf3644-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 NlJycWwZbRECUVQUKCsOcBwRKwF0NygdHFEzJEgLbj8kHjtxB1QFBVJvS0RZDmRHVxxfNk9CWRAhBhAYQyFPQEpfPBQeURAkT0FCA3xAX18QJ09ASkIiExZRB3QCBRhab0NGXANmQ0ZVBWNLRF0
xukpresesmr.info/ 0
253 B 130ms
128ms Image
text/plain 104.21.36.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xukpresesmr.info/NlJycWwZbRECUVQUKCsOcBwRKwF0NygdHFEzJEgLbj8kHjtxB1QFBVJvS0RZDmRHVxxfNk9CWRAhBhAYQyFPQEpfPBQeURAkT0FCA3xAX18QJ09ASkIiExZRB3QCBRhab0NGXANmQ0ZVBWNLRF0
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.36.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPIXbdy%2BB5%2Fus0mUr4qvXYUhlpMeL%2FL80MGgrt51onlAyiEkt9L%2BJD1Js2jrLo1Jjhr1Y40olng86LIKORhsSUgCdJxAw84qpWD0KE%2BH2jp0e9n6keCZpoYdyhlgeghlDGKO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84674b9b3eb03644-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ajax-loader.gif
robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ 4 KB
4 KB 14ms
13ms Image
image/gif 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ajax-loader.gif

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams HIT
last-modified: Fri, 24 Nov 2023 19:30:47 GMT
server: nginx
etag: "6560f9e7-1052"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4178
expires: Wed, 03 Jan 2024 15:43:21 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 13ms
13ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ecc"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7884
expires: Wed, 03 Jan 2024 15:22:57 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 14ms
14ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1f40"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8000
expires: Wed, 03 Jan 2024 15:22:57 GMT

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 8 KB
8 KB 15ms
15ms Font
application/font-woff2 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://robloxscripts.net/_static/??-eJytUu1ywiAQfKEi2okx/uj0UTp8nIghgByYydv3Eu00OlU7nf5I4A522bu9PjIVfAafeXTFWI/8ErOThR7ZsUAamPCaaYvRiYHFgJlFYYDHIp1VXCBCJhzSd1rQ8tJ/s+5oRS6adSW3r1o2TVXLuhFL0KtdA+u6rrZSNbeoLy2mUCghGS6LdZpLF1TLnJVJpIFjHhz8DZr30N2FUpWhZGaS1ddvWK9c0YD8gLwDbQU4oiHkPBibBIk5MEINi876p2g6m8dzzK00SiXAGDzaE9BWjU5NjqCzGtLcDMqo9j+Irk4f9ZxSOYHX1ps51zQ+vdUG8py2zxF7dh6ie4wHyFGolndBF0etc7al/48iJkuRe+uBkdnmgwZWSAd6/uY0Bfh76MNyb8WdS0SeQ5zKvyO0RBeERj7sS9dGeXTP+Efhl/149b17W22W62VV1ZvmE0etbSE=
Origin: https://robloxscripts.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams HIT
last-modified: Tue, 16 Aug 2022 23:30:31 GMT
server: nginx
etag: "62fc2897-1ea0"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7840
expires: Wed, 03 Jan 2024 15:22:57 GMT

GET
H3 200 image-2.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 22 KB
23 KB 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image-2.png?w=561&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b8b44c9128abdce2345e601b2546cca99f2516eb9310f669d980a5fd24413a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22716
x-nc: HIT ams 5
last-modified: Sun, 17 Dec 2023 01:54:35 GMT
server: nginx
etag: "5f996d24e050065a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image-2.png>; rel="canonical"
expires: Tue, 16 Dec 2025 13:54:35 GMT

GET
H3 200 image-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 37 KB
37 KB 25ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image-1.png?w=848&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

402b33aedef532331ad11608226b71d791b63ca688a20c1b90cf9b90e96aa38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 37730
x-nc: HIT ams 1
last-modified: Wed, 06 Dec 2023 04:52:24 GMT
server: nginx
etag: "9c4d3c665190152d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image-1.png>; rel="canonical"
expires: Fri, 05 Dec 2025 16:52:24 GMT

GET
H3 200 image.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/ 25 KB
25 KB 22ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/12/image.png?w=599&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

99d4c42638c3f0d4cd4d2891abec4cf56681abf61ea8644fb66d2cd93d08b014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25244
x-nc: HIT ams 3
last-modified: Mon, 04 Dec 2023 18:06:39 GMT
server: nginx
etag: "8d57dd2782c2395e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/12/image.png>; rel="canonical"
expires: Thu, 04 Dec 2025 06:06:39 GMT

GET
H3 200 image.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/11/ 107 KB
107 KB 27ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/11/image.png?w=855&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e9034cb5c93deabdf13ad27110fdbb73bed2f480f38fd00e0ba4dd2c71c6f97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109502
x-nc: HIT ams 4
last-modified: Thu, 30 Nov 2023 18:56:19 GMT
server: nginx
etag: "bb2938965f2ee34a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/11/image.png>; rel="canonical"
expires: Sun, 30 Nov 2025 06:56:19 GMT

GET
H3 200 image-4.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 59 KB
59 KB 29ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/image-4.png?w=380&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5dcf2ecc8fcdc01d1f390be9c1599b74c9e39162a692aa0da5bb1e40e0701ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 60188
x-nc: HIT ams 5
last-modified: Tue, 31 Oct 2023 19:19:45 GMT
server: nginx
etag: "0c5cb2ff9050835c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/image-4.png>; rel="canonical"
expires: Fri, 31 Oct 2025 07:19:45 GMT

GET
H3 200 image-3.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/ 42 KB
42 KB 31ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/robloxscripts.net/wp-content/uploads/2023/10/image-3.png?w=668&ssl=1

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

451763f38c07ca6765fb0dfc81a046df11124035914f2cdbe6af0891c6a9be12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 42624
x-nc: HIT ams 8
last-modified: Tue, 17 Oct 2023 21:27:03 GMT
server: nginx
etag: "5a40ca08707a4b0c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://robloxscripts.net/wp-content/uploads/2023/10/image-3.png>; rel="canonical"
expires: Fri, 17 Oct 2025 09:27:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/ 402 KB
136 KB 132ms
90ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net&bust=31080400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c994fd11a4179deacda0bed682b365be83c7ca3aac67771ef501d4d4d1b7067a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139444
x-xss-protection: 0
server: cafe
etag: 10041611390513559189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame D7FB 9 KB
4 KB 67ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 48778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 20ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=209646640&post=299&tz=1&srv=robloxscripts.net&hp=atomic&ac=2&amp=0&j=1%3A13.0&host=robloxscripts.net&ref=https%3A%2F%2Frobloxexploits.net%2F&fcp=470&rand=0.2803083416133818
Requested by: Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Jan 2024 15:12:12 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
robloxscripts.net/wp-includes/js/ 18 KB
5 KB 14ms
13ms Script
application/javascript 192.0.78.139
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://robloxscripts.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.78.139 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 3.ams _atomic_ams HIT
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HVJ4KQQNLhMlOx00GSoXBDwLPgA9GhgABCAYGSUGTT4MFwAaETMpHiREewUERCUCCQonEhwqHE0SeiUbJCN+HBMnBA4lFR0hGioAUEUICjkZPRhdIUEgIRx0HwQlASJINRgqKDNEAQkZM0QI Show response
mcurrentlysea.info/b1J1d0oOMBYadQ5vF1E/HT5IUngpd0cxLgM6TRR7WigCQDwJPFsUJgAnERE4ADwBWSQKJlBFDA0GIEYkCjwwAgMIORYjIAQ5NEcuJjc9Hx08BzcFABcDIz8wXiU/JC1fHAIDHyIAFjAJXgNBITAEYTRHLi4zDDINKRAvACsYGyAyJC1qJC... Frame 7C60 3 KB
2 KB 117ms
117ms Document
text/html 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcurrentlysea.info/b1J1d0oOMBYadQ5vF1E/HT5IUngpd0cxLgM6TRR7WigCQDwJPFsUJgAnERE4ADwBWSQKJlBFDA0GIEYkCjwwAgMIORYjIAQ5NEcuJjc9Hx08BzcFABcDIz8wXiU/JC1fHAIDHyIAFjAJXgNBITAEYTRHLi4zDDINKRAvACsYGyAyJC1qJCU5OR5GNR43EyBOAwgqPTEjJjszNXosGB9PGCoUFkMGKT0tPyAMOTYPEz4zPU8iO2NMTispBD4gHgA5NiV+Ch0fQgk8FzAdBToYPCYSF2smIjo6NBJOCTwXMEEALj44JR0Hd0c1ADlrMREeOQAhGyIANERaKQ0TIUciLjVFIgYWCzozJj13RzEJXhg/JSchd0c1HzlrMREdOh8wEB8IGyA9AyI/HVJ4KQQNLhMlOx00GSoXBDwLPgA9GhgABCAYGSUGTT4MFwAaETMpHiREewUERCUCCQonEhwqHE0SeiUbJCN+HBMnBA4lFR0hGioAUEUICjkZPRhdIUEgIRx0HwQlASJINRgqKDNEAQkZM0QI
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: d25713fabd011a81198d13ec3176d15b13f5ba9b67f849ef7de61b3e05c45312

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1235
content-type: text/html
date: Tue, 16 Jan 2024 15:12:12 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id: TwqBWnrGtqkKILCu-AfGJkAL9z3qEhdu6eYXJM8E8TzFPKNl--mAow==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 IAAvEhIAFU8hDSI6IDssHBkhMwFmDhkKDBcOEygkADk1BiwPIiEFCmUTJFYBBAVCNCI8HzAGAjE7IRURPRQvNBFzPAQNKSVrGlElEA4+IAEkJTs6Cg Show response
mcurrentlysea.info/YkdVVncDJTY7SAN6N3ACECtoc0UkYmcQEw4vbTVGVz0iYQEEKXs1Gw0yMTAFDSkheBkHM3BkMQQKZTIAMQAHBzwgcyABRwEyEx4hBgU7HD8EASIAOzMKOxUcLHEdDgQlIz1uQiEuHxU5JjAEHSU3PRY/DzgGOBMUKRYlAxIOHiEVGyBxBA... Frame D8D3 3 KB
2 KB 114ms
114ms Document
text/html 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcurrentlysea.info/YkdVVncDJTY7SAN6N3ACECtoc0UkYmcQEw4vbTVGVz0iYQEEKXs1Gw0yMTAFDSkheBkHM3BkMQQKZTIAMQAHBzwgcyABRwEyEx4hBgU7HD8EASIAOzMKOxUcLHEdDgQlIz1uQiEuHxU5JjAEHSU3PRY/DzgGOBMUKRYlAxIOHiEVGyBxBAFDJBEsADkEAh8eORp/PwEhMygdLAQmFhYhNDIgYQA6CgFkFSEVfhIFJisSOBw0JisQMhNTEWMANREwEgUuIx8RFzMAEQwSPDMVIQAQLHUEES03ATsHDgARDBI6ICw4AxAGLgQhByAGDTU+BCsUNy4Jah9iNTcKZh40UhMDPyIADgcXIAYTD28hFRUlB0RXBRQOEzsOIi4/KS8tIiEMBTwHGQUOAj8ANCUDDzMrBQAkM1M/IAAvEhIAFU8hDSI6IDssHBkhMwFmDhkKDBcOEygkADk1BiwPIiEFCmUTJFYBBAVCNCI8HzAGAjE7IRURPRQvNBFzPAQNKSVrGlElEA4+IAEkJTs6Cg
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 0c2c1e4008cab642c96981e326ad526c391ed69cede0247d3188a82a5a2ed27e

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1239
content-type: text/html
date: Tue, 16 Jan 2024 15:12:12 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id: hQOAc8qKXM6hZfdk86z9s0pgRBWJOFmZlL5PCfX_T6xj5-t-U9Jt-Q==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 OzscJRgeDCYWfRcMNEQaAD4HGCArBRQ5BAkIMBJ9KgAyMR4CLBA9aUEtFEd1JDgrPRg8PmkxKjUhPiINFFYTMBk5Kz82CTspBy4WJQcgJyBCAwVGAjg4BiYNFV4LFgYbDGk2HhhXBEYrGjc8Lg4XKTUQLwQhPyIdVQUiGyIDUhsSAj4HPw0KGFYzJA Show response
mcurrentlysea.info/THNvUXQtEQw8Sy1ODXcBPh9SdEYKVl0XECAbVzJFeQkYZgIqHUEyGCMGCzcGIx0bfxopB0pjMiEXAyEfLUI6BzodHCEwEwUJLhcuPyJdaBcUJC0AOQ4QKh4DFh0jNkQuPBUYPwkbIjUtOypYMgMFFC4XLicmKwgyDiclHRINNikfHzgBPj... Frame 1A93 3 KB
2 KB 113ms
113ms Document
text/html 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcurrentlysea.info/THNvUXQtEQw8Sy1ODXcBPh9SdEYKVl0XECAbVzJFeQkYZgIqHUEyGCMGCzcGIx0bfxopB0pjMiEXAyEfLUI6BzodHCEwEwUJLhcuPyJdaBcUJC0AOQ4QKh4DFh0jNkQuPBUYPwkbIjUtOypYMgMFFC4XLicmKwgyDiclHRINNikfHzgBPjYbNDUoNSUYICoWOh1KOBg2K1ZdEzUdQ1cWMHQyOwI1FCkYOjEAC1djNw0DGAM2NCE9BiIYEikDMAUbV2E1DSIGEyx1JDgrBw8VXgsWFjY1YSIJRgIfPHUkOCg9Kj0pGxIvNjoIJRofAxUZNCI+PzYJEgh8IS45PT5RfjUqJkB/OzscJRgeDCYWfRcMNEQaAD4HGCArBRQ5BAkIMBJ9KgAyMR4CLBA9aUEtFEd1JDgrPRg8PmkxKjUhPiINFFYTMBk5Kz82CTspBy4WJQcgJyBCAwVGAjg4BiYNFV4LFgYbDGk2HhhXBEYrGjc8Lg4XKTUQLwQhPyIdVQUiGyIDUhsSAj4HPw0KGFYzJA
Requested by: Host: dlh8c15zw7vfn.cloudfront.net
URL: https://dlh8c15zw7vfn.cloudfront.net/?zchld=955131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e951339e5b077e553bc7c5f323822d13abb0611b57e4c44df083ebe7b225899c

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1235
content-type: text/html
date: Tue, 16 Jan 2024 15:12:12 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id: cwECYQTrhSsnH7Jjjfu9t-i8_GGkGRunh53Urp0_blEEX1YaabaHRA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 VxYYJihCSEEqKAQRHmRoVUoSJT8IFxRofyFLQ31jV1RHfXReVEN8e0JIQT4sARsDJGhVPER+eklJR2s4Wks Show response
dlh8c15zw7vfn.cloudfront.net/bTU1nenEuIgkcTjkkA0dIeHhWSUBrJxQVHz1wJSg0NwtUMRcGC1Q4Vzk3A0dAayEGFBZwawIUEnB8QRsVL3BTXAU9IgxHFiIiFB0CJj8REFc4LFoXHjckCxYQaH8hT199aFVKWTokCR4eOj5CSEEjOUJIQXx9SUpUfg9CSEE... Frame 7C60 848 B
866 B 172ms
172ms Script
text/plain 2600:9000:2670:4200:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/bTU1nenEuIgkcTjkkA0dIeHhWSUBrJxQVHz1wJSg0NwtUMRcGC1Q4Vzk3A0dAayEGFBZwawIUEnB8QRsVL3BTXAU9IgxHFiIiFB0CJj8REFc4LFoXHjckCxYQaH8hT199aFVKWTokCR4eOj5CSEEjOUJIQXx9SUpUfg9CSEE6JAlMRWh+JV9DfTVRTlhof1-cbAT0hAg0ULyYODlR/C1JJRmN+UV9DfWUMEgUgIUJIMmh/VxYYJihCSEEqKAQRHmRoVUoSJT8IFxRofyFLQ31jV1RHfXReVEN8e0JIQT4sARsDJGhVPER+eklJR2s4Wks
Requested by: Host: mcurrentlysea.info
URL: https://mcurrentlysea.info/b1J1d0oOMBYadQ5vF1E/HT5IUngpd0cxLgM6TRR7WigCQDwJPFsUJgAnERE4ADwBWSQKJlBFDA0GIEYkCjwwAgMIORYjIAQ5NEcuJjc9Hx08BzcFABcDIz8wXiU/JC1fHAIDHyIAFjAJXgNBITAEYTRHLi4zDDINKRAvACsYGyAyJC1qJCU5OR5GNR43EyBOAwgqPTEjJjszNXosGB9PGCoUFkMGKT0tPyAMOTYPEz4zPU8iO2NMTispBD4gHgA5NiV+Ch0fQgk8FzAdBToYPCYSF2smIjo6NBJOCTwXMEEALj44JR0Hd0c1ADlrMREeOQAhGyIANERaKQ0TIUciLjVFIgYWCzozJj13RzEJXhg/JSchd0c1HzlrMREdOh8wEB8IGyA9AyI/HVJ4KQQNLhMlOx00GSoXBDwLPgA9GhgABCAYGSUGTT4MFwAaETMpHiREewUERCUCCQonEhwqHE0SeiUbJCN+HBMnBA4lFR0hGioAUEUICjkZPRhdIUEgIRx0HwQlASJINRgqKDNEAQkZM0QI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:4200:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1f728700f81b05b33f57c8d0ce6bf87ecd028b043083c819927617efab7b1630

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mcurrentlysea.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 589
x-amz-cf-id: CUyxTWHYed4aggMjINS3p9zVFk29RKBo8JcIhj5reOZLiqlE1os46w==

GET
H2 200 fM0dwSGRQKB4uW0cuFHVdBnJHfFwVLQMnCkN6HXsGdh85CiJCNDwQKRUzCixZAmEcKQpUelYtClB6QW4FVyVNfEJHNx8jWVQoHzsDQCwCPg4VMhF1CVw9GSQIUmJCDlEdd1V6VBswGSYAXDADbVYDKQRtVgN2QGZUFnQybVYDMBkmUgdiQwpBAXcIflAaYk-J4BUM... Show response
dlh8c15zw7vfn.cloudfront.net/ Frame D8D3 869 B
886 B 163ms
163ms Script
text/plain 2600:9000:2670:4200:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/fM0dwSGRQKB4uW0cuFHVdBnJHfFwVLQMnCkN6HXsGdh85CiJCNDwQKRUzCixZAmEcKQpUelYtClB6QW4FVyVNfEJHNx8jWVQoHzsDQCwCPg4VMhF1CVw9GSQIUmJCDlEdd1V6VBswGSYAXDADbVYDKQRtVgN2QGZUFnQybVYDMBkmUgdiQwpBAXcIflAaYk-J4BUM3HC0TViUbIRAWdTZ9VwRpQ35BAXdYIwxHKhxtVnBiQngIWiwVbVYDIBUrD1xuVXpUUC8CJwlWYkIOVQF3XnhKBXdJcUoBdkZtVgM0ES4FQS5VeiIGdEdmVwVhBXVV
Requested by: Host: mcurrentlysea.info
URL: https://mcurrentlysea.info/YkdVVncDJTY7SAN6N3ACECtoc0UkYmcQEw4vbTVGVz0iYQEEKXs1Gw0yMTAFDSkheBkHM3BkMQQKZTIAMQAHBzwgcyABRwEyEx4hBgU7HD8EASIAOzMKOxUcLHEdDgQlIz1uQiEuHxU5JjAEHSU3PRY/DzgGOBMUKRYlAxIOHiEVGyBxBAFDJBEsADkEAh8eORp/PwEhMygdLAQmFhYhNDIgYQA6CgFkFSEVfhIFJisSOBw0JisQMhNTEWMANREwEgUuIx8RFzMAEQwSPDMVIQAQLHUEES03ATsHDgARDBI6ICw4AxAGLgQhByAGDTU+BCsUNy4Jah9iNTcKZh40UhMDPyIADgcXIAYTD28hFRUlB0RXBRQOEzsOIi4/KS8tIiEMBTwHGQUOAj8ANCUDDzMrBQAkM1M/IAAvEhIAFU8hDSI6IDssHBkhMwFmDhkKDBcOEygkADk1BiwPIiEFCmUTJFYBBAVCNCI8HzAGAjE7IRURPRQvNBFzPAQNKSVrGlElEA4+IAEkJTs6Cg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:4200:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fbe72bedaf41c1d361f01d3f6551ad0eb40de9b8321a35d4bf3c1eaaaf186f33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mcurrentlysea.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 610
x-amz-cf-id: f7kI_mreJ_zt1rDitiDORJj-VoYEVM8I7PqA4eY2qvz9KYgPL8o0Hg==

GET
H2 200 Ew43HTMQTmcwb1dce0VsQVllXjEMHzgaf1YocERqCAI+E39WWzITOQ8EfFNoVAg9BDUJDnBEHFVZZVhqSl1lT2NKWWRAf1ZbJhc8BRk8U2giXmZBdFddcwNnVQ Show response
dlh8c15zw7vfn.cloudfront.net/mdlpka1UVNQoNagIzAFZsQ29cXWBQMBcEOwZnLg0bOzIKEhMdYwY7cwIgAFZkUDYFBTJLfAEFNktrQgoxFGdQTSEGNQ9WIBg+AQ08GD8ATSAXZwkELx82CApwRBxRRWVTaFRDIh80AAQiBX9WWzsCf1ZbZEZ0VE5mNH9WWyI... Frame 1A93 780 B
805 B 170ms
170ms Script
text/plain 2600:9000:2670:4200:15:9ced:b8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlh8c15zw7vfn.cloudfront.net/mdlpka1UVNQoNagIzAFZsQ29cXWBQMBcEOwZnLg0bOzIKEhMdYwY7cwIgAFZkUDYFBTJLfAEFNktrQgoxFGdQTSEGNQ9WIBg+AQ08GD8ATSAXZwkELx82CApwRBxRRWVTaFRDIh80AAQiBX9WWzsCf1ZbZEZ0VE5mNH9WWyIfNFJfcEUYQVllDmxQQnBEag-UbJRo/Ew43HTMQTmcwb1dce0VsQVllXjEMHzgaf1YocERqCAI+E39WWzITOQ8EfFNoVAg9BDUJDnBEHFVZZVhqSl1lT2NKWWRAf1ZbJhc8BRk8U2giXmZBdFddcwNnVQ
Requested by: Host: mcurrentlysea.info
URL: https://mcurrentlysea.info/THNvUXQtEQw8Sy1ODXcBPh9SdEYKVl0XECAbVzJFeQkYZgIqHUEyGCMGCzcGIx0bfxopB0pjMiEXAyEfLUI6BzodHCEwEwUJLhcuPyJdaBcUJC0AOQ4QKh4DFh0jNkQuPBUYPwkbIjUtOypYMgMFFC4XLicmKwgyDiclHRINNikfHzgBPjYbNDUoNSUYICoWOh1KOBg2K1ZdEzUdQ1cWMHQyOwI1FCkYOjEAC1djNw0DGAM2NCE9BiIYEikDMAUbV2E1DSIGEyx1JDgrBw8VXgsWFjY1YSIJRgIfPHUkOCg9Kj0pGxIvNjoIJRofAxUZNCI+PzYJEgh8IS45PT5RfjUqJkB/OzscJRgeDCYWfRcMNEQaAD4HGCArBRQ5BAkIMBJ9KgAyMR4CLBA9aUEtFEd1JDgrPRg8PmkxKjUhPiINFFYTMBk5Kz82CTspBy4WJQcgJyBCAwVGAjg4BiYNFV4LFgYbDGk2HhhXBEYrGjc8Lg4XKTUQLwQhPyIdVQUiGyIDUhsSAj4HPw0KGFYzJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:4200:15:9ced:b8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9df0a57922496dc5fd1b3a45c215fa0a57366379d864691a08116f43cd28e8fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mcurrentlysea.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:12 GMT
content-encoding: gzip
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 528
x-amz-cf-id: phXqOe8jahWylD6rp-UQgcJf9j_GUNxhqtgM5kMo2QMrZBx3UkaIOg==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45A5 396 KB
90 KB 1170ms
1169ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1705417889&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705417932002&bpp=7&bdt=398&idt=272&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6741984155731&frm=20&pv=2&ga_vid=1907838616.1705417932&ga_sid=1705417932&ga_hid=2020830682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079437%2C44798934%2C31080400%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=4123167223928995&tmod=1832813924&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2249257918045069&plah=robloxscripts.net&bust=31080400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed2885a50927e58fd11f3b760446b2df8ea5e3faaf28bfdaadfdac8e2b92f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 15:12:13 GMT
expires: Tue, 16 Jan 2024 15:12:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1930 131 KB
42 KB 666ms
666ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705417889&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705417932009&bpp=1&bdt=405&idt=281&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6741984155731&frm=20&pv=1&ga_vid=1907838616.1705417932&ga_sid=1705417932&ga_hid=2020830682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079437%2C44798934%2C31080400%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=4123167223928995&tmod=1832813924&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e48fa2f01e05fe0e083238484c16b6224ec566009961f32e48999951f2297da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42945
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 15:12:12 GMT
expires: Tue, 16 Jan 2024 15:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1930 14 KB
2 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705417889&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705417932009&bpp=1&bdt=405&idt=281&shv=r20240109&mjsv=m202401090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6741984155731&frm=20&pv=1&ga_vid=1907838616.1705417932&ga_sid=1705417932&ga_hid=2020830682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079437%2C44798934%2C31080400%2C95321626%2C95321967%2C95322166%2C21065724&oid=2&pvsid=4123167223928995&tmod=1832813924&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:11:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1930 2 KB
903 B 74ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 21:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1930 23 KB
9 KB 73ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 09:19:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1930 3 KB
1 KB 77ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:44:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1930 20 KB
9 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1930 205 KB
65 KB 110ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 1930 37 KB
16 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5094987415262191491/ Frame 1930 11 KB
11 KB 166ms
127ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5094987415262191491/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfcee3b262b230202cf42487ef5371a53b42fda0a958b8b2450cb49710a107e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 16 Jan 2024 15:12:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 12:31:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Jan 2025 15:12:13 GMT

GET
DATA 200
OK truncated
/ Frame 1930 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1930 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1930 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9adb265b1a2b9856ce3990bb53918fe8f5ef5ea0db3ca5a3a6e8407a2a7a1a0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1930 33 KB
34 KB 100ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 40258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1930
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmw3yzJymZYiXFJi-1fAPzv2yuAHPqruSdaCx-83bEMrrmu3zDhABIP7mpWtgkQSgAdfRl_8DyAEJqQIL3hSwklCyPqgDAcgDywSqBNkBT9D3wdnToYyDfDFDzkkd44iHOLei0i98GTkRSX0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225921232922121515296%22,%22debug_reporting%22:true,%22destination%22:%22https://informer.nl%22,%22event_report_window%22:%2...

0
0

92ms
51ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225921232922121515296%22,%22debug_reporting%22:true,%22destination%22:%22https://informer.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221072031959%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221155981355825583025%22}&andc=true

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5921232922121515296","debug_reporting":true,"destination":"https://informer.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072031959"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"1155981355825583025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jan 2024 15:12:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 15:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5921232922121515296","debug_reporting":true,"destination":"https://informer.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1072031959"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"1155981355825583025"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AE60 50 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:57:21 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 104ms
51ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 15:12:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1686289764

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50ba056e80c2a387b64c0298652d35119dcb155eff1ae73f940c73844f7b2ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51609
x-xss-protection: 0
server: cafe
etag: 2881271432477136582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
64ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c000758c91e1973694c394f0d11b8e797b2ae07854ff6b91d932f641ce5c876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12314
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/ 162 KB
55 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401090101/reactive_library_fy2021.js?bust=31080400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a804c040ddf91223e9266da1ce9cef794d025a6e09fbd2cdf0144ff475207e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56406
x-xss-protection: 0
server: cafe
etag: 14573456125936913554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://robloxscripts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 91F5 9 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 42753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 0997 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 42753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 91F5 4 KB
744 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 13:31:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 91F5 205 B
519 B 23ms
22ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:38:20 GMT
x-content-type-options: nosniff
age: 16433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Jan 2025 10:38:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 91F5 604 B
696 B 24ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 348112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 91F5 16 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 22:18:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 91F5 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:16:40 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 0997 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H2 200 24c99e14925e42e286b16c1a5d25afd8.js Show response
www.gstatic.com/mysidia/ Frame 0997 11 KB
5 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/24c99e14925e42e286b16c1a5d25afd8.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4917
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 01:55:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 08:44:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0997 14 KB
1 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:51:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0997 2 KB
822 B 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 0997 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 09:19:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0997 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:44:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0997 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0997 205 KB
65 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 0997 37 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11189946938822968948/ Frame 0997 2 KB
2 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11189946938822968948/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d6a28a2cd404ca733f771f47ffe21d0ad30f6de33126ad6ab8690f8d2aa024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 07:35:13 GMT
date: Tue, 16 Jan 2024 07:35:13 GMT
x-content-type-options: nosniff
age: 27420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1705
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:33:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6169 143 B
166 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0997 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d85416c73a500d8f24df43274790e1677d0770c149ecc5d9444f83aa7a740fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 685C 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H3 200 54c2f3dd7fd22235ce59d6b86bfa2f62.js Show response
www.gstatic.com/mysidia/ Frame 685C 146 KB
53 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/54c2f3dd7fd22235ce59d6b86bfa2f62.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258aa8f1699516e8cae1190d7d19c1a434d7c52813aa5d11cdaea2becd0b86c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54702
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 21:22:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 685C 21 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 13:28:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 685C 2 KB
822 B 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 685C 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 09:19:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 685C 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:44:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 685C 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 685C 205 KB
65 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 15:12:13 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 685C 37 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E15 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://robloxscripts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 9975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 12:25:58 GMT
expires: Wed, 15 Jan 2025 12:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame DB46 0
0

GET ui
www.google.com/pagead/drt/ Frame 6169 0
0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E15 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 08:55:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0997 33 KB
33 KB 82ms
82ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 40258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 04:01:15 GMT

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 469C 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 04:57:21 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1930 0
0

GET generate_204
tpc.googlesyndication.com/ Frame 4E15 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET boom.gif
pixel.wp.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: www.google.com
URL: https://www.google.com/pagead/drt/ui

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqM03BDKKTBvB9zvefxoBFbqin3aIqX2SyapRD51tXdb1nzRrkk2oDHRluy4nY7a30NRWQ9uxUq02n-BLimQ5ugFnub-79lO88j1Qw3aQPSyGttL1nEfAP1CLaFwbCTxQ3vvvJwMElY8JTg-A3cze6dYe9jsuwUNAiXMFUAgvgutBJZU9KdBA&sai=AMfl-YTuOWRzmhhks1b96IoQoWfNnvCugVJatytvCU48oWrazba_ESmJfG0zXyHdF-na8RlxersQ7vxqFyd1TBGlF7o2r6Bs_1uccdcchFprtgRstiTOWQ53rgu5MqciXaphWuBn0qwLStuKmG7C509Sxw&sig=Cg0ArKJSzKyFS6TlihdWEAE&cid=CAQSTwAvHhf_uKI4k5VQk0pyVHyXS0gP90FcrC_Y2mK34EiJNeCioek6Lw4GFz-C0tAUKf7n-pWLefYHV17wdRcdqgVv8KUy8k1u-24x6ZEiBo8YAQ&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2904063243&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705417932293&rpt=880&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?jl1ppw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=4123167223928995&bg=!y8ilyIfNAAaumcC-jpk7ADQBe5WfOBVWDgOSas9rWwGREgAW0wMrGCZ5Y0VbR-GnoBUmm6_RYdIMo1lyzXASqGfS4mr7AgAAAD5SAAAAAWgBBwoAlPrs4S4llhtNVOALM7uVN9d2g_To0CIOOtAXyyxCXBlHpf0unOlUGqkxPHmzpWNELXY9nJkXpGkBhgnqTAH7PSx2rAI-6BKnFWR6oIgWc-9v_WKJiysDTz5ZORGSM-8gifgLGQIFgVi0d2847NMkEba7cdU7AhcNwUulM5g5zSldZ_Lu4t1S2SBncWe0kOLWCO22Wq6ZArjMQpAeSFvhQDnBXUglEn2twTSJAyVEJAmTWX0I-DLo6sge9v42ql_WE5TvpvTtxzVAc8uZF4huwG3TrJNO5tqFoYizE3TgDReHKr5zqYMUoTayus2Lbv0h6Vf0WA94sGgEWNFJt_9QaVFOWy5f2-MVczEdj6cmV-Ewev9raNTViFF4ip_wcc8gVUINmSRwCQoJbtTbr7bsxp8tLLPpKU5NLkpIvbVXt0e7C_rgjdNrFzxBMJaUz9pjaXPS0UO6yFmSb0DPE5LIsLU8HXiR-YbYPElTpje7__YGSSXL2wJdg9QbWCHop7-4IE4RInCo3e2JuiVw5Unfq0eU4AlV8h2f084aukpIM7GRPTv7XzZVISdAqlq8u4n0--zPvrow_40RL0zDkfTUv3Fi0Z7ZwSZZusb22N2CBCTDPjYAESH1kW6NRCH8YDOuQNjuSP545wwFVw8Mk7WJ4bsLC3IbvfUI0y2PS-4YGN5QMErZkFdtfvwqSHqw-vp9Q_GnGd2ZP2TenRJOwmil7UPLj0TnKN6AEz5zmkw5mhqKpEvUyJK2b4umN5fJc9gUOJ38GUpB3mbtRXbIpcbErQnXqwYsR2WJgcUZU56VEKlzs63J41x81TwVkZjtvF8M4tDKOnTDvOndJpEz9_8IwrNsCpC8fhKjPdOefN6FrJkiqk6GR0H1yyqS6v7IsaKgEmS0Lrc70YcbhfVXX2L0skp6Ay2QGRvHeS9BrvSDFwHlmtGav4ZNC9m-m12BEv1lEOGOtfe-vEdeIcsHcDzD5Es6L_qcZ1yPurdod47nZqzIYk9NE9qghGKlp6noNBuHZMpZQkE4Wci6RGHhwaPawMO-GWBvjk9nJQX0fhv9O5nDhFvtCbUWHJmYMWxs4GodyktqY4qFVu-mHm8rFG4Mwq8Gw0CJ5ZZ7ygMBgLbiISY

Domain: pixel.wp.com
URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.215&largest_contentful_paint=470&batcache_hit=1&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=9500&host_name=robloxscripts.net&url_path=%2F&nt_fetchStart=0&nt_domainLookupStart=16&nt_domainLookupEnd=16&nt_connectStart=16&nt_connectEnd=48&nt_secureConnectionStart=30&nt_requestStart=48&nt_responseStart=72&nt_responseEnd=92&nt_domLoading=74&nt_domInteractive=492&nt_domContentLoadedEventStart=511&nt_domContentLoadedEventEnd=514&nt_domComplete=1968&nt_loadEventStart=1968&nt_loadEventEnd=1969&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=470&first_contentful_paint=470&resource_size=2293104&resource_transferred=1653431&resource_cache_percent=0&js_size=357395&js_transferred=117477&js_cache_percent=0&blocking_size=580433&blocking_transferred=108301&blocking_cache_percent=0&last_resource_end=2349

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: iSzR_pVyEGnaHCUbPgpBOU0NPvP3p5Z9oVQwG00_pUc-1705417932080-0-604800000
.discordapp.com/	1970-01-20 17:43:39	Name: __cf_bm Value: rB7ymLNHFnsXS.M8wLpGlTb09ad0_XY5PxtkygDwYzs-1705417932-1-Abt3f02YP4+UQgZzPQTwUmnBl3WfV0FZYqjcDiKUMuptIzaxFjAS400SRRjUpvXHea7qF27HzcnVmi+Y4ORxbis=
pogothere.xyz/	1970-01-21 02:22:01	Name: csu Value: 2220202621425718@1@1705417932
.robloxscripts.net/	1970-01-21 03:05:13	Name: __gads Value: ID=ceae8c81c57488f3:T=1705417932:RT=1705417932:S=ALNI_MY9EyP0X0Zdbl9qtTcr5Nsuh95FnA
.robloxscripts.net/	1970-01-21 03:05:13	Name: __gpi Value: UID=00000cf8295686d0:T=1705417932:RT=1705417932:S=ALNI_MaMrra0XeZRtG_cCxQsGj2sRa7OWQ
.doubleclick.net/	1970-01-21 03:05:13	Name: IDE Value: AHWqTUkqsjCpW_D919Z7nNsfRSHpbgP0oZefRfbphk1HUIErlwzZYX0hxc1eLT6pBJc
.googleadservices.com/	1970-01-20 19:53:13	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:43:38	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp25By15hcIu2ZWEh3drQwCUAdFrZExbzN7f2MbfA40vdZYprpbkZn6PeGITllxKb-0LmSM9&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-905793058%3A1705417932090351&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ymsWRkGo6gVFMXvDWbRwEJLo2bts-Xq-LCoc63yH-U8ORZ_P7RKfa3II0u4gFLbWo5R68&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393035130%3A1705417932091176&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.discordapp.com
dlh8c15zw7vfn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
mcurrentlysea.info
pagead2.googlesyndication.com
pixel.wp.com
pogothere.xyz
robloxexploits.net
robloxscripts.net
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
use.fontawesome.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
xukpresesmr.info
pagead2.googlesyndication.com
pixel.wp.com
tpc.googlesyndication.com
www.google.com
104.21.36.53
143.204.215.129
162.159.133.233
172.217.18.98
172.64.111.13
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.139
2600:9000:2670:4200:15:9ced:b8c0:21
2606:4700:e2::ac40:8d0d
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::54
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
03a804c040ddf91223e9266da1ce9cef794d025a6e09fbd2cdf0144ff475207e
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950
07a15cb778fd35290ee6949422605e80525668618bb6567b22e51f4bf9c0cfd0
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0c000758c91e1973694c394f0d11b8e797b2ae07854ff6b91d932f641ce5c876
0c2c1e4008cab642c96981e326ad526c391ed69cede0247d3188a82a5a2ed27e
0df3b3ec51966c9d21ea840ca5ba6f023cc7bcd1b26f4300a8eadf95913be3c2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f728700f81b05b33f57c8d0ce6bf87ecd028b043083c819927617efab7b1630
216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252
258aa8f1699516e8cae1190d7d19c1a434d7c52813aa5d11cdaea2becd0b86c0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfcee3b262b230202cf42487ef5371a53b42fda0a958b8b2450cb49710a107e
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8
402b33aedef532331ad11608226b71d791b63ca688a20c1b90cf9b90e96aa38a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
451763f38c07ca6765fb0dfc81a046df11124035914f2cdbe6af0891c6a9be12
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4c5e4af9e3e30984d2bf53bd83e9cd82ce3e69ecd49c35e78dcb2939a9a27512
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
50ba056e80c2a387b64c0298652d35119dcb155eff1ae73f940c73844f7b2ad1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b1886e1daee35e17c6e89b6619aa8adc84bbdc988408cdc0dd9f932aa3cd42
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dcf2ecc8fcdc01d1f390be9c1599b74c9e39162a692aa0da5bb1e40e0701ff2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6802f5e18120c6e455837e79defcb9c0f15cd1d6256089a196e0f31d3ff9179a
7210ffae4ea7badc94c99bdc514077bd4ee217433338bd11bff22201ac35294c
74ab28190c822255d5a5117543cdd91f01a0e007e446a93e76ccdb4bac61762d
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550
7d85416c73a500d8f24df43274790e1677d0770c149ecc5d9444f83aa7a740fb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ed2885a50927e58fd11f3b760446b2df8ea5e3faaf28bfdaadfdac8e2b92f5b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9736aa2c8d2bb7d8ba735f23dde37a553925d2fdcfebfc7727000342f7629d6a
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
99d4c42638c3f0d4cd4d2891abec4cf56681abf61ea8644fb66d2cd93d08b014
9adb265b1a2b9856ce3990bb53918fe8f5ef5ea0db3ca5a3a6e8407a2a7a1a0e
9df0a57922496dc5fd1b3a45c215fa0a57366379d864691a08116f43cd28e8fc
9e48fa2f01e05fe0e083238484c16b6224ec566009961f32e48999951f2297da
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
a1d6a28a2cd404ca733f771f47ffe21d0ad30f6de33126ad6ab8690f8d2aa024
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b8b44c9128abdce2345e601b2546cca99f2516eb9310f669d980a5fd24413a7c
bd3bcc24eae9b172f6bcd872e3bbb8574a87eebb6575a5e8a0881c8108e3bd47
bd95a0cd408d777ef372d19dfdbe3c1fe5c765eab66a162cfc55289fbfbf5977
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c994fd11a4179deacda0bed682b365be83c7ca3aac67771ef501d4d4d1b7067a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d11b3f88e8e03d8a37e85cea00c18e02f588570c061663dbd6befbcd58943bab
d25713fabd011a81198d13ec3176d15b13f5ba9b67f849ef7de61b3e05c45312
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dda2afb952272ed1a0c539518da3f22c6425ddb02206fc2b2fdeb8b13239bff2
e00ef8d8e4494291e3e1041bef75833e7948ad3cc8e30748e0cbe55704ae3168
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8df7bd495d8fc2c7e9a7676c3aa105e1f913a2a1776bf5d01652aeb697f2bef
e9034cb5c93deabdf13ad27110fdbb73bed2f480f38fd00e0ba4dd2c71c6f97e
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e951339e5b077e553bc7c5f323822d13abb0611b57e4c44df083ebe7b225899c
eb2bb4e0a083209f044665af1bceb750fba0c43b38cca8f9696bb2ac74adb0b3
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fbe72bedaf41c1d361f01d3f6551ad0eb40de9b8321a35d4bf3c1eaaaf186f33

robloxscripts.net Open in urlscan Pro 192.0.78.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

91 %HTTPS

57 %IPv6

17 Domains

23 Subdomains

22 IPs

4 Countries

3112 kBTransfer

6021 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

robloxscripts.net Open in urlscan Pro
192.0.78.139 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

91 %
HTTPS

57 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

3112 kB
Transfer

6021 kB
Size

8
Cookies

112 HTTP transactions
4 data transactions