Report - roblox.com.py/generator/PROJECTZ/create

Report Overview

Visited public
2024-07-20 02:50:56
Tags
Submit Tags
URL
roblox.com.py/generator/PROJECTZ/create
Finishing URL
roblox.com.py/generator/PROJECTZ/create
IP / ASN
185.17.0.25
#216246 Aeza Group Ltd.
Title
Create

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-19 18:19:10	1.3 kB	2.8 kB	142.250.74.99
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-07-19 20:27:18	2.6 kB	44 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-19 20:46:47	543 B	10 kB	142.250.74.106
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-07-19 18:16:51	435 B	14 kB	104.18.40.68
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-19 18:12:05	2.6 kB	7.1 kB	23.33.119.57
roblox.com.py	unknown	unknown	2023-05-02 17:49:44	2024-05-02 19:53:50	8.2 kB	95 kB	185.17.0.25
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-07-19 18:24:35	407 B	20 kB	151.101.1.229
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-07-19 18:17:54	2.4 kB	213 kB	172.67.139.119
www.roblox.com	7148	2004-01-30	2012-05-24 21:56:53	2024-07-19 22:29:49	432 B	2.9 kB	128.116.44.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed
2024-07-20	medium	roblox.com.py	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	roblox.com.py/controlPage/new/assets/js/core.js	ScriptElement	3.5 kB	2023-05-17	2025-01-29
Pretty URL roblox.com.py/controlPage/new/assets/js/core.js IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:38 Last Seen2025-01-29 12:58 Times Seen40 Hash f3168d58d433acb53723bb8296525486 2c484233d660b1f3887b2bac95e8821f6660e7a9 9a3976044c3c905e82261c6d0e133e4b973b573c9aeb3d052a545a87ba2ccfd9 Loading...

	roblox.com.py/controlPage/apis/main.js	ScriptElement	13 kB	2024-07-06	2025-01-05
Pretty URL roblox.com.py/controlPage/apis/main.js IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-06 16:32 Last Seen2025-01-05 21:44 Times Seen12 Hash 35f393b02db79a36d9ef26ccb0f8b076 49e60fee27fed238c076ec57726b90c3a8bc53c4 1b41f8057a2f6c52e2407be4a2857b56756cdcf40ba80724a9e604b5d031cb46 Loading...

	kit.fontawesome.com/44623006da.js	ScriptElement	13 kB	2024-07-20	2024-10-04
Pretty URL kit.fontawesome.com/44623006da.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-20 04:50 Last Seen2024-10-04 11:08 Times Seen12 Hash 10d7da72f58ac3b07cb33563b0e367c7 81df131bbfe85153d214138fbc295314b202de76 e3b030605370c0dfb97ef79bb341b4b11d002ef4cfa55bf0fd2abc5c7d78f861 Loading...

	roblox.com.py/controlPage/new/assets/js/bootstrap.js	ScriptElement	78 kB	2023-03-25	2025-07-18
Pretty URL roblox.com.py/controlPage/new/assets/js/bootstrap.js IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:58 Last Seen2025-07-18 03:03 Times Seen51 Hash 414a2b4b72b7b317530f51f6fdac4c34 e2fa5d6ab23d390627f8687090ba8bcbc748f93d eb1cffdbba9987456be7210c9ac7a451a31630e4fe71446dfb4b47d459282172 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	ScriptElement	77 kB	2024-07-20	2025-07-18
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-20 03:08 Last Seen2025-07-18 11:12 Times Seen115 Hash e4afb1519d5684315e76545340595fd0 c18bb3e7be4831dcb337ce243a0b3722d11ee328 e449deca0f4a16c57dc31d22149bc1581905e12f7d233b8a7da2c2c571a41a3b Loading...

	roblox.com.py/controlPage/js/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-20
Pretty URL roblox.com.py/controlPage/js/jquery-3.3.1.min.js IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-20 18:39 Times Seen15951 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	roblox.com.py/controlPage/new/assets/js/snackbar.js	ScriptElement	6.4 kB	2023-05-17	2025-01-29
Pretty URL roblox.com.py/controlPage/new/assets/js/snackbar.js IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:38 Last Seen2025-01-29 12:58 Times Seen39 Hash 41fc42592282c1239886c8298181a6c3 105f693ede14b089a50d632d79a9ef42458567fc 7e2476bb742bf0beb3c18c5693232aaca66b3035d681c1a6afd18df816f7cea7 Loading...

	roblox.com.py/generator/PROJECTZ/create	ScriptElement	0 B	0001-01-01	2025-07-21
Pretty URL roblox.com.py/generator/PROJECTZ/create IP 185.17.0.25 ASN #216246 Aeza Group Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-21 06:11 Times Seen5474562 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (41)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
df89293c476ae09fa6ea5ee32b70224e
e684c88f3ffd36b50489c5391a3637218329e080
1a09f23c5518140b3792a6c0729e19f7cd9c728016840567f7068b7df5bccb81

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A09F23C5518140B3792A6C0729E19F7CD9C728016840567F7068B7DF5BCCB81"
Last-Modified: Thu, 18 Jul 2024 08:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3082
Expires: Sat, 20 Jul 2024 03:41:52 GMT
Date: Sat, 20 Jul 2024 02:50:30 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2c174cd9de141b9f3330d869df450834
251c8d7aa8126bfb9fa4c164ebb067b8929486f8
e79c4bb4566914535b10c91563e36d1768f5fc8e1933392cf130e2f4d776e296

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E79C4BB4566914535B10C91563E36D1768F5FC8E1933392CF130E2F4D776E296"
Last-Modified: Thu, 18 Jul 2024 08:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7884
Expires: Sat, 20 Jul 2024 05:01:54 GMT
Date: Sat, 20 Jul 2024 02:50:30 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9242083e8854242dd63e09c963159384
d334a9ec53be29ce2d3bbc333205b970b84d63fc
927ae834d942951b3ea3f7199aca87d589dee465706a095bcf7131de85d37e1c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "927AE834D942951B3EA3F7199ACA87D589DEE465706A095BCF7131DE85D37E1C"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2930
Expires: Sat, 20 Jul 2024 03:39:21 GMT
Date: Sat, 20 Jul 2024 02:50:31 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
42e531d59be85c09ecc215208470d19e
75ec72c8c8e1de19407837d46d2ad7119770cdb0
38125115e22a9a58bf2df205bb09ae6c6fef4948b9de15b2f15f37d19aedf6a9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "38125115E22A9A58BF2DF205BB09AE6C6FEF4948B9DE15B2F15F37D19AEDF6A9"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Sat, 20 Jul 2024 04:57:52 GMT
Date: Sat, 20 Jul 2024 02:50:31 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
673b88ea17e3885dd4c84dfb948f4061
1dc9646be285dd12dcf491e59d796d6e826eb244
93f7eee0318eab85c784fb9a1a0200eb85b7bf53861f7f4cddbd838100c5fed8

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "93F7EEE0318EAB85C784FB9A1A0200EB85B7BF53861F7F4CDDBD838100C5FED8"
Last-Modified: Thu, 18 Jul 2024 08:52:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18713
Expires: Sat, 20 Jul 2024 08:02:24 GMT
Date: Sat, 20 Jul 2024 02:50:31 GMT
Connection: keep-alive

GET roblox.com.py/generator/PROJECTZ/create

185.17.0.25

302 Found

0 B

URL User Request GET HTTP/1.1
roblox.com.py/generator/PROJECTZ/create
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /generator/PROJECTZ/create HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 20 Jul 2024 02:50:31 GMT
Content-Length: 0
Eggywall: 2.0
Location: /generator/PROJECTZ/create
Set-Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491; SameSite=Lax; path=/; Secure

GET roblox.com.py/generator/PROJECTZ/create

185.17.0.25

302 Found

1.2 kB

URL User Request GET HTTP/1.1
roblox.com.py/generator/PROJECTZ/create
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
HTML document, ASCII text
Size
1.2 kB (1232 bytes)
Hash
18e38bdcbba4fa9e323921ff103f9a2d
d1f1d6c2766ca66e55bf9e87db2123800a9a6def
7bc01406fe922f0dbbfd0546501364e0f4f908d424625b3150dcac233ace3050

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /generator/PROJECTZ/create HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 1232
Eggywall: 2.0
Vary: Accept-Encoding
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Cross-Origin-Opener-Policy: same-origin-allow-popups
Strict-Transport-Security: max-age=604800; includeSubdomains

GET cdn.jsdelivr.net/npm/sweetalert2@11

151.101.1.229

200 OK

20 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (53037)
Size
20 kB (19552 bytes)
Hash
e4afb1519d5684315e76545340595fd0
c18bb3e7be4831dcb337ce243a0b3722d11ee328
e449deca0f4a16c57dc31d22149bc1581905e12f7d233b8a7da2c2c571a41a3b

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.12.3
x-jsd-version-type: version
etag: W/"12d76-wYuz575IMdyzN84kOgs3ItEe4yg"
content-encoding: br
accept-ranges: bytes
date: Sat, 20 Jul 2024 02:50:32 GMT
age: 22574
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19552
X-Firefox-Spdy: h2

GET roblox.com.py/controlPage/new/assets/css/imports.css

185.17.0.25

200 OK

90 B

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/imports.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
ASCII text
Size
90 B (90 bytes)
Hash
5d1565216b310a6cebd31c5f660ca990
6b95a48ec757562661c052ded41a5db44c824330
f3d9d5afc4e4064e26815c1ea3b1432f8cab3755ef2a127736d05c2cd70830fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/imports.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:31 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 90
Eggywall: 2.0
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Etag: "87-61d59f27ce9d9-gzip"
Strict-Transport-Security: max-age=604800; includeSubdomains
X-Frame-Options: SAMEORIGIN
Cross-Origin-Opener-Policy: same-origin-allow-popups
Access-Control-Allow-Credentials: true
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Vary: Accept-Encoding
Accept-Ranges: bytes

GET roblox.com.py/controlPage/new/assets/css/snackbar.css

185.17.0.25

200 OK

596 B

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/snackbar.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
ASCII text
Size
596 B (596 bytes)
Hash
e1cfd6a93044cf0a98064439523c4d45
546b8c03b4662d761dbdd764c0b8e03c7717d411
4c106ad7735da272fe342b0a983a6b62d4189578cae27127041b6398e4c68d61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/snackbar.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 596
Eggywall: 2.0
Accept-Ranges: bytes
Vary: Accept-Encoding
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Access-Control-Allow-Credentials: true
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Cross-Origin-Opener-Policy: same-origin-allow-popups
Etag: "71c-61d59f27ce9d9-gzip"
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=604800; includeSubdomains

GET roblox.com.py/controlPage/new/assets/js/core.js

185.17.0.25

200 OK

1.1 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/js/core.js
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
JavaScript source, ASCII text
Size
1.1 kB (1073 bytes)
Hash
f3168d58d433acb53723bb8296525486
2c484233d660b1f3887b2bac95e8821f6660e7a9
9a3976044c3c905e82261c6d0e133e4b973b573c9aeb3d052a545a87ba2ccfd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/js/core.js HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 1073
Eggywall: 2.0
Accept-Ranges: bytes
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
X-Frame-Options: SAMEORIGIN
Cross-Origin-Opener-Policy: same-origin-allow-popups
Vary: Accept-Encoding
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Etag: "dad-61d59f27ce9d9-gzip"
Strict-Transport-Security: max-age=604800; includeSubdomains
Access-Control-Allow-Credentials: true

GET roblox.com.py/controlPage/new/assets/js/snackbar.js

185.17.0.25

200 OK

1.7 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/js/snackbar.js
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
JavaScript source, ASCII text
Size
1.7 kB (1699 bytes)
Hash
41fc42592282c1239886c8298181a6c3
105f693ede14b089a50d632d79a9ef42458567fc
7e2476bb742bf0beb3c18c5693232aaca66b3035d681c1a6afd18df816f7cea7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/js/snackbar.js HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 1699
Eggywall: 2.0
Etag: "192d-61d59f27ce9d9-gzip"
Accept-Ranges: bytes
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Vary: Accept-Encoding
Cross-Origin-Opener-Policy: same-origin-allow-popups
Strict-Transport-Security: max-age=604800; includeSubdomains
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
X-Frame-Options: SAMEORIGIN
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Access-Control-Allow-Credentials: true

GET roblox.com.py/controlPage/apis/main.js

185.17.0.25

200 OK

1.5 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/apis/main.js
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
JavaScript source, ASCII text
Size
1.5 kB (1524 bytes)
Hash
35f393b02db79a36d9ef26ccb0f8b076
49e60fee27fed238c076ec57726b90c3a8bc53c4
1b41f8057a2f6c52e2407be4a2857b56756cdcf40ba80724a9e604b5d031cb46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/apis/main.js HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 1524
Eggywall: 2.0
X-Frame-Options: SAMEORIGIN
Cross-Origin-Opener-Policy: same-origin-allow-popups
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Etag: "327e-61d59f27c8c19-gzip"
Strict-Transport-Security: max-age=604800; includeSubdomains
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Accept-Ranges: bytes

GET roblox.com.py/controlPage/new/assets/css/config.css

185.17.0.25

200 OK

98 B

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/config.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
ASCII text
Size
98 B (98 bytes)
Hash
58799cba614eb6bffe0dcce9f9dde1f3
c9a93fcebb59fe40bf90d3f038cac25eff80dd5f
389e01408765bf63c028118c3db5d0dc8dee916ee957b9aff3bb3f6423ca3d33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/config.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/controlPage/new/assets/css/imports.css
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 98
Eggywall: 2.0
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Strict-Transport-Security: max-age=604800; includeSubdomains
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Etag: "89-61d59f27ce9d9-gzip"
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Accept-Ranges: bytes
Cross-Origin-Opener-Policy: same-origin-allow-popups

GET roblox.com.py/controlPage/new/assets/js/bootstrap.js

185.17.0.25

200 OK

18 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/js/bootstrap.js
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (830)
Size
18 kB (17603 bytes)
Hash
414a2b4b72b7b317530f51f6fdac4c34
e2fa5d6ab23d390627f8687090ba8bcbc748f93d
eb1cffdbba9987456be7210c9ac7a451a31630e4fe71446dfb4b47d459282172

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/js/bootstrap.js HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 17603
Eggywall: 2.0
Accept-Ranges: bytes
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Etag: "13228-61d59f27cf979-gzip"
Vary: Accept-Encoding
Cross-Origin-Opener-Policy: same-origin-allow-popups
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=604800; includeSubdomains
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT

GET roblox.com.py/controlPage/js/jquery-3.3.1.min.js

185.17.0.25

200 OK

30 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/js/jquery-3.3.1.min.js
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30305 bytes)
Hash
4b57cf46dc8cb95c4cca54afc85e9540
05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/js/jquery-3.3.1.min.js HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 30305
Eggywall: 2.0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Cross-Origin-Opener-Policy: same-origin-allow-popups
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Etag: "1538e-61d59f27d66da-gzip"
Strict-Transport-Security: max-age=604800; includeSubdomains
Accept-Ranges: bytes
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}

GET roblox.com.py/controlPage/new/assets/css/global.css

185.17.0.25

200 OK

1.9 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/global.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
1.9 kB (1859 bytes)
Hash
a849dfae12ff089fc76079c1e9ad0283
f182921427c83fab9afcd87b969eb79bd075d841
b5c2bc80f4505cf5b1ea092097b58570e3110e20b235ab05700f19b8fe034b18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/global.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/controlPage/new/assets/css/imports.css
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 1859
Eggywall: 2.0
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Cross-Origin-Opener-Policy: same-origin-allow-popups
Accept-Ranges: bytes
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Vary: Accept-Encoding
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Strict-Transport-Security: max-age=604800; includeSubdomains
X-Frame-Options: SAMEORIGIN
Etag: "1fd3-61d59f27ce9d9-gzip"
Access-Control-Allow-Credentials: true

GET roblox.com.py/controlPage/new/assets/css/custom.css

185.17.0.25

200 OK

2.9 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/custom.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
ASCII text
Size
2.9 kB (2911 bytes)
Hash
5b8ea7d02ba3fdc3e5caefbfd2a44349
44c5484d861fd8d8b2b468a48964516b995705d9
873ae1932faebc04ae42b959c00a13cbf33c564a0ec08a21bb8fc169cbeb8389

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/custom.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/controlPage/new/assets/css/imports.css
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 2911
Eggywall: 2.0
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Etag: "34e4-61d59f27ce9d9-gzip"
Access-Control-Allow-Credentials: true
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Cross-Origin-Opener-Policy: same-origin-allow-popups
Strict-Transport-Security: max-age=604800; includeSubdomains
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Accept-Ranges: bytes
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}

GET roblox.com.py/controlPage/new/assets/css/bootstrap.min.css

185.17.0.25

200 OK

25 kB

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/bootstrap.min.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (562)
Size
25 kB (24895 bytes)
Hash
0f6b890a47323e08e1d5c28eee445a95
ce60dad29ad47d79f670795ce61ca0a3ec81bbed
e64ce250356397debf0aa519c0eb0d245c24694cc597acedf3245d607c3449f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/bootstrap.min.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/controlPage/new/assets/css/imports.css
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 24895
Eggywall: 2.0
Etag: "31773-61d59f27ce9d9-gzip"
Cross-Origin-Opener-Policy: same-origin-allow-popups
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Strict-Transport-Security: max-age=604800; includeSubdomains
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN

GET roblox.com.py/controlPage/new/assets/css/responsive.css

185.17.0.25

200 OK

939 B

URL GET HTTP/1.1
roblox.com.py/controlPage/new/assets/css/responsive.css
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type
ASCII text
Size
939 B (939 bytes)
Hash
60016ee14508a83305718fe5709d6505
5af2b4369bb439ba9c7e6a715402ff6bd086520a
7a4c6a5e898ac7b731e562686ab669badba22ef88273335ca6e129a64a404b8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/assets/css/responsive.css HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/controlPage/new/assets/css/imports.css
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:32 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 939
Eggywall: 2.0
Last-Modified: Tue, 16 Jul 2024 09:26:57 GMT
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=604800; includeSubdomains
Access-Control-Allow-Credentials: true
Etag: "e16-61d59f27ce9d9-gzip"
Vary: Accept-Encoding
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
Accept-Ranges: bytes
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}

o.pki.goog/wr2

142.250.74.99

472 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed11cc2877da0e2ad73aff3c3b34fb0
0408361069ad097511adc1c5b71f688fc30720b0
1e7edc7af66cce5619c248d3b4befdd2e54281bcfa00619b4e0b73c090b23a00

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 02:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.99

472 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ed11cc2877da0e2ad73aff3c3b34fb0
0408361069ad097511adc1c5b71f688fc30720b0
1e7edc7af66cce5619c248d3b4befdd2e54281bcfa00619b4e0b73c090b23a00

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 02:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.99

471 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
91068c39d313261893af5838a70d4005
e868a3bad427d66b32847e5d5d83139ed8db889e
54191ee4eaed67878ee6431b9f48b024de2db1eb953dfb64f8ce024fe8064120

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 02:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Jul 2024 04:18:20 GMT
expires: Fri, 18 Jul 2025 04:18:20 GMT
cache-control: public, max-age=31536000
age: 167532
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Jul 2024 20:31:23 GMT
expires: Thu, 17 Jul 2025 20:31:23 GMT
cache-control: public, max-age=31536000
age: 195549
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Jul 2024 20:36:23 GMT
expires: Thu, 17 Jul 2025 20:36:23 GMT
cache-control: public, max-age=31536000
age: 195249
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Jul 2024 02:57:52 GMT
expires: Sun, 13 Jul 2025 02:57:52 GMT
cache-control: public, max-age=31536000
age: 604360
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap

142.250.74.106

200 OK

9.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint8F:1C:80:D7:A7:FA:04:F3:EE:EF:70:FD:56:35:32:FD:55:AB:63:5F
ValidityMon, 24 Jun 2024 07:40:53 GMT - Mon, 16 Sep 2024 07:40:52 GMT

File type
gzip compressed data, max compression
Size
9.4 kB (9372 bytes)
Hash
987c7679ed64ccb5cda98e55d5cc7a5d
22e68cb6ad28f6fd3a76d056c5a196bb02ec20d0
5bc1faf059e65bc05591108c235a0a954c9d5ebe223389f741a591b93624c746

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 Jul 2024 02:50:32 GMT
date: Sat, 20 Jul 2024 02:50:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.99

471 B

URL
o.pki.goog/wr2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
91068c39d313261893af5838a70d4005
e868a3bad427d66b32847e5d5d83139ed8db889e
54191ee4eaed67878ee6431b9f48b024de2db1eb953dfb64f8ce024fe8064120

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 02:50:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2

172.67.139.119

200 OK

157 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 157192, version 774.256
Size
157 kB (157192 bytes)
Hash
76cf3ff0dbd23dd4504e2089f0df4acb
bd2958cf51cc0a7b5c11a0b5c84101f35c2799a0
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

HTTP Headers

GET /releases/v6.6.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:33 GMT
content-type: font/woff2
content-length: 157192
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:44:08 GMT
etag: "76cf3ff0dbd23dd4504e2089f0df4acb"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wTeooqddAWurB0VUV4zll5c8j9LBfFAThG793OjPBzLTsPi755W19g==
age: 291817
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnxNkf97QzRjg3Fv2q5cxHU3u%2FM3S6bQZniEMs5n1LApXC068aM5Zlc9SDz8MrPJ72vVZllWjuXDKyiYDgk%2F1D8PMwaWUNy7RNbfKooEysN%2Fm%2Ft9CWe3BA4V9mWjHa4HR13MA0VUFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a5fa4f52a5956a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET roblox.com.py/favicon.ico

185.17.0.25

302 Found

0 B

URL GET HTTP/1.1
roblox.com.py/favicon.ico
IP
185.17.0.25:443
ASN
#216246 Aeza Group Ltd.

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerLet's Encrypt
Subjectroblox.com.py
FingerprintB7:63:82:D5:A4:3F:7D:61:BA:F3:86:74:3E:B2:91:3C:09:6F:93:71
ValidityMon, 24 Jun 2024 15:36:27 GMT - Sun, 22 Sep 2024 15:36:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: roblox.com.py
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/generator/PROJECTZ/create
Cookie: EggyWall_Token=bd8e874aee450df5b00472722338f4859bf7b1cbd51fdfeb2411243b3fc22491
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: Apache/2.4.41 (Ubuntu)
Date: Sat, 20 Jul 2024 02:50:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Eggywall: 2.0
Strict-Transport-Security: max-age=604800; includeSubdomains
Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
Location: https://www.roblox.com/request-error?code=404
Nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Cross-Origin-Opener-Policy: same-origin-allow-popups

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4889
Expires: Sat, 20 Jul 2024 04:12:02 GMT
Date: Sat, 20 Jul 2024 02:50:33 GMT
Connection: keep-alive

GET ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=44623006da

172.67.139.119

200 OK

4.9 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=44623006da
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
4.9 kB (4880 bytes)
Hash
c635433cb58969dd5911da7547308a14
4ab25a4781e5bea699e556584e41489713640b54
e078a04190d3aaecd0f48bb2f48897de6bd6d659c9f5ad21f2249811283afc76

HTTP Headers

GET /releases/v6.6.0/css/free-v4-shims.min.css?token=44623006da HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.py/
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3ubdq-aDx8IMi-WF-0sSC94TfB7ewW-iV4L_cSc0zWbcbwukieEi_Q==
age: 294778
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXZgnhdZpRH%2BrWv5%2FVaNIqdtL6YNhiR8V12XMucPfkdZnjRiD9%2F4vpdDsBBlZaASOotorRUGOzYGbQ%2BU2Ir8rLMOEAy7ACCR5ZYKVo61Qfk%2B6tFOVaz5v%2FzNJFptxInKi4IiF%2FLItg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a5fa4f3b9fe56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4889
Expires: Sat, 20 Jul 2024 04:12:02 GMT
Date: Sat, 20 Jul 2024 02:50:33 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4889
Expires: Sat, 20 Jul 2024 04:12:02 GMT
Date: Sat, 20 Jul 2024 02:50:33 GMT
Connection: keep-alive

GET ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=44623006da

172.67.139.119

200 OK

8.3 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=44623006da
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
8.3 kB (8327 bytes)
Hash
983370e87422dc2078f0d67e36f7486b
26fca83c91ed6137b926e944f1a5f2d010713ff5
115fe82e32faf396b7a6aca5f070c87adbf1b63c91fd2a3d776d75161d15ead1

HTTP Headers

GET /releases/v6.6.0/css/free-v4-font-face.min.css?token=44623006da HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.py/
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dvLAJT5xYz8ZcZ9IPl1GEkvaVCBg957L3zC8t2rWyEtyHqHC_TnhRA==
age: 294778
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MX%2B6bPOWQcO9FoYBxPooSQIV1EHfpJyVQJkAqNV6ThLO8xJWuvxpyezG7w1rz6BTAZD2ceosQ3BmDnMiV0MeCL8WUx56UUoPQKAe2AYvsX%2FSYRao3MDJGinYGTV3ScQwVnfxLlchDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a5fa4f3a9fd56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=44623006da

172.67.139.119

200 OK

7.2 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=44623006da
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (608)
Size
7.2 kB (7211 bytes)
Hash
8972ae5004bc634ffa6641be3960e78a
235aecdfe4a45217d75fe7abfbb5b12e3b28cc6e
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

HTTP Headers

GET /releases/v6.6.0/css/free-v5-font-face.min.css?token=44623006da HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.py/
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"8972ae5004bc634ffa6641be3960e78a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vwsxW5uHE7tTNxfKzNb64ePX1qBqc42d2AAH7J7logrDnL-oug-wKA==
age: 294778
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxlaMmRhqHKKHoVPIxMUDlSaJvtVWhZw%2FKoPv2fE0uj6uVuI4%2FjLbBPg3b6Ut6f%2FkSuV2AoaLBI4kYS2ERq9McBRW9%2Bn3sUJYhEzYS3vKl52SaEPkZuM1qOp3Kk5HVvHx%2F%2Bt8NHTJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a5fa4f3a9f556a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=44623006da

172.67.139.119

200 OK

30 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=44623006da
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
30 kB (29475 bytes)
Hash
0270a5b0ddf33ef5adbe80331f937055
af1bc0815910ac35ab12663808f1bcae66d7e4a0
d2ab2985ad9dfc7da2c434cbafae7bcef66f74f2c4f645bb592c65eef0f77342

HTTP Headers

GET /releases/v6.6.0/css/free.min.css?token=44623006da HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.py/
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
etag: W/"4ca760f49cd8a14911c81e6c14328874"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K6mB9jZMH841r7Wx0-o61hkD3CKcAILRanp85mqe-RzCmeSGuAokrA==
age: 294778
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhE51hFXi4DQXlNrUWMDbZh8dGnYX6I53QZ5w90ijzUigwVDCXSrNw9bH5%2F4doePexhXKqbiRShw03u%2FbwkBSnurxeryePDte2%2F7z0Zec%2BQUWnrstLIqbCx41Y8Gvs1O%2FqcaTJzlmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a5fa4f3a9f956a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.roblox.com/request-error?code=404

128.116.44.3

404 Not Found

0 B

URL GET HTTP/2
www.roblox.com/request-error?code=404
IP
128.116.44.3:443
ASN
#22697 ROBLOX-PRODUCTION

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerSectigo Limited
Subjectroblox.com
FingerprintC7:58:60:04:09:35:72:54:E0:17:9D:2F:01:ED:A9:01:EF:B3:3C:9D
ValidityMon, 29 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /request-error?code=404 HTTP/1.1
Host: www.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.py/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Sat, 20 Jul 2024 02:50:33 GMT
server: website
cache-control: no-store, must-revalidate, no-cache
content-encoding: br
set-cookie: rbx-ip2=1; domain=roblox.com; expires=Sat, 20-Jul-2024 03:50:33 GMT; path=/
RBXEventTrackerV2=CreateDate=07/19/2024 21:50:33&rbxid=&browserid=1721443833513006; domain=roblox.com; expires=Wed, 06-Dec-2051 02:50:33 GMT; path=/
GuestData=UserID=-790670128; domain=.roblox.com; expires=Wed, 06-Dec-2051 02:50:33 GMT; path=/
vary: Accept-Encoding
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests;  script-src 'self' 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com js.stripe.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com api.arkoselabs.com *.sierra.chat sierra.chat;  img-src 'self' data: *.cloudfront.net *.gilcdn.com *.gldcdn.com *.google-analytics.com *.google.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat *.stripe.com *.tarobicdn.com *.tarobidevsandboxcdn.com;  connect-src 'self' *.roblox.com *.robloxlabs.com *.rblx.org *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat;
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=3600
roblox-machine-id: 50334445-3ac3-0316-0214-b3a700a9fbd2
x-roblox-region: us-central_rbx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=259200
x-roblox-edge: fra4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
X-Firefox-Spdy: h2

GET kit.fontawesome.com/44623006da.js

104.18.40.68

200 OK

13 kB

URL GET HTTP/2
kit.fontawesome.com/44623006da.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12736)
Size
13 kB (13165 bytes)
Hash
10d7da72f58ac3b07cb33563b0e367c7
81df131bbfe85153d214138fbc295314b202de76
e3b030605370c0dfb97ef79bb341b4b11d002ef4cfa55bf0fd2abc5c7d78f861

HTTP Headers

GET /44623006da.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.py/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 02:50:32 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F-K9E6ohXuNURyQAaxNB
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8a5fa4ee7d3a56bf-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

216.58.207.227

200 OK

8.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.py/generator/PROJECTZ/create
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8724, version 1.0
Size
8.7 kB (8724 bytes)
Hash
267ebe38acb78ca90441cdb3f0f44b7d
85397079f9f963cd2f16dc5600d8d7795924d73d
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

HTTP Headers

GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.py
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Jul 2024 09:12:30 GMT
expires: Fri, 18 Jul 2025 09:12:30 GMT
cache-control: public, max-age=31536000
age: 149882
last-modified: Fri, 22 Mar 2024 00:01:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN