urlscan.io logo urlscan.io
SecurityTrails logo

robloxscripts.net Open in urlscan Pro
192.0.78.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://robloxexploits.net/
Effective URL: https://robloxscripts.net/
Submission: On December 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 2 countries across 17 domains to perform 108 HTTP transactions. The main IP is 192.0.78.230, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is robloxscripts.net.
TLS certificate: Issued by R3 on December 18th 2022. Valid for: 3 months.
This is the only time robloxscripts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
11 192.0.78.230 2635 (AUTOMATTIC)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
11 2607:f8b0:400... 15169 (GOOGLE)
2 162.159.133.233 13335 (CLOUDFLAR...)
1 192.0.77.32 2635 (AUTOMATTIC)
3 192.0.76.3 2635 (AUTOMATTIC)
4 2600:9000:251... 16509 (AMAZON-02)
12 192.0.77.2 2635 (AUTOMATTIC)
6 2607:f8b0:400... 15169 (GOOGLE)
12 172.64.173.27 13335 (CLOUDFLAR...)
7 99.86.229.97 16509 (AMAZON-02)
4 104.21.26.122 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
108 25
2    2606:4700:3030::ac43:dd79 (United States)

ASN13335 (CLOUDFLARENET, US)
robloxexploits.net
11    192.0.78.230 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
robloxscripts.net
2    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
11    2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    162.159.133.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2600:9000:2512:5c00:3:62b:d240:21 (United States)

ASN16509 (AMAZON-02, US)
d3oy68whu51rnt.cloudfront.net
12    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
6    2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
7    99.86.229.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-97.iad79.r.cloudfront.net
habrasysteleii.xyz
4    104.21.26.122 (None, )

ASN13335 (CLOUDFLARENET, US)
oorwithabitofst.info
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2607:f8b0:4006:80c::200d (Nutley, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
400 KB
16 wp.com
s0.wp.com — Cisco Umbrella Rank: 8151
stats.wp.com — Cisco Umbrella Rank: 3525
pixel.wp.com — Cisco Umbrella Rank: 2942
i0.wp.com — Cisco Umbrella Rank: 3746
553 KB
12 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 16774
605 KB
11 robloxscripts.net
robloxscripts.net
186 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 113
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
3 KB
7 habrasysteleii.xyz
habrasysteleii.xyz
7 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
109 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
58 KB
4 oorwithabitofst.info
oorwithabitofst.info
1 KB
4 cloudfront.net
d3oy68whu51rnt.cloudfront.net
122 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
3 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
94 KB
2 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2290
3 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1620
26 KB
2 robloxexploits.net
robloxexploits.net
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
701 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
108 17
Domain Requested by
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 pogothere.xyz d3oy68whu51rnt.cloudfront.net
12 i0.wp.com robloxscripts.net
11 pagead2.googlesyndication.com robloxscripts.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
robloxexploits.net
tpc.googlesyndication.com
www.googletagservices.com
11 robloxscripts.net robloxscripts.net
7 habrasysteleii.xyz d3oy68whu51rnt.cloudfront.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 accounts.google.com 2 redirects robloxscripts.net
4 oorwithabitofst.info robloxscripts.net
4 d3oy68whu51rnt.cloudfront.net robloxscripts.net
habrasysteleii.xyz
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 pixel.wp.com robloxscripts.net
2 cdn.discordapp.com robloxscripts.net
2 use.fontawesome.com robloxscripts.net
2 robloxexploits.net 1 redirects
1 www.google.com tpc.googlesyndication.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 securepubads.g.doubleclick.net googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com robloxscripts.net
1 stats.wp.com robloxscripts.net
1 s0.wp.com robloxscripts.net
108 26

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com
Subject Issuer Validity Valid
*.robloxexploits.net
E1		 2022-11-30 -
2023-02-28		 3 months crt.sh
tls.automattic.com
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.pogothere.xyz
E1		 2022-11-02 -
2023-01-31		 3 months crt.sh
habrasysteleii.xyz
Amazon RSA 2048 M02		 2022-12-23 -
2024-01-21		 a year crt.sh
*.oorwithabitofst.info
GTS CA 1P5		 2022-12-23 -
2023-03-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://robloxscripts.net/
Frame ID: 9A561FF91BA56A01AACD5F72DBE66A64
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 4ED6988D0FDED52D43968CB55FD7EE36
Requests: 1 HTTP requests in this frame

Frame: https://habrasysteleii.xyz/bkxsczEPLg8eDg9xDlVEHCBRVgMoaV41VV0jFUUJGSQZRgAcIhhdUgIjGRdXHCMCBx8AKRhWAyh6ITt4Wh85IWUmGjUFVF4dDit5PHUuJlIkKQImZikJHx56BQ48FkteAg0nWQYqXz0HLAotRndcFSsSZlY7PxtoKCk7OVIrfTUGVDwVNCVYHnktJWM0AD8qfzwkWEp/KHQ2MWVWOD0LBAgDLwdSKH0ABXw4CjwlYjdpXjFmPHk5OHYrDyIyAAAoLiVwLQspCWY8NA85WyAIOgRBWwcHIWktIgBCcCg7JRF5CjU6BEFbAV0YUioiXRtwFA0IFgI8BT4yHBYrNSJ7LRs4GAE2DggjfS0WDjQBFj8IHWsmD19GQC98PRdUXR01NGcvdSclSTYPCwNZLycmJngtdTolRh55JUJkPBkVKUUoGS06egc0LztnOz81InheDzQfCSYnJSRXJi8qIEk0eAgUYzYPAhgCOx4+KX4XfDoieVt0CARVDQ9fSlg8GVQ5FwQ/Ax1BUw8YOmgkFVpEexgkHCBnGh0
Frame ID: 1FB5739F338FC5F0FC3564257B046AD7
Requests: 2 HTTP requests in this frame

Frame: https://habrasysteleii.xyz/Q0hlS0ciKgYmeCJ1B20yMSRYbnUFbVcNI3AnHH1/NCAQfnYxJhFlJC8nEC8hMScLP2ktLRFudQU7MQ8JcAciODEbCgkuEQcgBA4wFRsAGh0CDCMFNhQZNxMFFz8qAjA0JicNMAcbHTwvBRkrCANwDSEeERIDLCcVCAACfy4WDQoBExB5PQ0WFS4EICQLHhIJPxEaUAcFOjwmDAESBykZEgAfMxIvGwlUGQU6CjYeICw8ABl2CwAzJ38EPycZBRAgBgoCNwcDLAoZHCB+YnEKJHseCho9PBARABUEISQFJB4WFX4neg4PAzIgBRF4Jy8iATg2CCswPDQ8aicdISEzFA4zBgQMCj8NIS99QHkBAQ4OBx8UIycZPwIJLw4kIh4gfmJxCgYNDggfHAkmCw5UBCEkBTQTFiQmPQ1zJx89MxYLeAoODhUSNggucnEke38UH1cCABEJVBgeJAIjDwJ2bVcJBjQaPw8UcgotI3YZCwIRAgd4M251BQozDQkVJlVtLTAnCzt6F3wpAyg3OxIm
Frame ID: 7D91503B36D2741491D11868F630A146
Requests: 2 HTTP requests in this frame

Frame: https://habrasysteleii.xyz/THlmeDYtGwUVCS1EBF5DPhVbXQQKXFQ+Un8WH04OOxETTQc+FxJWVSAWExxQPhYIDBgiHBJdBAoaBC94Ni8NKXkIO1YPUzQSLT4EOEAxPmwAIC4+eg8oJ019JEgDNXQjFCI5RSk+DDFjBjw3D30JCj47YgZMPi1jKjcfF30UFTMCfStMAylYDRUlKXADIAsxbAkBEUFTHh4oPkwBECQ5Bhs0CzFvDRJST300Gi0wTCMVNT5zfSBUCFIeEiAVVA4WLTBiBQshEHQbIy4pcgpIPBNSCgEyIGEWET4RcBsjLilXDxFXH1UJETc1bgJLPipCCiALSX8ZLEs1BQI7VihwJTwOPEErGC8VcCozMyJaL0koKWQUN1QgYz8gNhJ3DT1XIl0OSQ4qZzYWEjpRFi48MGcHOw45DwdJND9nGyAIOmQJGikBcAUsMi5YKD8wNmd/ER4gWhYyAzBgKi9XIl0oO1I7cBgaVDpzFjsjMHApLyBJWi8SFS9iIRpAEkUjFxZFdQAbBxBbAA8fPwEqFQ
Frame ID: 8D7E6877F17465EFF281951EAAFE2C16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1672416138&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192723&bpp=14&bdt=398&idt=364&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5825448713691&frm=20&pv=2&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=430
Frame ID: 970EDEA4DE61588BFD96B1126FD8E504
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Frame ID: 212703B9FA3C1069329E089348B8F37E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2681833890&adf=2981778012&pi=t.aa~a.2191923801~rp.2&w=1170&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1170x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416194447&bpp=2&bdt=2122&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D62a95f503359bf00-222abcfa06da0032%3AT%3D1672416193%3ART%3D1672416193%3AS%3DALNI_MZJmJgLnVw_7YbOnxVmS_DYlxxu0g&gpic=UID%3D000008eaaa8197f2%3AT%3D1672416193%3ART%3D1672416193%3AS%3DALNI_MY03kXNVcHHMNlYJLdo0pGQq8A4Kg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Nk0ruqN23J&p=https%3A//robloxscripts.net&dtd=11
Frame ID: 2BB838E9ABCA1DC00C4448ECBD6B1B39
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5121CA040D63E058C4EA0E1DAE694624
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: D2DD5A21349D4974A93691AA169F7F9C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 4A6FEA2A819720990C2851ECEB54C1FA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 3F9C445D616B29681BECD93BE65DDAF4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F3D90BF4AECFF69B681D142586B4E2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F66B80DD25921409E67C637A0FC0AC49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox Scripts - The best website for Roblox Scripts & Executors!

Page URL History Show full URLs

  1. http://robloxexploits.net/ HTTP 301
    https://robloxexploits.net/ Page URL
  2. https://robloxscripts.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

108
Requests

98 %
HTTPS

67 %
IPv6

17
Domains

26
Subdomains

25
IPs

2
Countries

2170 kB
Transfer

4291 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://robloxexploits.net/ HTTP 301
    https://robloxexploits.net/ Page URL
  2. https://robloxscripts.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://robloxexploits.net/ HTTP 301
  • https://robloxexploits.net/
Request Chain 48
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S1410247492%3A1672416193034564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh52b0d-HEscWpAGf7Y-rSJPbujZOPNOjb0S-X8zoK0Sn8_bF_XdE7HztKywBK2cGW_0peXl
Request Chain 49
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S1074134295%3A1672416193041297&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7FOzWgtxDbX9rSKasqRSv9daXF_uSA5va9b6jWoa5Bjt2XbGMN1Az5l0jyyQJmHhQrf6wU

108 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
robloxexploits.net/
Redirect Chain
  • http://robloxexploits.net/
  • https://robloxexploits.net/
353 B
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://robloxexploits.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dd79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781c010fa9c22cf5-ORD
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 16:03:12 GMT
last-modified
Sun, 02 Oct 2022 13:41:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abpaTdBFAS1t1X4D9sNqzk%2FZY019y2FEfRWTLx12gBcyV4umqDPnk8%2FyPf53uZfkRbKrPG34r%2BqQCuo2N5y7bR%2F%2Bbw1gzTX5A133Opst0Wvd4343IxkdQP7A%2FIotjrPnLz%2FGJNX%2FCDFYotTY1YaFuEw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
781c010ec99729c3-ORD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 30 Dec 2022 16:03:11 GMT
Expires
Fri, 30 Dec 2022 17:03:11 GMT
Location
https://robloxexploits.net/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Otg8vJu2gpKldLf96MJgnb%2B%2BixNeyO3xXtPPBbcFllmbFr8OhP6l%2BmEci7NRJA3WGGQW%2F1mS3VjTjYpqTsEt4wQ7eqUB73vnsXRWH4WrgH6N2tCO5nxqfFNpuUP3T5ZwWQdY3LgWLstoOe5lMnkmGw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request /
robloxscripts.net/ 		115 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5efad2229cc4e905572d75e5b9ca02a0fb87988591fe908e13c884d036595df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://robloxexploits.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=246, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 16:03:12 GMT
host-header
WordPress.com
last-modified
Fri, 30 Dec 2022 16:02:18 GMT
link
<https://robloxscripts.net/wp-json/>; rel="https://api.w.org/" <https://robloxscripts.net/wp-json/wp/v2/pages/299>; rel="alternate"; type="application/json" <https://wp.me/PebEFq-4P>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-ac
2.mdw _atomic_dca BYPASS
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
x-nananana
Batcache-Hit
/
robloxscripts.net/_static/ 		424 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
97c9bb382920c48a57f3931117f19947ef5a299e1026d09f6ef6fa42899af3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 19 Dec 2022 20:03:30 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
x-page-optimize
uncached
etag
W/"e12bbcd65a0af510826a2343a46db390"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
host-header
WordPress.com
all.css
use.fontawesome.com/releases/v6.1.2/css/ 		99 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.1.2/css/all.css
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

Referer
https://robloxscripts.net/
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QJKSG42X444YFK6B
age
603849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wM+5VDzj++HJo4qctCyu9xWfio4f9pdMsAaRO4ENZDhh0fzxpbIduBgx8RbeRKxPDxSTiRriD57YO7huKOgvog==
last-modified
Mon, 25 Jul 2022 16:09:47 GMT
server
cloudflare
etag
W/"8ef777107c4620d4ddd4f8c4bb14a36c"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21mIsG0cLVWUPq6I4Tv%2BgaIw9J2QMDqJEklNvcsK57esh3YoTELLUumkW0erXZ9EwnMC6Mov5BcscxTAKOXUIPmHSaDjfkBi9XZFYFFb4QpjFRgl5rpqMjOVKKSxx12SH0B7bcTX5HrN52R16NC1%2BLv0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
781c0112789b22c9-ORD
v4-shims.css
use.fontawesome.com/releases/v6.1.2/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950

Request headers

Referer
https://robloxscripts.net/
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QJKMN278ZF46BHB7
age
600464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
SZhLIPm37hFdq4TkLrECyWyh5t24w4tuMoUdKZDJEpKdrBSOSp7K14wH9DruJYTdJHlkqFWJgyAikc49NAfmWw==
last-modified
Mon, 25 Jul 2022 16:09:47 GMT
server
cloudflare
etag
W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSOvA8tfHqxoqTB%2BMQ%2BsOi8Cosm9aYeM6J67I6IKpp8zuBr2Zvcnnau3oALTl2eumVilTw5ba4gFuQtSQTjf1rqQ4CF6sHky%2B4TMBMAtp%2FCsRYpzy7Yr%2BfT0ZEFqB7kS6YPJUIcDC9IPtPrYX3dMB6C7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
781c0112789c22c9-ORD
videopress-token-bridge.js
robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/ 		878 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/videopress-token-bridge.js?ver=0.9.2
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2616becd1fa25433adee513644da53245e542892264edc46b611ebc3c9e2d9ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Nov 2022 21:17:26 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
etag
W/"6372b066-36e"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
robloxscripts.net/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
etag
W/"632879b8-15e54"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
robloxscripts.net/_static/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1667520834
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8650062d222876f20382a71f9de6919c5f267a8f9d22ac64085339e5d08d655d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 04 Nov 2022 00:13:54 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
x-page-optimize
uncached
etag
W/"77f92959e06b114875db88a210edce0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
host-header
WordPress.com
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
478626991aa680724855e73e9450fb6bd1a30d58ac73d446f3a32eff720f406b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49570
x-xss-protection
0
server
cafe
etag
13624275109177839771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 16:03:12 GMT
wp-emoji-release.min.js
robloxscripts.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
etag
W/"62551487-48b9"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
discord.svg
cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/929421642235519037/1014534028076003368/discord.svg
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
255889
x-guploader-uploadid
ADPycdsplYy_JrvH2aMeiFE10qofYY_rkGrnHpjPSDob5gnwjbiL_EfSAD412nJWECEeOU14za21mSb0Xe5IrvhuNbIrnQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
attachment;%20filename=discord.svg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 31 Aug 2022 13:56:01 GMT
server
cloudflare
etag
W/"ff7fb5235b904fea50cedf072826782d"
vary
Accept-Encoding
x-goog-generation
1661954161504978
content-type
image/svg+xml;%20charset=utf-8
x-goog-hash
crc32c=Mb61zA==, md5=/3+1I1uQT+pQzt8HKCZ4LQ==
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BpX9GZhwSpmFDi0f6Vx0d34D2l9wjLamDMDUjjdgGo9fRI612lyIcWIBmecB0NhLmA9Ntfq5rCFvwdelnlvzqVA6CzrN8yynqg7khu3qO4CecHUn%2FGszy5Hd3FAx1yfLY4asQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1270
cf-ray
781c0113883529f4-ORD
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 30 Dec 2023 16:03:12 GMT
icons8-youtube.svg
cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/ 		702 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/929421642235519037/1014534363783909406/icons8-youtube.svg
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2379486
x-guploader-uploadid
ADPycdtnsAVYWxpvTq7ke2iOt1QIRCNJY9VobDUxrY5JmG0-3Tr5Md0w9jOsuRETb-FXRbdYMMMpoCUhk0b09Xv4hW5xzQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
attachment;%20filename=icons8-youtube.svg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 31 Aug 2022 13:57:21 GMT
server
cloudflare
etag
W/"382c3ebffb19403d05359a5ec7554298"
vary
Accept-Encoding
x-goog-generation
1661954241540175
content-type
image/svg+xml;%20charset=utf-8
x-goog-hash
crc32c=mHmx0g==, md5=OCw+v/sZQD0FNZpex1VCmA==
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwWj8kldkvRQTd8DviM6ivSHfhUOla5vdwy2CVK0bbeuXf3GElOuJZVLE9Y1xeGY7JQlfSfaPRg%2FnU4%2F7X%2BxXdR6M%2BtZgsuac0Ew%2B6SkUppvufv7GUcUO9q%2F%2Bnc09LvrThs2Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
702
cf-ray
781c0113883629f4-ORD
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 30 Dec 2023 16:03:12 GMT
bilmur.min.js
s0.wp.com/wp-content/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/bilmur.min.js?m=202252
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e9885e4aea54f587ccabce165b42e0b3cd097030a72d4153b6eff6362d4f9bc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 2
date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
x-ac
2.mdw _dca BYPASS
server
nginx
etag
W/"63443f57-1a42"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Dec 2023 00:03:24 GMT
/
robloxscripts.net/_static/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/_static/??-eJytktFOwzAMRX8IL0MCthfEp0xp4nVeUyfEbkP5ejJWRDU0BIgnJ47usXPtksBFVmQ1KQwtsZgjarKuMztiZ5qBgjfpEDXyHFY98eooN+WrdL7DSFgEngfME1j24ElSsBOkKArJtmjS0ARyxoqg1pJVOl4w9YA9imFihCbEdlchtgnoFyLpKEEg7mAf3SCwp5c/UNiO1FqlePmtn4hrWY39FT8+rJzjbkT2MRs7VIlVrQbMLxDs6wTUV2vE1CpqqJKyoDu1BbERzCPm/y+zSFyB15TmCiRuz/OTQB7z+1wL+RZ14UbRJAXOw73OyygpstCI9ehOC7MAL8dbKd036/YLVElJrPvs7Kl/vH3YrLd32836/g18VCfQ
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c8e270f884a1080449fd94fff76b3fb4005a6eca394ed260ad8b686475a751e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 12 Dec 2022 12:38:25 GMT
server
nginx
x-ac
2.mdw _atomic_dca BYPASS
x-page-optimize
uncached
etag
W/"1c6cb5a3711331d749ccb196bc0a29c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
host-header
WordPress.com
e-202252.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202252.js
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw
date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Wed, 27 Dec 2023 00:10:13 GMT
/
d3oy68whu51rnt.cloudfront.net/ 		370 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:5c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3ee67b718c0994aaace65499bd978b1dc1b238a72dfe7029bd62abacb56cbac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 15:59:23 GMT
content-encoding
gzip
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
229
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
121656
x-amz-cf-id
13SUm01mggmGVYVDHl5PSI4Z6iYUlK-i6e6j8iSIN6lgiWfMgRsyJQ==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
pxiEyp8kv8JHgFVrJJfecg.woff2
robloxscripts.net/wp-content/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
x-ac
2.mdw _atomic_dca BYPASS
last-modified
Tue, 16 Aug 2022 23:30:31 GMT
server
nginx
etag
"62fc2897-1ecc"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
7884
expires
Fri, 06 Jan 2023 16:03:12 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
x-ac
2.mdw _atomic_dca BYPASS
last-modified
Tue, 16 Aug 2022 23:30:31 GMT
server
nginx
etag
"62fc2897-1ea0"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
7840
expires
Fri, 06 Jan 2023 16:03:12 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
robloxscripts.net/wp-content/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://robloxscripts.net/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Origin
https://robloxscripts.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
x-ac
2.mdw _atomic_dca BYPASS
last-modified
Tue, 16 Aug 2022 23:30:31 GMT
server
nginx
etag
"62fc2897-1f40"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
8000
expires
Fri, 06 Jan 2023 16:03:12 GMT
ajax-loader.gif
robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://robloxscripts.net/wp-content/plugins/wp-responsive-recent-post-slider/assets/images/ajax-loader.gif
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.230 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/_static/??-eJytUu1OwzAMfCFCNjRK+YF4FJQPLzN10xAnq/r2eN0QHdoAIX60iZ3c2TnfmJQbYoFYdKIaMLI+xWqPMLJ6q5AnZaJXHjmRmVQauKhkAuhULaHThhmK4Fi+/a0sN+Mn61ZW1qa939jHO2/bdtPYpjUr8OttC/dNs3m0rv2K+uglVAkt5KBtRfLa0uA6RWizyZPmMhH8DVp20F+FyiuHWlTI6M9rYHRUPbB+Zd2DRwMkNIJcBgeRICuCYNx022P8ES1ny/giZlaXRGp0am6el9e+vkBSGTgNkXEPsnWHgc6DY0IPeTkzybjuP4jOTr8bjaRKhugxhiXX7LIRfYCypB1L4lEdvXaN8RVKMq7T/eAriVqEnfwvNnEUT0eMoMQT4UV8bSyBX9aczcK/h16sVBMNxrOedrXvkn2jn7o/VD7tD1ef+6d187DetKu79eodlSxjRw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
strict-transport-security
max-age=31536000
x-ac
2.mdw _atomic_dca BYPASS
last-modified
Mon, 12 Dec 2022 12:38:25 GMT
server
nginx
etag
"639720c1-1052"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4178
expires
Fri, 06 Jan 2023 16:03:12 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=209646640&post=299&tz=1&srv=robloxscripts.net&hp=atomic&ac=2&amp=0&j=1%3A11.7-a.7&host=robloxscripts.net&ref=https%3A%2F%2Frobloxexploits.net%2F&fcp=364&rand=0.7268888683011612
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 16:03:12 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
pnj-rs-w-1.png
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png?fit=504%2C355&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 2
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Sep 2022 07:07:22 GMT
server
nginx
etag
"6477be2d8a388957"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/08/pnj-rs-w-1.png>; rel="canonical"
content-length
3194
expires
Wed, 04 Sep 2024 19:07:22 GMT
kiwi_x_thumb.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp?fit=1280%2C720&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 1
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Dec 2022 17:14:01 GMT
server
nginx
etag
"682063fbea86a368"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/09/kiwi_x_thumb.webp>; rel="canonical"
content-length
84354
expires
Sat, 21 Dec 2024 05:14:01 GMT
625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg?fit=1280%2C720&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 4
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Sat, 10 Sep 2022 13:25:33 GMT
server
nginx
etag
"32dfce7e5ac81130"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1651778409974-maxresdefault-5.jpg>; rel="canonical"
content-length
103030
expires
Tue, 10 Sep 2024 01:25:33 GMT
625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp?fit=705%2C396&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 1
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Sep 2022 19:34:01 GMT
server
nginx
etag
"0d58afef680878fc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/09/625456dc5bdb81f6e62a45dd-1654954789864-Ready.webp>; rel="canonical"
content-length
72050
expires
Sat, 07 Sep 2024 07:34:01 GMT
Fruit-Finder.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/Fruit-Finder.webp?resize=1024%2C576&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c29ecf0785743c098ad70acb189aab485e610dc17618973c2255ae7d354607ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 2
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Dec 2022 14:41:57 GMT
server
nginx
etag
"1d83ae149a795661"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/Fruit-Finder.webp>; rel="canonical"
content-length
44954
expires
Mon, 30 Dec 2024 02:41:57 GMT
ezgif.com-gif-maker-94.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ezgif.com-gif-maker-94.webp?resize=1024%2C576&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
21651e27240c0f8796e7dc7b97ee08fc69af748962761cd09d2732b7ee4f734d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 3
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 19:37:17 GMT
server
nginx
etag
"345d08c6078e706b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/ezgif.com-gif-maker-94.webp>; rel="canonical"
content-length
117760
expires
Fri, 27 Dec 2024 07:37:17 GMT
ezgif.com-gif-maker-93.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ezgif.com-gif-maker-93.webp?resize=1024%2C576&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8bdb5a7e195d9abfd5e1b61f9f67e8ba74630b53b37cdec314579f9970979451
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 4
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 19:22:08 GMT
server
nginx
etag
"caae40e323a534e0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/ezgif.com-gif-maker-93.webp>; rel="canonical"
content-length
42266
expires
Fri, 27 Dec 2024 07:22:08 GMT
HohoHub_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/HohoHub_16x9.webp?w=713&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8f644760a6718c0e6c4d924f6e3e5a4d44fc2d50dd17d568282fa1484d326f76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 1
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 16:53:26 GMT
server
nginx
etag
"f893a95e4b6ce0e9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/HohoHub_16x9.webp>; rel="canonical"
content-length
16764
expires
Fri, 27 Dec 2024 04:53:26 GMT
MukuroHub_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/MukuroHub_16x9.webp?resize=1024%2C576&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c0a73f89bfd90c57f3681fd039d6300604e67cf0e64e115ebeb5bcbf641740d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 1
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 16:53:26 GMT
server
nginx
etag
"bce38a4f6f5157b8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/MukuroHub_16x9.webp>; rel="canonical"
content-length
30870
expires
Fri, 27 Dec 2024 04:53:26 GMT
Unique_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/Unique_16x9.webp?resize=1024%2C576&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e9caf1541963468b18e3d31eba3623556aa3430ff03bef40e045fe7f182b3425
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 2
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Dec 2022 04:06:11 GMT
server
nginx
etag
"270640819e718d59"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/Unique_16x9.webp>; rel="canonical"
content-length
16972
expires
Wed, 25 Dec 2024 16:06:11 GMT
Chiba_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/Chiba_16x9.webp?w=699&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1085ad978b71ac2981272204d4503f4e0428fba0ff2b7cf1f22e63146a4cf2e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 3
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Dec 2022 03:10:34 GMT
server
nginx
etag
"bed9a4cc850ba604"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/Chiba_16x9.webp>; rel="canonical"
content-length
10170
expires
Wed, 25 Dec 2024 15:10:34 GMT
Alucard_16x9.webp
i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/robloxscripts.net/wp-content/uploads/2022/12/Alucard_16x9.webp?w=747&ssl=1
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9ea0776c059ea6629b6d47e7287d433c1db9c502cbd619d91458f4a33481f91a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT mdw 2
date
Fri, 30 Dec 2022 16:03:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 26 Dec 2022 03:10:34 GMT
server
nginx
etag
"569804654a91578d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://robloxscripts.net/wp-content/uploads/2022/12/Alucard_16x9.webp>; rel="canonical"
content-length
15320
expires
Wed, 25 Dec 2024 15:10:34 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be12b9dc9740540ef6a982a4f94008127ea2968cef486c8418b0efa4bfea2d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119965
x-xss-protection
0
server
cafe
etag
8592217195965251342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 16:03:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 4ED6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2249257918045069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 13:23:00 GMT
etag
10353107486223812946
expires
Fri, 13 Jan 2023 13:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymLMyqMttoH47xbw0%2FvhT01mnEdPW499rZF27aW8D3ZonrnQ5%2BVSm8koQld2EilS8%2FcvteHxKu0d26FFYQGTBe8MXqxGHvju7owV9mUPDSktYl9BuBx0q%2BFUUE2qZste"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c0115c93b187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24aebfb015cd59b721c805df85a8990eb121a0bcb8609de2204ee9af7e61bc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ksbi5sGWA%2F%2Bw6zLh4leY5A%2Fz8bDvmIq91WLwqPR6lRTfJSvct730EJn4uxGCQ7vBlH62uN49hjpfrDHedT93DXjlGJs21Aqq3c89aHvyeQAwveDv4kef9XlzqaidOWPt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c0115c940187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
habrasysteleii.xyz/ 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/utx?cb=aenhuG2LYM2M&top=robloxscripts.net&tid=955131
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:12 GMT
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://robloxscripts.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
7Hl0bccf-YPNRRvb2U250MLnFBO9oAHEk0Q-InmxL4yVynnUAgkx-A==
Ax1BUw8YOmgkFVpEexgkHCBnGh0
habrasysteleii.xyz/bkxsczEPLg8eDg9xDlVEHCBRVgMoaV41VV0jFUUJGSQZRgAcIhhdUgIjGRdXHCMCBx8AKRhWAyh6ITt4Wh85IWUmGjUFVF4dDit5PHUuJlIkKQImZikJHx56BQ48FkteAg0nWQYqXz0HLAotRndcFSsSZlY7PxtoKCk7OVIrfTUGVDwVNC... Frame 1FB5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/bkxsczEPLg8eDg9xDlVEHCBRVgMoaV41VV0jFUUJGSQZRgAcIhhdUgIjGRdXHCMCBx8AKRhWAyh6ITt4Wh85IWUmGjUFVF4dDit5PHUuJlIkKQImZikJHx56BQ48FkteAg0nWQYqXz0HLAotRndcFSsSZlY7PxtoKCk7OVIrfTUGVDwVNCVYHnktJWM0AD8qfzwkWEp/KHQ2MWVWOD0LBAgDLwdSKH0ABXw4CjwlYjdpXjFmPHk5OHYrDyIyAAAoLiVwLQspCWY8NA85WyAIOgRBWwcHIWktIgBCcCg7JRF5CjU6BEFbAV0YUioiXRtwFA0IFgI8BT4yHBYrNSJ7LRs4GAE2DggjfS0WDjQBFj8IHWsmD19GQC98PRdUXR01NGcvdSclSTYPCwNZLycmJngtdTolRh55JUJkPBkVKUUoGS06egc0LztnOz81InheDzQfCSYnJSRXJi8qIEk0eAgUYzYPAhgCOx4+KX4XfDoieVt0CARVDQ9fSlg8GVQ5FwQ/Ax1BUw8YOmgkFVpEexgkHCBnGh0
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
ccb286d97e2343d4e820dfb611d379c9ac6af7ba342cc124d4f754c247a952a6

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1244
content-type
text/html
date
Fri, 30 Dec 2022 16:03:12 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
x-amz-cf-id
TCj1z8FHqvFoBNwt8SvTo-V5l3imejD9M8m1LgsmMBXNaV4UBOZfkQ==
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3dh%2BpadP57HZYQyR0FhVnxoHUD3y3ifgE3H3cpdmYRBvb8xSLWjl9GQxk7Aax2JG4GaoIapxTEEEOlh3a5BOOwSO9QTDpiL1An83pxgkMZo66o9D61vTplj2vjnDOSJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c0115d948187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		26 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d674c3d0ce3c5793f632b35d9d8342813614408bc80722418037f3f3abc1fb84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1rh2Dq90Szj1TepXgEwxdOWX05%2B%2Fx46nQtfjUdl88E9jZm1dEIMjKwbsALPwvQ1qX0rCSQsIXv70euOsg3pkxZ0R2ojKmwb53LO3%2FDO9GFd%2B5V34wwnhbMQCUOpZJLb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c0115d945187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
habrasysteleii.xyz/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/utx?cb=FskFvrboatJx&top=robloxscripts.net&tid=955748
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:12 GMT
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://robloxscripts.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
IqOsmr_FDvxrW8Vw6pU_KDpQr8K-ceP-g61iFtHSgG-3DLTrGuH0Tg==
NCAQfnYxJhFlJC8nEC8hMScLP2ktLRFudQU7MQ8JcAciODEbCgkuEQcgBA4wFRsAGh0CDCMFNhQZNxMFFz8qAjA0JicNMAcbHTwvBRkrCANwDSEeERIDLCcVCAACfy4WDQoBExB5PQ0WFS4EICQLHhIJPxEaUAcFOjwmDAESBykZEgAfMxIvGwlUGQU6CjYeICw8A...
habrasysteleii.xyz/Q0hlS0ciKgYmeCJ1B20yMSRYbnUFbVcNI3AnHH1/ Frame 7D91 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/Q0hlS0ciKgYmeCJ1B20yMSRYbnUFbVcNI3AnHH1/NCAQfnYxJhFlJC8nEC8hMScLP2ktLRFudQU7MQ8JcAciODEbCgkuEQcgBA4wFRsAGh0CDCMFNhQZNxMFFz8qAjA0JicNMAcbHTwvBRkrCANwDSEeERIDLCcVCAACfy4WDQoBExB5PQ0WFS4EICQLHhIJPxEaUAcFOjwmDAESBykZEgAfMxIvGwlUGQU6CjYeICw8ABl2CwAzJ38EPycZBRAgBgoCNwcDLAoZHCB+YnEKJHseCho9PBARABUEISQFJB4WFX4neg4PAzIgBRF4Jy8iATg2CCswPDQ8aicdISEzFA4zBgQMCj8NIS99QHkBAQ4OBx8UIycZPwIJLw4kIh4gfmJxCgYNDggfHAkmCw5UBCEkBTQTFiQmPQ1zJx89MxYLeAoODhUSNggucnEke38UH1cCABEJVBgeJAIjDwJ2bVcJBjQaPw8UcgotI3YZCwIRAgd4M251BQozDQkVJlVtLTAnCzt6F3wpAyg3OxIm
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e8598dc619b959e79bb8091fe1c9fa72b23668d2ab60728e76d92208ba5d2af7

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1227
content-type
text/html
date
Fri, 30 Dec 2022 16:03:12 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
x-amz-cf-id
w32dhm16MI1QlG6h5kWC376wmvg5Ps1kbyP-jvxmdDGCA2L9aeWsGQ==
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WhKDqokRsqtGrp8VUvYRGVpGWamKeoq%2F1iEXaY43UVKUvaKHS16iN9BxCdMNSy3DGjkNk1wECv5eWzH3nQ6tt09cvOZdRwg3MHvaPpifYr1OrajBwObqd6FL7VfmhF%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c0115d943187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09ac3ebddce0716b37c6a9d9a0552379dd40e004685f1118caa640c849078a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2uG4zAikyK0jijOSybkbSE2J22nJlkuiufMQgqGMisPIel4vv1qg36PvjaixZL9lm87mExu%2BW0wjOfi6FUk3xuByGuMfFO1%2FjxJFRlGjplQu0iKnzJN3CN%2FCMTiG0iS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c0115d947187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ER4gWhYyAzBgKi9XIl0oO1I7cBgaVDpzFjsjMHApLyBJWi8SFS9iIRpAEkUjFxZFdQAbBxBbAA8fPwEqFQ
habrasysteleii.xyz/THlmeDYtGwUVCS1EBF5DPhVbXQQKXFQ+Un8WH04OOxETTQc+FxJWVSAWExxQPhYIDBgiHBJdBAoaBC94Ni8NKXkIO1YPUzQSLT4EOEAxPmwAIC4+eg8oJ019JEgDNXQjFCI5RSk+DDFjBjw3D30JCj47YgZMPi1jKjcfF30UFTMCfStMAy... Frame 8D7E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/THlmeDYtGwUVCS1EBF5DPhVbXQQKXFQ+Un8WH04OOxETTQc+FxJWVSAWExxQPhYIDBgiHBJdBAoaBC94Ni8NKXkIO1YPUzQSLT4EOEAxPmwAIC4+eg8oJ019JEgDNXQjFCI5RSk+DDFjBjw3D30JCj47YgZMPi1jKjcfF30UFTMCfStMAylYDRUlKXADIAsxbAkBEUFTHh4oPkwBECQ5Bhs0CzFvDRJST300Gi0wTCMVNT5zfSBUCFIeEiAVVA4WLTBiBQshEHQbIy4pcgpIPBNSCgEyIGEWET4RcBsjLilXDxFXH1UJETc1bgJLPipCCiALSX8ZLEs1BQI7VihwJTwOPEErGC8VcCozMyJaL0koKWQUN1QgYz8gNhJ3DT1XIl0OSQ4qZzYWEjpRFi48MGcHOw45DwdJND9nGyAIOmQJGikBcAUsMi5YKD8wNmd/ER4gWhYyAzBgKi9XIl0oO1I7cBgaVDpzFjsjMHApLyBJWi8SFS9iIRpAEkUjFxZFdQAbBxBbAA8fPwEqFQ
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
cff1d765a51cd2e71e2618198ed12f4c6df6d531eadcc150373e220b4781a044

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1237
content-type
text/html
date
Fri, 30 Dec 2022 16:03:12 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
x-amz-cf-id
hm2aV7Yi7JBI5bQ7HuD0Xy5Vpd3tCxCex3xmgb7BI18L4ezkrIiYNQ==
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
dm9Xa05ZUDQYcxMnESYqMSkVOAYOLQEAOjIJEg8cJToZXxwwKnEfJxJSbl57R1xmTT4fC2paaAUbNh87BVJmTScYCThWaABSZkV9QkFkWmBESSJWf1AbJwopS15xGzoCA2paeEFdY1p4R1ZlU35D
oorwithabitofst.info/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oorwithabitofst.info/dm9Xa05ZUDQYcxMnESYqMSkVOAYOLQEAOjIJEg8cJToZXxwwKnEfJxJSbl57R1xmTT4fC2paaAUbNh87BVJmTScYCThWaABSZkV9QkFkWmBESSJWf1AbJwopS15xGzoCA2paeEFdY1p4R1ZlU35D
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPkwOEW3TWzPf2V%2Fj%2BQJ76a%2BdBMMDTOScGF286ruBOA8%2BP9PizPUAm8nI5ZnHg2jbXz7maeyAdUhY8k1BSOnBpfgJJ6WwJkgSQajF4h4ecfexmcqFslbC%2F%2BanG5fkAOa0l1M%2BR8yvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
781c01162cd22986-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S1410247492%3A1672416193034564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S1410247492%3A1672416193034564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh52b0d-HEscWpAGf7Y-rSJPbujZOPNOjb0S-X8zoK0Sn8_bF_XdE7HztKywBK2cGW_0peXl
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Server
2607:f8b0:4006:80c::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Fri, 30 Dec 2022 16:03:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-8lYvW5m63nsEZqNMr3NvrA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
391
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S1410247492%3A1672416193034564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh52b0d-HEscWpAGf7Y-rSJPbujZOPNOjb0S-X8zoK0Sn8_bF_XdE7HztKywBK2cGW_0peXl
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S1074134295%3A1672416193041297&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S1074134295%3A1672416193041297&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7FOzWgtxDbX9rSKasqRSv9daXF_uSA5va9b6jWoa5Bjt2XbGMN1Az5l0jyyQJmHhQrf6wU
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Server
2607:f8b0:4006:80c::200d Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Fri, 30 Dec 2022 16:03:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-xEjJXlZyV_ovDPeQjD9Lqw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
396
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S1074134295%3A1672416193041297&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7FOzWgtxDbX9rSKasqRSv9daXF_uSA5va9b6jWoa5Bjt2XbGMN1Az5l0jyyQJmHhQrf6wU
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
Y2x3R3FMUxQ0TDcpHxEVDgBCIkNSKC90SFo1HAEVBjRCICMlB1EzGAdRTnJEVFhPYQEKCEp2VxAYFjMEEFFGYRgNChh6VxVRRmlCV0JEdl9RSgJ6QEUYByYWXl1RNwUXAEp2R1ReQ3ZHUlVFf0VU
oorwithabitofst.info/ 		0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oorwithabitofst.info/Y2x3R3FMUxQ0TDcpHxEVDgBCIkNSKC90SFo1HAEVBjRCICMlB1EzGAdRTnJEVFhPYQEKCEp2VxAYFjMEEFFGYRgNChh6VxVRRmlCV0JEdl9RSgJ6QEUYByYWXl1RNwUXAEp2R1ReQ3ZHUlVFf0VU
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgwdS18p9HGcQr050hx6RfMq1APzKMDJdgJWBXhAh9dKopgCm4fIHBq6v8DLlURnQ9HHs8VlaKbj99QzsyVgUaAo3cmqTTrxERW9wziqZRrpHn4%2FLB2gDxR8J0BFcETAiA%2BLZhZ30g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
781c01162cd32986-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
a2xtWFREUw4raTwkJykCWxQYCjheBAs1ICo5AAJxWS40DRoODgNgch8FCWVtXllVbmFNHAQ8aVhZSysgChgYK2laSgQ2MgRRSy5pW0JfdmZdQll+IVZdSywkCgtQaXIbGBk0aVpaWmpgWlpcYWZTW1s
oorwithabitofst.info/ 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oorwithabitofst.info/a2xtWFREUw4raTwkJykCWxQYCjheBAs1ICo5AAJxWS40DRoODgNgch8FCWVtXllVbmFNHAQ8aVhZSysgChgYK2laSgQ2MgRRSy5pW0JfdmZdQll+IVZdSywkCgtQaXIbGBk0aVpaWmpgWlpcYWZTW1s
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAHRlEKQPaL86ZvLFo%2F0vDu5pzq3Ccwido7Cte9vYpItuqKMncoMAJLVH7ncEkCXOPG6km7s4xRHsBTIpkfyAAMSrfxpqZaYn49gREpnyT8FsN2DfpFNw0AW8QD7VfubFHmBhek3ug%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
781c01162cd52986-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVL0WoKuRNIijuiyHOs0fgdTGRtnNKo3Cpq9txFeSLXxaxmRdtoZWUScpa5zckH1kXRdmP%2BKCiBu5BqqPbRWJQKf2l1QeUy1D2QjlVA79r3Mv3SlpCxVUgkHeHOZezkM"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c0115d94a187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786926115f6bce28cef753a4574335eb655794877dd4771584cdb2ff6c1ed22e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8nYvpZso3xAv8HWqTNCWVZmSA71Y6jSdT0lWsdhvKDl8dr3i%2Fc0xnI%2Fybff4J0f%2BmYJRP3Bb%2BCWw8Ik6H%2FPIZ4eQhyJOzji8YP3sxErqJxH9hNoW7ExRnx7w6WrlDmN"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c0115c942187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
habrasysteleii.xyz/ 		0
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/utx?cb=9MM4fQlhihTK&top=robloxscripts.net&tid=955131
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:12 GMT
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://robloxscripts.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
P-XaHPdMsW0uKCVODwDFGGAMzp2mFVLwERg83N7wjL_TUT4AkJzbvQ==
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDXUS3QcOcCEAvQeQ8DeYh8SAHRtJw%2FB7yD%2FwnD8RJ3Bi7prWd9rB7ErV6hykVD%2F0OfPoKvdCvmawRCXe9ST6w%2F2BuoIACYtpBoKHZfViCCs9fmiYPMYYd57jCoj2Hcs"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c01160992187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09636f7a42d51a9812fc3586447baa1d72cdf24777d1538d8cb3488a2b74fe52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5Br5usvEYgdtg8e6juYm%2FhSL8WkLralWUPu%2Fa%2BHBbRNt5leCJAyeH26d7qb1uqkZ1r072k83OSD77k22K%2Bbo6bXJDGrwCs3J6fM0DKe8L%2FBmTEePG%2F5b8KvahnduB%2B4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c01160997187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
habrasysteleii.xyz/ 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://habrasysteleii.xyz/utx?cb=8vRc4qQ3j4Cj&top=robloxscripts.net&tid=955748
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-97.iad79.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:12 GMT
via
1.1 b811db48800bf619dbaff61a71022f7e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
IAD79-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://robloxscripts.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
8YgqSn8K8vHotuhte4GyIutxyOan_mxwx8dDVxd2rq24SnoBLkqF3Q==
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 30 Dec 2022 13:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://robloxscripts.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZBTog%2FE%2F%2B%2BJxUgdrb5q1WeuKjgTW7yQYuVAUievY1z1S3j3QSe897Upkf2Tlynuy2rYq1AIFBtHxUPKEdowC%2FeY3BEvaXQ0bQPEIt5YNDJ7mOmAgMk1oHJ6yrAvmTse"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
781c01160999187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3oy68whu51rnt.cloudfront.net
URL: https://d3oy68whu51rnt.cloudfront.net/?hwyod=955131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ecc62903a19095788500e51483dd05a97a395e2c0f9d76e65bdf0a7298abad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJIidbur5SRyn1lhQ69h0a7BN6fdqOaSlbgY%2BfdIHkl2Ac1Jjx0KdAqOhV6gAAJ6qnmxoW8fa6TY%2FCYN1jeirb97j2cf2XiI%2BE4%2BGOMq7kcQkumLDfo7%2BajEKDlaESps"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://robloxscripts.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
781c0116099a187b-ATL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
6MHI4SURTHVYve0QbXHR9BUcJenUWGEsmKkBPez0NaThhf3N6BFA5F2YGaW8wShYFeWJcE1YueRYXVip5AVRZLSYNRh49NF8ZBT8tQx5fOCtcF1lvMVFPVSY+WR5UKGECNA1ndBVACGEzWRxcJjNDVwp5KkRXCnl1AFwIbHdyVwp5M1kcDn1hAzAde3RIRA-xgYQJ...
d3oy68whu51rnt.cloudfront.net/ Frame 1FB5 		844 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oy68whu51rnt.cloudfront.net/6MHI4SURTHVYve0QbXHR9BUcJenUWGEsmKkBPez0NaThhf3N6BFA5F2YGaW8wShYFeWJcE1YueRYXVip5AVRZLSYNRh49NF8ZBT8tQx5fOCtcF1lvMVFPVSY+WR5UKGECNA1ndBVACGEzWRxcJjNDVwp5KkRXCnl1AFwIbHdyVwp5M1kcDn1hAzAde3RIRA-xgYQJCWTk0XBdPLCZbG0xsdnZHC35qA0Qde3QYGVA9KVxXCgphAkJUIC9VVwp5I1URUyZtFUAIKixCHVUsYQI0CXl8HkIWfHcFSxZ4dgRXCnk3URRZOy0VQH58dwdcC39iRU8J
Requested by
Host: habrasysteleii.xyz
URL: https://habrasysteleii.xyz/bkxsczEPLg8eDg9xDlVEHCBRVgMoaV41VV0jFUUJGSQZRgAcIhhdUgIjGRdXHCMCBx8AKRhWAyh6ITt4Wh85IWUmGjUFVF4dDit5PHUuJlIkKQImZikJHx56BQ48FkteAg0nWQYqXz0HLAotRndcFSsSZlY7PxtoKCk7OVIrfTUGVDwVNCVYHnktJWM0AD8qfzwkWEp/KHQ2MWVWOD0LBAgDLwdSKH0ABXw4CjwlYjdpXjFmPHk5OHYrDyIyAAAoLiVwLQspCWY8NA85WyAIOgRBWwcHIWktIgBCcCg7JRF5CjU6BEFbAV0YUioiXRtwFA0IFgI8BT4yHBYrNSJ7LRs4GAE2DggjfS0WDjQBFj8IHWsmD19GQC98PRdUXR01NGcvdSclSTYPCwNZLycmJngtdTolRh55JUJkPBkVKUUoGS06egc0LztnOz81InheDzQfCSYnJSRXJi8qIEk0eAgUYzYPAhgCOx4+KX4XfDoieVt0CARVDQ9fSlg8GVQ5FwQ/Ax1BUw8YOmgkFVpEexgkHCBnGh0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:5c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
df7f72739ce645a64d2c0beadd3eee78a94c4e7073164dd5975d0cfcdf167b94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://habrasysteleii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
content-encoding
gzip
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
596
x-amz-cf-id
791J1GEEO33-JXZTWZlJ7mk1BsZh9NvDBR4xjA2ysEc1f9pS1jDr9A==
BVFNVn0
d3oy68whu51rnt.cloudfront.net/sTDN3OGsvXBleVDhaEwVSeQZADFNqWQRXBTwOIwwnBFwDSxwhFQNCD3EDUVQKIlRKHg4iUEoJTS1XFQVfakcHVwBxRR5LBytCGFQOLRUCWVYhXA1RByBSUgoteR1HHVl8GwBRBShcAEtOfgMZTE5+A0YIRXwWRHpOfgMAUQ... Frame 7D91 		881 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oy68whu51rnt.cloudfront.net/sTDN3OGsvXBleVDhaEwVSeQZADFNqWQRXBTwOIwwnBFwDSxwhFQNCD3EDUVQKIlRKHg4iUEoJTS1XFQVfakcHVwBxRR5LBytCGFQOLRUCWVYhXA1RByBSUgoteR1HHVl8GwBRBShcAEtOfgMZTE5+A0YIRXwWRHpOfgMAUQV6B1ILKWkBR0BdeBpSClstQw-dUDjtWFVMCOBZFfl5/BFkLXWkBRxAAJEcaVE5+cFIKWyBaHF1OfgMQXQgnXF4dWXxQH0oEIVZSCi19A08WW2IGRA1SYgJFDE5+AwRZDS1BHh1ZCgZED0V/BVFNVn0
Requested by
Host: habrasysteleii.xyz
URL: https://habrasysteleii.xyz/Q0hlS0ciKgYmeCJ1B20yMSRYbnUFbVcNI3AnHH1/NCAQfnYxJhFlJC8nEC8hMScLP2ktLRFudQU7MQ8JcAciODEbCgkuEQcgBA4wFRsAGh0CDCMFNhQZNxMFFz8qAjA0JicNMAcbHTwvBRkrCANwDSEeERIDLCcVCAACfy4WDQoBExB5PQ0WFS4EICQLHhIJPxEaUAcFOjwmDAESBykZEgAfMxIvGwlUGQU6CjYeICw8ABl2CwAzJ38EPycZBRAgBgoCNwcDLAoZHCB+YnEKJHseCho9PBARABUEISQFJB4WFX4neg4PAzIgBRF4Jy8iATg2CCswPDQ8aicdISEzFA4zBgQMCj8NIS99QHkBAQ4OBx8UIycZPwIJLw4kIh4gfmJxCgYNDggfHAkmCw5UBCEkBTQTFiQmPQ1zJx89MxYLeAoODhUSNggucnEke38UH1cCABEJVBgeJAIjDwJ2bVcJBjQaPw8UcgotI3YZCwIRAgd4M251BQozDQkVJlVtLTAnCzt6F3wpAyg3OxIm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:5c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
553390fb9b25ca51ff5844a546e1d1691c2477031cdb9ce998f73483ad5d3b9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://habrasysteleii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
content-encoding
gzip
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
603
x-amz-cf-id
ji3iorqaFCqMdtw7sm6s5qYbsWSV6LFK0D67-GEyIY0qWMqEt8KddQ==
cbWNzVkQODB0wexkKF2t9WFZLYHFLCQA5Kh1eMBomDAseGjIUJEQwKEsXCTJ5XUUfNyoKXlUzKg5eQnAlCQFOYmIZExw9eRgNFzMiBA0WMmIYAk47KxcKHzolSFE1Y2pdRkFmbBoKHTIrGhBWZHQDF1ZkdFxTXWZhXiFWZHQaCh1gcEhQMXN2XRtFYm1IUU-M3NB0...
d3oy68whu51rnt.cloudfront.net/ Frame 8D7E 		737 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3oy68whu51rnt.cloudfront.net/cbWNzVkQODB0wexkKF2t9WFZLYHFLCQA5Kh1eMBomDAseGjIUJEQwKEsXCTJ5XUUfNyoKXlUzKg5eQnAlCQFOYmIZExw9eRgNFzMiBA0WMmIYAk47KxcKHzolSFE1Y2pdRkFmbBoKHTIrGhBWZHQDF1ZkdFxTXWZhXiFWZHQaCh1gcEhQMXN2XRtFYm1IUU-M3NB0PFiEhDwgaImFfJUZlc0NQRXN2XUsYPjAAD1ZkB0hRQzotBgZWZHQKBhA9K0RGQWYnBREcOyFIUTVndFVNQ3hxXlZKeHVfV1ZkdB4CFTc2BEZBEHFeVF1lcksWTmc
Requested by
Host: habrasysteleii.xyz
URL: https://habrasysteleii.xyz/THlmeDYtGwUVCS1EBF5DPhVbXQQKXFQ+Un8WH04OOxETTQc+FxJWVSAWExxQPhYIDBgiHBJdBAoaBC94Ni8NKXkIO1YPUzQSLT4EOEAxPmwAIC4+eg8oJ019JEgDNXQjFCI5RSk+DDFjBjw3D30JCj47YgZMPi1jKjcfF30UFTMCfStMAylYDRUlKXADIAsxbAkBEUFTHh4oPkwBECQ5Bhs0CzFvDRJST300Gi0wTCMVNT5zfSBUCFIeEiAVVA4WLTBiBQshEHQbIy4pcgpIPBNSCgEyIGEWET4RcBsjLilXDxFXH1UJETc1bgJLPipCCiALSX8ZLEs1BQI7VihwJTwOPEErGC8VcCozMyJaL0koKWQUN1QgYz8gNhJ3DT1XIl0OSQ4qZzYWEjpRFi48MGcHOw45DwdJND9nGyAIOmQJGikBcAUsMi5YKD8wNmd/ER4gWhYyAzBgKi9XIl0oO1I7cBgaVDpzFjsjMHApLyBJWi8SFS9iIRpAEkUjFxZFdQAbBxBbAA8fPwEqFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:5c00:3:62b:d240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1518b3ecb365e7d2aa5f0464de562ab51b0e3305891e31fa65776cd669be1915

Request headers

accept-language
en-US,en;q=0.9
Referer
https://habrasysteleii.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
content-encoding
gzip
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
460
x-amz-cf-id
EZ0V-M6lGDbpBaQ8ZnGXoV6gxEa_f4h4WnJgemZMov4W8Xtu23pUzw==
cookie.js
partner.googleadservices.com/gampad/ 		401 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=robloxscripts.net&callback=_gfp_s_&client=ca-pub-2249257918045069&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
185bb37a3a2b732df2a5ca2c0bbd8b0a800e36757b4d709189212f90b4fbcb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 970E 		155 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&adk=1812271804&adf=3025194257&lmt=1672416138&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Frobloxscripts.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192723&bpp=14&bdt=398&idt=364&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5825448713691&frm=20&pv=2&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b87dd5a27c73d0e71e69ab597e17c2a12d4fce8cc0f37e622d0391709e2b86f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44591
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 16:03:14 GMT
expires
Fri, 30 Dec 2022 16:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2127 		97 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
389bc52254966bc0141d7660cac023a9ccb849bb544f9bcb4019cf278dfe74c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33689
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 16:03:14 GMT
expires
Fri, 30 Dec 2022 16:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
popunder.gif
oorwithabitofst.info/ 		35 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oorwithabitofst.info/popunder.gif
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.26.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Dec 2022 16:03:13 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 10:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21413
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcCC3HbzaFVoecctLxEKz5cKpNGucbYSt47OPfa15Epors2X30ol5HZoaOkB5Gy8t15tfEtGkenI52qjvXZKDMCOHiV5twdH%2FkckDQWNbb3F74Wc2aTZqQQscka8E%2FyDPqXoHlzgKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
781c011a1e7c223e-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame 2127 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 14:10:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 16:03:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2127 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
74300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 19:24:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2127 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Czxl6wQuvY6-PO_SHrr4Popq7qAfps-3tbbDV7vO6EKOqqoeYDhABIP7mpWtgybajiPCj7BKgAeCB8PgoyAEJqQJLj_gnqeCxPqgDAcgDywSqBNIBT9DZAI_Lz89Q4iVY-9nY2EixTDAaHrRj8kspEgcLhVEBMzN_dSWnn3-Pj11kcbclrb9C86Bz9WJ_Zy2GG0WYO_Fp7Ex2ekCnwRQ2R4UyEVDeVACwLI-6uLDD9QlW_IFhNlsXTbUtr59bdoaZ6OWsiNxhw7SZsoePjmwbr5kr16HS-jGC917F5GOHgCxgybarbpgepWDxi9iS1qJJ-hTBkH9AfoS0QXqoMDpQPLf4NarGrkTxdBfu5K5-NEgq_NRvghJFs_Suq-4S02vSZ47WUyX5wATImtvWqASSBQQIBBgBkgUECAUYBKAGLoAH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDgzgzSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjI0OTI1NzkxODA0NTA2ORgA&sigh=FHrTMgdbkNg&uach_m=[UACH]&cid=CAQSGwDq26N9vRCXx7jdRAoRDuPhqY4q__TWXEQVfxgBIBM&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 30 Dec 2022 16:03:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 30 Dec 2022 16:03:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2127 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
66141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 21:40:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2127 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
66141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 21:40:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2127 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
74300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 19:24:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2127 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 16:03:14 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 2127 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:03:36 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16466493746143053049/ Frame 2127 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16466493746143053049/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 00:39:18 GMT
x-content-type-options
nosniff
age
228236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19966
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 09:33:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Dec 2023 00:39:18 GMT
truncated
/ Frame 2127 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2127 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd6ee907bb3bb0fc7edd99f87c079a5139c60891770dd89ce7b8c5cd9a42f242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52333
x-xss-protection
0
server
cafe
etag
8812082106385710839
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 16:03:14 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=robloxscripts.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BB8 		436 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2681833890&adf=2981778012&pi=t.aa~a.2191923801~rp.2&w=1170&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1170x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416194447&bpp=2&bdt=2122&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D62a95f503359bf00-222abcfa06da0032%3AT%3D1672416193%3ART%3D1672416193%3AS%3DALNI_MZJmJgLnVw_7YbOnxVmS_DYlxxu0g&gpic=UID%3D000008eaaa8197f2%3AT%3D1672416193%3ART%3D1672416193%3AS%3DALNI_MY03kXNVcHHMNlYJLdo0pGQq8A4Kg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Nk0ruqN23J&p=https%3A//robloxscripts.net&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae53168ca3d163a941658d7d2a5a04748a6a860909f92ac0a9e0b58b7907edf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 16:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 5121 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
82809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 17:03:05 GMT
etag
10353107486223812946
expires
Thu, 12 Jan 2023 17:03:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2127 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bb1f53d1727838b263197a06cdc7fa562807eabe3ce2277985dd1097414da4a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame 5121 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 15:51:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 16:03:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5121 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:22:28 GMT
x-content-type-options
nosniff
age
495646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 24 Dec 2023 22:22:28 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5121 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:51:56 GMT
x-content-type-options
nosniff
age
65478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 29 Dec 2023 21:51:56 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 5121 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 17:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
82808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 17:03:06 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2127 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 20:34:36 GMT
x-content-type-options
nosniff
age
156518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 20:34:36 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame D2DD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:48:02 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 2127 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2249257918045069&output=html&h=280&adk=2904063243&adf=849483003&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672416138&rafmt=1&to=qs&pwprc=2896044421&format=1200x280&url=https%3A%2F%2Frobloxscripts.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672416192737&bpp=4&bdt=412&idt=436&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5825448713691&frm=20&pv=1&ga_vid=2079489605.1672416193&ga_sid=1672416193&ga_hid=94047057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44779793%2C44780792&oid=2&pvsid=357883479654443&tmod=506413821&uas=0&nvt=1&ref=https%3A%2F%2Frobloxexploits.net%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ih3PUaeZ7W&p=https%3A//robloxscripts.net&dtd=497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2185
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23658
x-xss-protection
0
server
cafe
etag
18247885564830507581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 16:26:49 GMT
css
fonts.googleapis.com/ Frame 4A6F 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 14:52:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Dec 2022 16:03:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A6F 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
74300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 19:24:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4A6F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
66141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 21:40:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A6F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
66141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 21:40:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4A6F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
74300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 19:24:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A6F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 16:03:14 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 4A6F 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:03:36 GMT
csi
csi.gstatic.com/ Frame 2127 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lcapf6wa&e=21060101&ctx=2&gqid=wQuvY6XCOubdxtYPxOC20AU&qqid=CO_zoenbofwCFfSDywEdIs0OdQ&met.4=fb.ue~lb.zk~ol.156~bdt.-pc~bpp.-ds~idt.-1s~dtd.-3~dt.-dw&met.3=733.12p~742.12o_1~748.13e~555.13n~739.13o~556.13o_2~738.14s_1~749.14t_e~736.158~735.15h_2~113.1cm_6~112.1ck_8&met.1=1.lcapf5jp~6.gw~7.gw~8.gw~9.gw~10.j6~11.gw~12.j7~13.tg~14.ud~15.tk~16.13o~17.13o~18.13r~19.13t~20.13t~21.157~22.wr~23.wr&met.7=CAUQCBgBKN8EMMUIOMoLUOAEWLIFYOAEaLIFcKQIeMWJAoABmYcCiAHKiwawAQG4AQM~CBIQBxgBILUIKLUIMNMJOJ4BQLUISLYIULYIWJYJYN8IaJcJcM8JeI8JgAHjBogB80KqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIN4IKN4IMJkKOLoBaLoJcJcKeI4IgAHiBYgBkQywAQG4AQM~CCEQBBgBIOEIKOEIMK4JOE1o4ghwrAl4rAKwAQG4AQM~CAkQChgBIOIIKOIIMO8JOI0BUOIIWLkJYIcJaLoJcOoJeI9MgAHjSYgBsbsBsAEBuAED~CB4QChgBIOQIKOQIMOkJOIYBaLoJcOgJeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIOQIKOQIMOgJOIQBaLoJcOIJeOQ8gAG4OogBrY0BsAEBuAED~CCoQChgBIOQIKOQIMOQKOIAC~CBsQChgBIOQIKOQIMP4JOJoB~CBcQAhgBIOsIKOsIMJcKOK0BaLoJcO8JeKqeAYAB_psBiAH-mwGwAQG4AQM~CCgQChgBINMLKNMLMIoNOLcBQNgLSNoLUNoLWLMMYIMMaLYMcOAMeJa7AYAB6rgBiAH79gOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: robloxscripts.net
URL: https://robloxscripts.net/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/uploads/yhumkpbql.js?m=1667520834
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ab52d7f2443c93bfda6443065c5537fab4cc43fae2dd1d58ddbc233e580f170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49608
x-xss-protection
0
server
cafe
etag
8818020924129131203
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 16:03:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa25eeb6c4e312ce8667c1ad26cceb1b781e59cc0d66da27e35487eb68efac4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11143
x-xss-protection
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 3F9C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: robloxexploits.net
URL: https://robloxexploits.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:48:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 16:03:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F3D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
9612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 13:23:03 GMT
expires
Sat, 30 Dec 2023 13:23:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F66B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcef365c37125304cc0331726d49452fc8ec11c4a3acff2bde266b27bb6b6c32
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ka6jWrY1bTOycQu0upGVLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://robloxscripts.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ka6jWrY1bTOycQu0upGVLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 16:03:15 GMT
expires
Fri, 30 Dec 2022 16:03:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 3F3D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:48:02 GMT
generate_204
tpc.googlesyndication.com/ Frame 3F3D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S2MSfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 16:03:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2127 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5DLAXhUF1c9JECXrq0t_EHjieMKg57v0EMDdawfypq92CTRXrAX4nL671pLGwopWPOebPAhbuPEA78dnBZRTerNo4wvxZpHffamK-ryXVevD7Dc0tnxqODzOlSGIk-H0S7-Y&sai=AMfl-YTR5lEdvEFMx6E1E0R4-nrvxeck9WPKwld6YuJnJVWC_mdU3xL7WKAbYZ5MOHBfrpzDEF-3bi5fh9iNcUI&sig=Cg0ArKJSzH79cebWQOhkEAE&cid=CAQSGwDq26N9vRCXx7jdRAoRDuPhqY4q__TWXEQVfxgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2904063243&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672416193237&rpt=1469&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 16:03:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F66B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=357883479654443&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=357883479654443&bg=!j4yljMjNAAYgquz3AKo7ACkAdvg8WiXYdoSNOEtZDi9oJRIgov-CkNAMnh7Ka7IF_g-sY3CjQjYYZQIAAACFUgAAAAVoAQeZAspJBi2sLSyebvDlt54r3NPnVxNzgOfZKhWu0gxBF-BelxaUOOE0vWEIO7h8CZlAK3id_9knLaQe-44jARTJcJIjGcu--0_dyLAXKX2Xmn81I-neIOPQMXMKqaru265kJuCGiVp8dU-9TrB4jEWIZBSbMKZh_rrpMEG-ewV9Btpv85Bh5sV7vIPPNTiztTiJIkPLCLprn1AQK2YbnQRe2DcunMiulR-eIY_yOl9UbzHkmA5b2MOq6ChFm6bQBhLz-_bt69-8vVZklwAr1vwYNcGTEGSdT2CoTXp5AfSKJvQNUEAN_CglHJnA_72YtkhRBxz_SUsRXHCvQhIpMUDh2ZLIvQukAcS_tsKh0FIxVoA2rfXeqzksBxLcl3n-9jqPsk_DP-g5NId4cnM1xOA9atH43RYyvUzSq-WjHIgkCNnq8iWyPVf5akJwMs5DB2j15i3Srn7FL7MPYBeLufXeK13GtcAQASA8VNdWoXgFDv2xHuoV0LKAg6oO6OMKNr0LR0TtO6zrr8hdNclJYLmqadhFXVIEhDsgXSHepbxj4_H9yxW9uHN9fRxW5vk0v_NNCdnD1eDmGNrNUSY4ZtEG2Ab1lNIn4019-9AxAJyZ_ithRyKOzc9x2L_6yOKHGFvta_kob-H4tnkFvh5tSv7N_b7qJyxS4xkPwOvkvaKxEDAwCBfmecCgwGPM19shnKD9xzs-XOcuoDw4yRXr166B4tUrnl2AMh5KJedbYpuXQUd7qMCKEDXiSylPXCf2UVP-WJaOgVGCQ2PtISXVWJk0pkq_9mfMelNWZBFHWTBoOSId1Lh8Yzb3VrM6GxhvE0F3NynpYNK-390z2rvoV3OcT6_o0iZ8mgXSBJmv_mVUFas0LMnKd4xuQP5k4H0v5hWs-YzCHUBIlc06cB9Vq17RGFaOSn92Cze1FtzSJWyzwcP8-761cfP-t_lBAYY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
boom.gif
pixel.wp.com/ 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.337&largest_contentful_paint=795&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=9600&host_name=robloxscripts.net&url_path=%2F&nt_fetchStart=1&nt_domainLookupStart=2&nt_domainLookupEnd=15&nt_connectStart=15&nt_connectEnd=72&nt_secureConnectionStart=38&nt_requestStart=72&nt_responseStart=156&nt_responseEnd=180&nt_domLoading=160&nt_domInteractive=488&nt_domContentLoadedEventStart=493&nt_domContentLoadedEventEnd=495&nt_domComplete=2967&nt_loadEventStart=2967&nt_loadEventEnd=2971&nt_redirectCount=0&nt_api_level=2&start_render=364&first_contentful_paint=364&resource_size=692251&resource_transferred=161502&js_size=234759&js_transferred=73074&resource_cache_percent=0&js_cache_percent=0&last_resource_end=4102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://robloxscripts.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Dec 2022 16:03:18 GMT
cache-control
no-cache
server
nginx

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| videopressAjax undefined| $ function| jQuery object| yhumkpbql object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| nine_blog_l10n object| jetpackLazyImagesL10n object| Wtpsw object| Wppsac function| wtpsw_trending_slider_init function| wtpsw_trending_carousel_init string| wprpsp_next_arrow string| wprpsp_prev_arrow function| wppsac_post_slider_init function| wppsac_post_carousel_slider_init object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint number| LAST_CORRECT_EVENT_TIME object| utr_955131 number| userTrackingInterval number| _4162551733 object| utr_955748 number| _3389730148 number| _342620772 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| iinf object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.discordapp.com/ Name: __cf_bm
Value: wQzJztuUruMD6VtdCiR_tPYDChLnm0kFC.UhPagvhRw-1672416192-0-AacgatboBv9MUrjKk7q4y7f+Il6qxUyhlA96xILxhDorhwzrZqTsju9Xv8WpUSUo8UY0eQuG/jHiVgWmX8p7o7Y=
pogothere.xyz/ Name: csu
Value: 1889350532534927@1@1672416192
.robloxscripts.net/ Name: __gads
Value: ID=62a95f503359bf00-222abcfa06da0032:T=1672416193:RT=1672416193:S=ALNI_MZJmJgLnVw_7YbOnxVmS_DYlxxu0g
.robloxscripts.net/ Name: __gpi
Value: UID=000008eaaa8197f2:T=1672416193:RT=1672416193:S=ALNI_MY03kXNVcHHMNlYJLdo0pGQq8A4Kg
.doubleclick.net/ Name: IDE
Value: AHWqTUlkIDQot6aEfdG6IG2RUoqgfbghyVh3f5JPf1fv4b3fRRbDewgCfD9Sds9lsAA

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S1074134295%3A1672416193041297&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7FOzWgtxDbX9rSKasqRSv9daXF_uSA5va9b6jWoa5Bjt2XbGMN1Az5l0jyyQJmHhQrf6wU
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S1410247492%3A1672416193034564&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh52b0d-HEscWpAGf7Y-rSJPbujZOPNOjb0S-X8zoK0Sn8_bF_XdE7HztKywBK2cGW_0peXl
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
cdn.discordapp.com
csi.gstatic.com
d3oy68whu51rnt.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
habrasysteleii.xyz
i0.wp.com
oorwithabitofst.info
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
pogothere.xyz
robloxexploits.net
robloxscripts.net
s0.wp.com
securepubads.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
use.fontawesome.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.21.26.122
162.159.133.233
172.64.173.27
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.230
2001:4860:4802:32::3
2600:9000:2512:5c00:3:62b:d240:21
2606:4700:3030::ac43:dd79
2606:4700:e2::ac40:840f
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::200d
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2a03:2880:f112:83:face:b00c:0:25de
99.86.229.97
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
064f3c2c06410669a1fdadee1259f8ed4e04573c2d81f160719fc17e32209950
09636f7a42d51a9812fc3586447baa1d72cdf24777d1538d8cb3488a2b74fe52
1085ad978b71ac2981272204d4503f4e0428fba0ff2b7cf1f22e63146a4cf2e1
12ecc62903a19095788500e51483dd05a97a395e2c0f9d76e65bdf0a7298abad
1518b3ecb365e7d2aa5f0464de562ab51b0e3305891e31fa65776cd669be1915
185bb37a3a2b732df2a5ca2c0bbd8b0a800e36757b4d709189212f90b4fbcb8d
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
21651e27240c0f8796e7dc7b97ee08fc69af748962761cd09d2732b7ee4f734d
2616becd1fa25433adee513644da53245e542892264edc46b611ebc3c9e2d9ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
389bc52254966bc0141d7660cac023a9ccb849bb544f9bcb4019cf278dfe74c9
3a41b135afd99e5d3f61350c14900a1b6b222fe032a2c2f5f85f43d59055abf8
3ee67b718c0994aaace65499bd978b1dc1b238a72dfe7029bd62abacb56cbac8
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
446f0ab61963ec60fa7a9806eb173e0575f2098f58d2d4fab14925c6375e3387
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
478626991aa680724855e73e9450fb6bd1a30d58ac73d446f3a32eff720f406b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
553390fb9b25ca51ff5844a546e1d1691c2477031cdb9ce998f73483ad5d3b9c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bb1f53d1727838b263197a06cdc7fa562807eabe3ce2277985dd1097414da4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efad2229cc4e905572d75e5b9ca02a0fb87988591fe908e13c884d036595df7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037
6ab52d7f2443c93bfda6443065c5537fab4cc43fae2dd1d58ddbc233e580f170
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
786926115f6bce28cef753a4574335eb655794877dd4771584cdb2ff6c1ed22e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c133445613fb0617112f277903c804edfed63a3af659bb16b47c00663408550
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8650062d222876f20382a71f9de6919c5f267a8f9d22ac64085339e5d08d655d
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8bdb5a7e195d9abfd5e1b61f9f67e8ba74630b53b37cdec314579f9970979451
8f644760a6718c0e6c4d924f6e3e5a4d44fc2d50dd17d568282fa1484d326f76
97c9bb382920c48a57f3931117f19947ef5a299e1026d09f6ef6fa42899af3bf
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e86fcb4099a0c85a91abfd59fc6d6751493e4258f5457c0b4cf87e9e12c4079
9ea0776c059ea6629b6d47e7287d433c1db9c502cbd619d91458f4a33481f91a
a18f3705f4e2cfc25a353ea1b271c77f8db4a8693789b0ce0f40129337911d7f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae53168ca3d163a941658d7d2a5a04748a6a860909f92ac0a9e0b58b7907edf8
b87dd5a27c73d0e71e69ab597e17c2a12d4fce8cc0f37e622d0391709e2b86f2
be12b9dc9740540ef6a982a4f94008127ea2968cef486c8418b0efa4bfea2d0a
c0a73f89bfd90c57f3681fd039d6300604e67cf0e64e115ebeb5bcbf641740d8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29ecf0785743c098ad70acb189aab485e610dc17618973c2255ae7d354607ad
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
c8e270f884a1080449fd94fff76b3fb4005a6eca394ed260ad8b686475a751e6
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccb286d97e2343d4e820dfb611d379c9ac6af7ba342cc124d4f754c247a952a6
cff1d765a51cd2e71e2618198ed12f4c6df6d531eadcc150373e220b4781a044
d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b
d09ac3ebddce0716b37c6a9d9a0552379dd40e004685f1118caa640c849078a9
d24aebfb015cd59b721c805df85a8990eb121a0bcb8609de2204ee9af7e61bc8
d674c3d0ce3c5793f632b35d9d8342813614408bc80722418037f3f3abc1fb84
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d99a9c83fa6c56f86880bd77fb4caab944187b0a9a3267ef87415cce8cbbc9ca
df7f72739ce645a64d2c0beadd3eee78a94c4e7073164dd5975d0cfcdf167b94
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f873bed6831788b5b92ef50cfc304ef7e420d08bcf8f2780d5a219f4daf75
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8598dc619b959e79bb8091fe1c9fa72b23668d2ab60728e76d92208ba5d2af7
e9885e4aea54f587ccabce165b42e0b3cd097030a72d4153b6eff6362d4f9bc4
e9caf1541963468b18e3d31eba3623556aa3430ff03bef40e045fe7f182b3425
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fa25eeb6c4e312ce8667c1ad26cceb1b781e59cc0d66da27e35487eb68efac4d
fcef365c37125304cc0331726d49452fc8ec11c4a3acff2bde266b27bb6b6c32
fd6ee907bb3bb0fc7edd99f87c079a5139c60891770dd89ce7b8c5cd9a42f242