xn--nprobux-9m4c.vn.robloxgiare.net Open in urlscan Pro Puny
nạprobux.vn.robloxgiare.net IDN
103.200.23.236  Public Scan

URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Submission Tags: phishingrod
Submission: On March 30 via api from DE — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 29 HTTP transactions. The main IP is 103.200.23.236, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is xn--nprobux-9m4c.vn.robloxgiare.net.
TLS certificate: Issued by R3 on March 30th 2024. Valid for: 3 months.
This is the only time xn--nprobux-9m4c.vn.robloxgiare.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 103.200.23.236 135905 (VNPT-AS-V...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 172.67.181.167 13335 (CLOUDFLAR...)
1 3 142.250.185.196 15169 (GOOGLE)
1 1 199.232.192.193 54113 (FASTLY)
1 146.75.116.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
1 1 142.250.186.66 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
29 14
Apex Domain
Subdomains
Transfer
14 robloxgiare.net
xn--nprobux-9m4c.vn.robloxgiare.net
368 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
880 B
2 imgur.com
imgur.com — Cisco Umbrella Rank: 5326
i.imgur.com — Cisco Umbrella Rank: 8019
56 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
88 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7099
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
2 KB
1 gstatic.com
www.gstatic.com
201 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
92 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
86 KB
1 tmso1.co
sys.tmso1.co
771 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 744
33 KB
0 facebook.com Failed
www.facebook.com Failed
29 14
Domain Requested by
14 xn--nprobux-9m4c.vn.robloxgiare.net xn--nprobux-9m4c.vn.robloxgiare.net
3 www.google.com 1 redirects xn--nprobux-9m4c.vn.robloxgiare.net
www.gstatic.com
2 cdnjs.cloudflare.com xn--nprobux-9m4c.vn.robloxgiare.net
cdnjs.cloudflare.com
1 www.google.de xn--nprobux-9m4c.vn.robloxgiare.net
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 connect.facebook.net xn--nprobux-9m4c.vn.robloxgiare.net
1 www.googletagmanager.com xn--nprobux-9m4c.vn.robloxgiare.net
1 i.imgur.com xn--nprobux-9m4c.vn.robloxgiare.net
1 imgur.com 1 redirects
1 sys.tmso1.co xn--nprobux-9m4c.vn.robloxgiare.net
1 cdn.jsdelivr.net xn--nprobux-9m4c.vn.robloxgiare.net
1 code.jquery.com xn--nprobux-9m4c.vn.robloxgiare.net
0 www.facebook.com Failed connect.facebook.net
29 15

This site contains links to these domains. Also see Links.

Domain
transparencyreport.google.com
Subject Issuer Validity Valid
xn--nprobux-9m4c.vn
R3
2024-03-30 -
2024-06-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
tmso1.co
GTS CA 1P5
2024-03-14 -
2024-06-12
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-07 -
2024-04-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Frame ID: FE229E9AA37C0820A3FA0EBF6EE9A53A
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcufF8pAAAAABECOywkXnT18gWMWqJkgWLef5UF&co=aHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldDo0NDM.&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&cb=szj4isxm5dtz
Frame ID: CB63083135745662506D6DA0E9BF803F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

NAPROBUX.VN - TRANG CHỦ NẠP ROBUX CHÍNH THỨC - UY TÍN - GIÁ RẺ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

29
Requests

86 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

1719 kB
Transfer

3075 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://imgur.com/WNr4THl.png HTTP 301
  • https://i.imgur.com/WNr4THl.png
Request Chain 24
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2sP0squchQMVlmcdCR2pEgSNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjosaHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldC8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2sP0squchQMVlmcdCR2pEgSNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjosaHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldC8&is_vtc=1&cid=CAQSGwB7FLtqliZSp4cYe4fG2iDJX7iI1mFJbqcCUQ&random=1544536172 HTTP 302
  • https://www.google.de/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2sP0squchQMVlmcdCR2pEgSNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjosaHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldC8&is_vtc=1&cid=CAQSGwB7FLtqliZSp4cYe4fG2iDJX7iI1mFJbqcCUQ&random=1544536172&ipr=y

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xn--nprobux-9m4c.vn.robloxgiare.net/
73 KB
11 KB
Document
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed / PHP/7.4.33
Resource Hash
854d61113b20beaae593c43cc8ee4f9f28da988d0c94b1d1cb85de3a9444b0f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-length
11605
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 15:50:09 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
appv6dfa0dfa0dfa0.css
xn--nprobux-9m4c.vn.robloxgiare.net/css/
521 KB
87 KB
Stylesheet
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/css/appv6dfa0dfa0dfa0.css
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
fbfae7cd71b1dccd4c189cebc0fe5f71593e8ae7dd09720459e7e22cfee47b42
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:09 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:06:31 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
89369
expires
Sat, 06 Apr 2024 15:50:09 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://xn--nprobux-9m4c.vn.robloxgiare.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
771444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sl89%2FEnLhbwR8cwGlZPvLHPlKhxYhX0q8fd9HJk2GRGiB70z9cby6woj0zUoRxPNtDpV%2Fkd639LUaPpjlbtvUmwohpNmL2sn9EUqX1FTIWN%2FhQAwFUTa2sBMD9KXUl%2BiKMcxE1D2meDCdChCJK1Sqnju"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c941105b098fca-FRA
expires
Thu, 20 Mar 2025 15:50:13 GMT
jquery-1.12.0.min.js
code.jquery.com/
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
12543924
x-cache
HIT, HIT
content-length
33820
x-served-by
cache-lga21956-LGA, cache-fra-eddf8230040-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711813814.817360,VS0,VE0
etag
W/"28feccc0-17c52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
32, 3619
sweetalert2@11
cdn.jsdelivr.net/npm/
74 KB
21 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38449
x-jsd-version
11.10.7
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21290
x-served-by
cache-fra-eddf8230029-FRA, cache-lga21977-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"12992-/tgcE821tLGM6TiX+J8jJfac0ZE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTsMY7Ict9nAriFdids%2B1Wg7fYYlk7qVFRW4841%2B3wz1EJh%2BSnwdhHA4z8M2Rh581%2FJPYIzT%2F5xRiHscHC4XU%2FpdGCKA4puuLRg1eajW%2BAi9AJx4Fk9CuwRwrBAOeIPb7tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c941104fdd37f0-FRA
toastr.css
xn--nprobux-9m4c.vn.robloxgiare.net/assets/
6 KB
3 KB
Stylesheet
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/assets/toastr.css
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:09 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:06:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2654
expires
Sat, 06 Apr 2024 15:50:09 GMT
custom.css
xn--nprobux-9m4c.vn.robloxgiare.net/assets/
2 KB
549 B
Stylesheet
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/assets/custom.css
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
bd68db92894b80c325c7fc2358409362f15fb3abe9ea9c7d2eec1f012cb2ec56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:09 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:06:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
492
expires
Sat, 06 Apr 2024 15:50:09 GMT
toastr.js
xn--nprobux-9m4c.vn.robloxgiare.net/assets/
10 KB
2 KB
Script
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/assets/toastr.js
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
58dcd01e37ecf5930bc213f98adb2a6d81722442a80046e2f3b941dd6891c143
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:09 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:03:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2321
expires
Sat, 06 Apr 2024 15:50:09 GMT
robux.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
68 KB
68 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/robux.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
b5894966b0cda782abec2d01151b6edfd87fe3104e08d4cd430e6cc33c0dff2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:09 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 08 Jan 2024 10:03:59 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
69661
expires
Sat, 06 Apr 2024 15:50:09 GMT
image-aaedc1f8-4db8-411f-9c3a-297d23af7e98.gif
sys.tmso1.co/images/
770 KB
771 KB
Image
General
Full URL
https://sys.tmso1.co/images/image-aaedc1f8-4db8-411f-9c3a-297d23af7e98.gif
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a0492906e65949f0949b819ba57a22354d8cb01f658257ca8cc2931ab92743

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BBCB6EF57702D75C:B
alt-svc
h3=":443"; ma=86400
content-length
788178
x-amz-id-2
IglqnhbXxgVJAwoT1JaVy2n5RYbLNdjW7prW/e/aThdk01OCoSU7fhoxZKLhMMemFdTe1hXV8ShH
last-modified
Tue, 28 Mar 2023 17:58:38 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711148792531 154.18.200.102 ConID:946424307/EngineConID:8970960/Core:84
etag
"81d78f195ac1b8f3289367f4b3c97814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvVw4VqsK0CyfMoGQchoUc6p4NBo7RECBYV4VGFsahtTsH4rZj5hYu4Sx0WKh1k%2BUaijLxFd6XwC7DDdCe8WUjSofK6Ju2vKbx6S%2BhjCAlgBDWCa4Bdj0zhoe3tTZX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
86c9411068c99731-FRA
api.js
www.google.com/recaptcha/
1 KB
856 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
3a6418816eed3b450709ad2c7509c5726da45f1b0a82184992fc447d6c961b9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 30 Mar 2024 15:50:14 GMT
WNr4THl.png
i.imgur.com/
Redirect Chain
  • https://imgur.com/WNr4THl.png
  • https://i.imgur.com/WNr4THl.png
55 KB
56 KB
Image
General
Full URL
https://i.imgur.com/WNr4THl.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
22297f92a34292984ec8173f6d80c515a5b7cc6432aaa7d95a94bd82209a8f0e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 30 Mar 2024 15:50:14 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1516516
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
56569
x-served-by
cache-iad-kjyo7100072-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 13 Mar 2024 02:34:59 GMT
server
cat factory 1.0
x-timer
S1711813814.162562,VS0,VE2
etag
"56e283284d8cd09d9e7728691e424e35"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BX8xyYk8b4l4psik4DVHqwhwziMohUg1ql4l28xzKYk5dYAq0QkECA==
x-cache-hits
13, 1

Redirect headers

x-cache-hits
0
date
Sat, 30 Mar 2024 15:50:14 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
x-timer
S1711813814.132520,VS0,VE0
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/WNr4THl.png
access-control-allow-origin
https://imgur.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra-eddf8230071-FRA
da-quy.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
3 KB
3 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/da-quy.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
4d44fc251ed408df5d90386c75f4e1f65f053726d0cfc0bda4e154f7ad67a06b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:10 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:05:30 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2727
expires
Sat, 06 Apr 2024 15:50:10 GMT
pay-methods.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
88 KB
88 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/pay-methods.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
683fe40a8f67a9ea676708867fdc4ac747d0c5fd79badca91c47ef1f9e93cb7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:10 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:05:39 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
90044
expires
Sat, 06 Apr 2024 15:50:10 GMT
nocoppy.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
13 KB
13 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/nocoppy.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
f4317793e46cb64c79a135780c6ffd245c8030b8fdc4b5e14436b84fc326ab51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:10 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:04:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13534
expires
Sat, 06 Apr 2024 15:50:10 GMT
safewebsite.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
18 KB
18 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/safewebsite.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
a8b7ce0ad4d6a8a8bb309734cbe998b3f13300fb14f059f4213cfef37cc6388f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:10 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:04:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18369
expires
Sat, 06 Apr 2024 15:50:10 GMT
js
www.googletagmanager.com/gtag/
247 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16468437514
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8964329ef01950ef8d61391c09ce4e21c1e628b20e34a45b55880ad83660765a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88153
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Mar 2024 15:50:14 GMT
da-quy.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
3 KB
3 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/da-quy.png
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
4d44fc251ed408df5d90386c75f4e1f65f053726d0cfc0bda4e154f7ad67a06b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:10 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 11 Sep 2023 10:05:30 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2727
expires
Sat, 06 Apr 2024 15:50:10 GMT
xfbml.customerchat.js
connect.facebook.net/vi_VN/sdk/
318 KB
92 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
38aeebe5d58e9bcbdfec7996a87081b85c477959fea2852e0d17d8f50fcd8b8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Mar 2024 15:50:14 GMT
content-md5
s8CK7BBHA7Cl0MQLL7v5hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92616
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
rDa82xZU7ie9gqgQ81Oi8gZjUUixjdy1pbqAH/Uw8JUAPcr67Pj8hyTZ0/eVBqHQdNIsR9JaMpih2eKWW5SgNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c4ef8adb8ce7e1266631a580a4d335ec
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"1ea8358e2e708120bdc773e52e60e7c4"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 30 Mar 2024 16:03:45 GMT
all_countries_32_5c216c216c216.html
xn--nprobux-9m4c.vn.robloxgiare.net/images/
1 KB
1 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/all_countries_32_5c216c216c216.html?047b1a2d5afc05bf077fcbece34f1b3a
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/css/appv6dfa0dfa0dfa0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/css/appv6dfa0dfa0dfa0.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 15:50:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests;
server
LiteSpeed
content-length
1238
content-type
text/html
ajax-loadera405a405a405.html
xn--nprobux-9m4c.vn.robloxgiare.net/images/
1 KB
1 KB
Image
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/ajax-loadera405a405a405.html?e085384b8857f8c27f864b6ae55f91b1
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/css/appv6dfa0dfa0dfa0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/css/appv6dfa0dfa0dfa0.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 15:50:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests;
server
LiteSpeed
content-length
1238
content-type
text/html
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://xn--nprobux-9m4c.vn.robloxgiare.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
843188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PEYL5qp%2FL5%2FJkUktZezAMKxAGPneyJMtVAYdNSpjUYXuJgeOcH9ZNUVwEoCqQPZHMbZCsk29bHefAYN0FB%2FklANyE2wzDICCI%2FqFjL4A5Q1yd6nmJ2gPwRrYMsrMKR1jjFmsxoo"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86c94114fe161970-FRA
expires
Thu, 20 Mar 2025 15:50:14 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/
502 KB
201 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
Origin
https://xn--nprobux-9m4c.vn.robloxgiare.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 12:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204859
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Mar 2025 12:45:17 GMT
/
www.googleadservices.com/pagead/conversion/16468437514/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/16468437514/?random=1711813814783&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16468437514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
beffcb3e76690d3633e48056f30453f1c92addaa62fde2d678a32e8f1bb21f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 15:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1658
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame CB63
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcufF8pAAAAABECOywkXnT18gWMWqJkgWLef5UF&co=aHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldDo0NDM.&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&cb=szj4isxm5dtz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M-nNmYHy5sOjBx3gAZU9Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-M-nNmYHy5sOjBx3gAZU9Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Mar 2024 15:50:15 GMT
expires
Sat, 30 Mar 2024 15:50:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.de/pagead/1p-conversion/16468437514/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=s...
  • https://www.google.com/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u...
  • https://www.google.de/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2sP0squchQMVlmcdCR2pEgSNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjosaHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldC8&is_vtc=1&cid=CAQSGwB7FLtqliZSp4cYe4fG2iDJX7iI1mFJbqcCUQ&random=1544536172&ipr=y
Requested by
Host: xn--nprobux-9m4c.vn.robloxgiare.net
URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Protocol
H3
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 15:50:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Mar 2024 15:50:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/16468437514/?random=31627919&cv=11&fst=1711813814783&bg=ffffff&guid=ON&async=1&gtm=45be43r0v9181248917za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&label=3nQzCOD6uqAZEIrU4aw9&hn=www.googleadservices.com&frm=0&tiba=NAPROBUX.VN%20-%20TRANG%20CH%E1%BB%A6%20N%E1%BA%A0P%20ROBUX%20CH%C3%8DNH%20TH%E1%BB%A8C%20-%20UY%20T%C3%8DN%20-%20GI%C3%81%20R%E1%BA%BA&gtm_ee=1&npa=1&pscdl=noapi&auid=1291154854.1711813815&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI2sP0squchQMVlmcdCR2pEgSNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjosaHR0cHM6Ly94bi0tbnByb2J1eC05bTRjLnZuLnJvYmxveGdpYXJlLm5ldC8&is_vtc=1&cid=CAQSGwB7FLtqliZSp4cYe4fG2iDJX7iI1mFJbqcCUQ&random=1544536172&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/
0
0

/
www.facebook.com/plugins/customer_chat/facade/
0
0

robux.png
xn--nprobux-9m4c.vn.robloxgiare.net/images/
68 KB
68 KB
Other
General
Full URL
https://xn--nprobux-9m4c.vn.robloxgiare.net/images/robux.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.236 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host236.vietnix.vn
Software
LiteSpeed /
Resource Hash
b5894966b0cda782abec2d01151b6edfd87fe3104e08d4cd430e6cc33c0dff2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xn--nprobux-9m4c.vn.robloxgiare.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:50:11 GMT
content-security-policy
upgrade-insecure-requests;
last-modified
Mon, 08 Jan 2024 10:03:59 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
69661
expires
Sat, 06 Apr 2024 15:50:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onpagereveal function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| toastr function| randContent function| gtag object| dataLayer function| gtag_report_conversion object| chatbox function| fbAsyncInit object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| recaptcha object| closure_lm_652913

2 Cookies

Domain/Path Name / Value
.robloxgiare.net/ Name: _gcl_au
Value: 1.1.1291154854.1711813815
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

7 Console Messages

Source Level URL
Text
network error URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/images/all_countries_32_5c216c216c216.html?047b1a2d5afc05bf077fcbece34f1b3a
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/images/ajax-loadera405a405a405.html?e085384b8857f8c27f864b6ae55f91b1
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://xn--nprobux-9m4c.vn.robloxgiare.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xn--nprobux-9m4c.vn.robloxgiare.net/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://xn--nprobux-9m4c.vn.robloxgiare.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df27bf14fb089d71e0%26domain%3Dxn--nprobux-9m4c.vn.robloxgiare.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxn--nprobux-9m4c.vn.robloxgiare.net%252Ff8486df73bfb52b27%26relation%3Dparent.parent&current_url=https%3A%2F%2Fxn--nprobux-9m4c.vn.robloxgiare.net%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=550b7193-05e5-4176-aa04-1a279d54d83e&page_id=245038375368032&request_time=1711813815540&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
googleads.g.doubleclick.net
i.imgur.com
imgur.com
sys.tmso1.co
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xn--nprobux-9m4c.vn.robloxgiare.net
www.facebook.com
103.200.23.236
104.16.87.20
104.17.24.14
142.250.184.195
142.250.185.196
142.250.186.66
146.75.116.193
172.67.181.167
199.232.192.193
216.58.206.34
2606:4700::6811:190e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:200::649
22297f92a34292984ec8173f6d80c515a5b7cc6432aaa7d95a94bd82209a8f0e
38aeebe5d58e9bcbdfec7996a87081b85c477959fea2852e0d17d8f50fcd8b8e
3a6418816eed3b450709ad2c7509c5726da45f1b0a82184992fc447d6c961b9c
3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
4d44fc251ed408df5d90386c75f4e1f65f053726d0cfc0bda4e154f7ad67a06b
58dcd01e37ecf5930bc213f98adb2a6d81722442a80046e2f3b941dd6891c143
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
683fe40a8f67a9ea676708867fdc4ac747d0c5fd79badca91c47ef1f9e93cb7b
854d61113b20beaae593c43cc8ee4f9f28da988d0c94b1d1cb85de3a9444b0f4
8964329ef01950ef8d61391c09ce4e21c1e628b20e34a45b55880ad83660765a
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a8b7ce0ad4d6a8a8bb309734cbe998b3f13300fb14f059f4213cfef37cc6388f
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
b5894966b0cda782abec2d01151b6edfd87fe3104e08d4cd430e6cc33c0dff2f
bd68db92894b80c325c7fc2358409362f15fb3abe9ea9c7d2eec1f012cb2ec56
beffcb3e76690d3633e48056f30453f1c92addaa62fde2d678a32e8f1bb21f1e
d3a0492906e65949f0949b819ba57a22354d8cb01f658257ca8cc2931ab92743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4317793e46cb64c79a135780c6ffd245c8030b8fdc4b5e14436b84fc326ab51
fbfae7cd71b1dccd4c189cebc0fe5f71593e8ae7dd09720459e7e22cfee47b42