Auto Rain Joiner & Promo Code Snipper for Rollbet.gg was reported 2025.02.02. for Malware
the script seems to be redirecting HTTP traffic to "https://free-cod-vital.ngrok-free.app/send", A free version of ngrok, most likely owned by the owner of this script, and not rollbet.gg.
The traffic shouldn't be redirected to this site, and these values shouldn't be base64.
For reference, the lines
17 = "/auth/roblox/cookie" when decoded
18 = "https://free-cod-vital.ngrok-free.app/send" when decoded
51 = if (requestUrl && requestUrl.includes(endpoint)) {" (which is checking if the endpoint is equal to the "auth/roblox/cookie")
56 = "fetch(serverUrl, {" sending the traffic to the ngrok server
in summary, this script is forwarding traffic to a ngrok site when the endpoint has the "/roblox/auth/cookie"
This script has had 1 previous upheld or fixed report.
xbn robloxBanned (the reported user) has made:
This report has been upheld by a moderator.