firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 05:05:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4839EizFHrrg_iZ5QGlLYgRgLyE-BHrnvcSmAvLBUPMFDe1tgbGRqw==
Age: 2576
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8734
Expires: Fri, 23 Sep 2022 08:14:14 GMT
Date: Fri, 23 Sep 2022 05:48:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g7m1SYWz8MejXI7pa72sT3Ms5hPJW9LXVZvA9yb7pOwm8ZXwEF6YSA==
age: 4406
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 05:48:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 05:03:22 GMT
Expires: Fri, 23 Sep 2022 05:16:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iOtIhbYUOZ7iwBbjo1BFNgJ3yM0nNYHHKHa8Kbh_s5RXFHOcMSpGxw==
Age: 2719
robloxcodetrichebloxpiece.blogspot.com.co/
142.250.74.161302 Moved Temporarily 185 B URL HTTP/1.1 robloxcodetrichebloxpiece.blogspot.com.co/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f305e8d7868f84aabab2f929dc7d921a
95d25968f5bbedecf001aff500797e2716a9b6d6
27b26c56c02453efd32d87a8486f9c5c76e2c8c01ceb57ad299abccabd04da64
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxcodetrichebloxpiece.blogspot.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://robloxcodetrichebloxpiece.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 23 Sep 2022 05:48:41 GMT
Expires: Fri, 23 Sep 2022 05:48:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE
robloxcodetrichebloxpiece.blogspot.com/
142.250.74.161301 Moved Permanently 186 B URL HTTP/1.1 robloxcodetrichebloxpiece.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4d46cbaa0d119b59182dd782afeab4ca
443e3ac79c6b47d20fc7c77c605bf2e0a58522f7
88d61b372034a6efcb1fc56092efc4db3a76c67d4085aead65d2a2a327356228
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxcodetrichebloxpiece.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://robloxcodetrichebloxpiece.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 23 Sep 2022 05:48:41 GMT
Expires: Fri, 23 Sep 2022 05:48:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 186
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6560
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:41 GMT
Last-Modified: Fri, 23 Sep 2022 03:59:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wDnjIKQRvbf/Pa3HD7wgWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zsKYgCudE0bMaZG/U1U+s1O03UE=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robloxcodetrichebloxpiece.blogspot.com/
142.250.74.161200 OK 29 kB URL HTTP/2 robloxcodetrichebloxpiece.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2298)
Hash 340fe9479cd739a6ed66756982fded79
593d6ea8cf2c92f19c062f14622cb1083bd9b7a3
f4def0707c97b8967e886f394287f06f75569a5092ef066c99e1a7e17a93d7c6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxcodetrichebloxpiece.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 23 Sep 2022 05:48:41 GMT
date: Fri, 23 Sep 2022 05:48:41 GMT
cache-control: private, max-age=0
last-modified: Tue, 20 Sep 2022 22:41:23 GMT
etag: W/"52e5c9e4eba1e2ca98f5741650326e05f8b4f4cf2035abdccfcf19bc32b19a7f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 29296
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 017b35db8b7a44fb09d592e4f01e6221
52b62eda95cb2dc0fd4bb767f336dbeb0755071d
cf55ac8ca259aaa5113a2eb7bfdedc82cee487381dfe970f258503b55a996ffe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/139732538-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/139732538-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 85f397c389efac9ad63d1798bceeff88
2258e2f2f18d8a6c6bb4d89e3c047c6c83da4f4b
e0d600281770079e5cdb9f4bb66aa3bdce5ee67e21c321c9e325789e96e5db76
GET /static/v1/widgets/139732538-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxcodetrichebloxpiece.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56922
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 21:07:23 GMT
expires: Thu, 21 Sep 2023 21:07:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 18:54:49 GMT
content-type: text/javascript
age: 117679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 017b35db8b7a44fb09d592e4f01e6221
52b62eda95cb2dc0fd4bb767f336dbeb0755071d
cf55ac8ca259aaa5113a2eb7bfdedc82cee487381dfe970f258503b55a996ffe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 31783719c018d63ac942fd965cd94f4a
5ca4a26e97e431360c70e569c5aec13b062cd16f
65a83a25835a9ce7f4a5e5fadfedede25f027a7cc263db8d1746ee9a255df192
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/gamebaglogo.png
172.67.220.56200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 172.67.220.56:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RA7kv0THxwS5VbUm27V6Th%2BisiwQDv9ebT9LtF8ydLkvfIIcxzHUIygAEerLxR5D2bbdYMcrE%2BybpuaIQLPdRVddYNnlhLeK59oldmmgoqvgg7oO91zGE22Lnehr0wn5wgo1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e2f07fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.24.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9353492
expires: Wed, 13 Sep 2023 05:48:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gc1lZkvho9a5xJrdw7P7zSZml%2FpdOARfXFhgtferdmBHgM16nkcdrik95eycFKQAK1cOqRNO1vsZnXKEWelSiBszAVJFxLhz%2F%2BlZRZatTXQTABLwT1Vl51hbC79X%2B60QtMGN2Q9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f0fe2e48a20af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
172.67.220.56200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 172.67.220.56:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV9L%2Fboqlj%2F%2F%2B5u29oQSw7gLm3DZwpLnw%2BjV1BzM81zf6QOLC74bVQwWxEY4uTZutg7mRJ0e1SwG40uj44gXn1hke1SZjH8PigqFc6W%2FNxmtN%2FUG32duY%2F0WAXwSuhqLrN8vMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e2f0afac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
172.67.220.56200 OK 4.4 kB URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
IP 172.67.220.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 8aaca9098ae6fed57d8358fff8cfa2fc
c2b6bf1246be714bbb2d06c37a7a886929ba424f
a5d79bfdf56331c45a7a633cc1e8f94d7aea1d1de225df305cf6f757ea8cd116
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxcodetrichebloxpiece.blogspot.com/
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 110225
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7vTPyJjcBnE9M%2BjO4Ye3VFKOMVX02X%2FNlkUATd6NnIwOj%2Bw2inL867PQoOUmbdDsv6bycT%2FhzqW3SlT3x9Fr3Xj2F4USDKtGPjYwTRm1BTeG3cs1Lz6mz3%2Bs6sUOak%2FQoxLMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2daebefac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
172.67.220.56200 OK 9.0 kB URL HTTP/2 play.robuxtip.org/images/style.css
IP 172.67.220.56:0
File type ASCII text, with very long lines (40387), with no line terminators
Hash e35c7d766926632f65aacb8a43a9adbb
032e087debcf64d45c391e3663fb94ac8399a65f
bc37197f96331d58ec82903b8224bf4e03ba66bf916c3f24c77b97ea148f4941
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wrR7X%2BesqQG2WUhVaQVayG2cb0V7T2zC8AyE4XT5FStn3f9FivMskxqcfc%2F3VM1VhO8YyBVpfhOsP2g0wBeudUA8v%2FbDsrHG90KkZrBxRnW7r5xWfTwG%2BnbqxAAXqCTwbkvSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1efffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
172.67.220.56200 OK 842 kB URL HTTP/2 play.robuxtip.org/images/animate.css
IP 172.67.220.56:0
File type ASCII text, with very long lines (53418)
Size 842 kB (842274 bytes)
Hash 89af0c787fd05b51bce926926c126bf3
15c18a2dd1b1788f2b086600ef77bd49a4bd0253
320cf1fe4653fb07fcd43f7fe4e946d749a8d74e3ce508ee988bbc9dcda66753
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg5xUo1YIILhhqF9PKfouRC2HakgSjjMqkx2MgK2B9r8H9zekEMAQk2GU99JjiwLs7ESz47YBu9bBT5ZGpAcdt5kRxKXDNm1Ri2%2Bf9oH6ShsCIKk5A3nyq7OVrCfCoOlFGEDFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1ef6fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
172.67.220.56200 OK 56 kB URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (563)
Hash 1d27e24c59242623c59b7a9ed440415c
6a33469c1674492e84f6df0ebf6f72a1ba41fe19
ef4efc4214ab41d6fa432b6f62e067c76750ba242ea39fc2cc8cd62fc54bcfb2
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEKsNVYiyEL3Cc2KA8HKVUeuURIQzR6naT9s%2Fay2exJVWeAd%2BbnybE9txoew5xxsF3R7EBf9orLqE45cqejDIC%2B%2BgbA2cnfYhHaj7ir7xLNQlZC17fT1blhQ0JI57SYvubS2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e2f0cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.js
172.67.220.56200 OK 7.3 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (20305), with no line terminators
Hash fdc30eff0f6c501464b406c5c5f1e871
d6bd16c5b8794739b49f1d9ed9bd1495baa70355
aa16edd4e68deb5dcf054fedfab34c5dc6b287a7b014ec6fd1625b39e4572c22
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIbKmSdKXYrwwvk8ypNvYhDIzWMwQnJ5OvLjg4vRPaIFW0F0OACOBVZ01kjyv8R5KVOlyPPvFJwPQKvbYLoHBNhuuKO16XfM3hR8yyL0S%2BGW1w9mTVRROLBzcbuT%2FsM0PU1I6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f1dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
172.67.220.56200 OK 2.0 kB URL HTTP/2 play.robuxtip.org/images/header.png
IP 172.67.220.56:0
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b750214f9a0276662f12acbbff0d37ce
65e094e10e2b933ab866a66b5f9b25321b99a0d1
db31dae896b9158c4d1c3f32525e6f63281fe9c671a5dc93236cac960013351b
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSb9Md9gf6Fg47rlv9XWfOgtSeNwHMUAqz6fcCLq%2BtuN6SrPzLXMGnzCs1udPk4TNRJpo0EvkcW60TtxUZ7dHf2Z568vaow6hu6MLknNM0lTPa6heJdinROCn6%2Fqdvs5JbDg3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e2f09fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
172.67.220.56200 OK 96 kB URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (1237)
Hash 200489053066c4d35b9c765d61c0136d
6036d63cfe60babc72215b5d67db41862deea2b0
a24160b8dc242a8a219b5a030dd714d4b4d96ab0d1864b46175a3d1f73c8a6ee
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqxuD2X37kUi2ztI6523BjhaXJRmojGAWaw4%2F5f1t3uBFRs5LIMjI6aUqX32RwTvH56DintziomV%2B8Wq5wszehylj9c33nXaLYvezf7RQRLL0l9gvWjB7Mw1%2FUpgQhUl%2FUZR2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e2f0bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:48:42 GMT
Last-Modified: Fri, 23 Sep 2022 05:29:24 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
play.robuxtip.org/images/jquery.countto.js
172.67.220.56200 OK 1.3 kB URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (1043)
Hash 4b78ad1528fc848c004941f3038d8606
17dfeb19ecb52120ee684f6026693e5fab6651c5
b9cb5901e96481aeca02908f8e70755b07cad5ac7d3791e006edba1f53e455ea
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BdGkB04SFIlmduE%2BH9lZNKfipaG2OtAx%2FBYtrjOGYpzCP%2B%2B%2BU4KoubZxYQMeicHrDGgkR19W3B0qDvkrMCRmzkJxV18Knas%2Fyp4TXRvkxSaruzFWoI8etfcmH7OhjGmmVbXhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f1cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/validator.min.js
172.67.220.56200 OK 69 kB URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (5862)
Hash 4ca50a3cd26b89852b9cad77601b513e
9d92e454a66fbf4c7acee8e349fa1e9b0c0ca7d3
7b27360ddf2e8494d55e076104f2b0cca669668f7fc777b9496136e158bfc42a
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vjrs%2B1Lxckc8ok%2Fa4A6a0vYtLzi%2BriSrJt5x2oKUESR0XGKgQKCNMrluckGFiDGAbctre1cM4m3AzyAeiYFVLpO2oguGAexWclw4BmYrPX8CQ6xEruXAGwj5NTz2wIw%2BC9IxWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f1ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/custom-css.css
172.67.220.56200 OK 18 kB URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 172.67.220.56:0
File type ASCII text, with very long lines (1606), with no line terminators
Hash d5731160f6169cc24c846428758ebfce
6f130d660860d02baa84dba2dc1fb20cde797bd2
f7069aaff53f1874ee6fe7247fed09886ef504c725f2d55e4af5a336e63a5533
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNqJ0%2FZDTGdSixbYGYYt6sRAVzbYxmmWNJfB8qIEs%2BImlXQUmud%2BFSU77ACEf%2FAov4Blar8qSVdyD7%2BVL2vL%2Fa8RKNPSJlIXOt%2FzQxYaePoZFRGghuO%2F9X5xdSrSEkkJ%2BOXS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1f00fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/com.js
172.67.220.56200 OK 21 kB URL HTTP/2 play.robuxtip.org/images/com.js
IP 172.67.220.56:0
File type C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Hash 6526919aef038ec3dbf8c2f3b1a0fae9
5bd4f50e719673f27249787272767a28e1021d0c
c8f4084544c582273ffc80373dee14238f3a25056078b0505b08516219ab9791
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BO7tQNDBIfGVZjxHjmnHN54WmZBAhlTvCLcHN0d6nMGJFMRftj06L%2Be5Opcm7oplKs9MoUZ7NFG1k%2BWs%2BflPC2%2BiANAmWphh76JwGT0To4loA2Ln3SXnLr0K8qF%2FLnzi3kMcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f20fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d4edf416a0f41468a7429c575bad6e5
3adb4571fc16ca78dbe97d3816dd51ee70d3c140
2ee5044f5cbe123faaec6042411582dc59a51000999035cabcfb3bfff5eb41f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EE5044F5CBE123FAAEC6042411582DC59A51000999035CABCFB3BFFF5EB41F3"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4215
Expires: Fri, 23 Sep 2022 06:58:57 GMT
Date: Fri, 23 Sep 2022 05:48:42 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:45:56 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 270698101
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11569
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:48:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11569
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:48:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11569
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:48:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11569
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:48:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11569
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:48:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948abf9bedd1bd67010284080ba06d01
dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 0cec2f7d-e906-4f5f-baa7-5d8a1a7c6820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2P7bEeQoAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf9e2-5bdf18be72eed24028034edb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:00:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Pj5hSr5LtIWPRDYjHxp8-K8gVghjf8GlO-FnXDvxscJqdygfZH8hIA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 36762
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff021fa15adb0d3a24158bc00cf0980a
265d3e98bcbf5f14f214102279a7911d6fd64048
211d709fb1851a62f856a78e3b115ef816f78ab9a28f870d48fa3d1912eac16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6505
x-amzn-requestid: bc9cc556-8897-4484-ac07-f18e4f5250ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvrfiFl4oAMF_Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295930-7a627b7d7683919e41ca599b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNlx91pOuttpN-IrQs_g-PRI8C_NmZDKdnOpfayCJ719fa6FwnOIGg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 02:01:19 GMT
age: 13644
etag: "265d3e98bcbf5f14f214102279a7911d6fd64048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e125802119a2737820b343c4e9ecfb6
30ccc2dd2597b5b720d66c960ee8bd63c7115630
90cce372b2b8c89569fffc55de468bfc7cd4b7454ae7c55c48b7a846506b576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11059
x-amzn-requestid: 65fe1c05-a158-4ac2-8368-f26da119ef68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcDTgGV4oAMF0iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217f49-74fc5c511bee36fd11d6d2eb;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:14:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8k-1BHGHnBYSNqKWsRvVt8MpglKJ4eodtFakTTnr7ZzqSpP8iJWqVA==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:57:54 GMT
age: 24649
etag: "30ccc2dd2597b5b720d66c960ee8bd63c7115630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2644bb64610b60b23b7dff21736f7b4d
e95d1909750d36a9e426c170778985310cbfc4e4
e668fe1815310914cee8c5853fbcb3d0e48f6f0f8c2d07f7463e627f97153212
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5533
x-amzn-requestid: af64386b-45ae-47bb-a6fd-f80e306495df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkMGVEIAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e1a-7e417f28422324ed2ddc85da;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3GibZ-PNm4-d79Q6pfMbGiJ8sdGrbmfZ3M5-GkQUbrEmo9Ug13MydQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:36:12 GMT
age: 25951
etag: "e95d1909750d36a9e426c170778985310cbfc4e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3056431736af42cc145a77dbc77c45a7
977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e
d299e38c678f4c4548cd2e7cf7ff1b07910b316bfc8b13c492b4fbee0a66b079
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9892
x-amzn-requestid: f1d435d6-ed01-46b6-8f36-615f07f8cac0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VpWGamoAMFppA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd5-2c3726b022bd389a156532c4;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1RKDNfgarIwNgVps5U8xWLQaDppXNAVxULqMseYJOIOuPF6nCV0aNw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:26:54 GMT
age: 4909
etag: "977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b577444b5b0cf15747fe28a9d7f22d53
e6097275af3204124c48aa0d876eba0d18b26e7e
0f57e130b23b87fa4e1f9c2a2beff54f1ca73d87a244442558209e378befef11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 6f7b073e-f199-4bfa-8f9c-6688dbfba15a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn7p7GyRIAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263fd8-566d8b3c1c25e3fa36259812;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:44:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 67IkCpdOLJbKDPzgrIgyWV4axpopLuln041fPgEQKn0Zc2dvdDHnkA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:54:39 GMT
age: 24844
etag: "e6097275af3204124c48aa0d876eba0d18b26e7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g0&@h6&@i3&@j1663912122310&@k710308&@l9&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=PinkTong.xml|yulianikitagmailcom=robloxcodetrichebloxpiece.blogspot.com|robloxcodetrichebloxpiece.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:63688547&@b3:1663912122&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
192.99.13.63200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g0&@h6&@i3&@j1663912122310&@k710308&@l9&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=PinkTong.xml|yulianikitagmailcom=robloxcodetrichebloxpiece.blogspot.com|robloxcodetrichebloxpiece.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:63688547&@b3:1663912122&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash bbbf7454bf9f50e3e40b5e2b4231d0a9
5116d7526feb6cf2b89141cdc72bf90372970326
aff10a00040ae7d79e1515fc77ebbb1042d7cc7b60c0a197f4f48b5d149850c0
GET /stats/0.php?4275781&@f16&@g0&@h6&@i3&@j1663912122310&@k710308&@l9&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=PinkTong.xml|yulianikitagmailcom=robloxcodetrichebloxpiece.blogspot.com|robloxcodetrichebloxpiece.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:63688547&@b3:1663912122&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:48:43 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 27387
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/form-scripts.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Aok8qvjHCK1Of6IDsOA20N%2BfBRIzBd15Rv8zJa9X7qWvdm9kRRhl4ixSNgV6HYTnFaz0FVcgRHibWh1eMxB7xKnxjGlt7Z080x2%2Bk%2FHKwbsuKhiopnT3714KvqeZSaYWIVvXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f21fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 172.67.220.56:0
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV03%2B1Zufj6fDeqHPZNR5G%2FANmOtnYYEqpNTyhHx856ZHEB3p4qdmSRkmq4A8G7EPEF2vUgwKl2kjZ7OqZkW0qp9T6VEK2KRFr%2FTAj%2BIdYmwI5mR62I5KePAI7jWYWrCQnFSyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e0ef3fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/magnific-popup.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 172.67.220.56:0
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI4Vp9GTyMmpmgpOzdGJNdpI9pfZnlndTbSKFmDkZFBWPQhsfAtANg472MCPUs2nEfgJ15iNBbw6wGIun2lZ76nNLUNOOGRfNhFS%2BOUgnaSFPaH3w0CM2YkjTC%2BPBipFtMIpwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1ef9fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qCf0ZL4fA%2FdnjRMU0p%2FS1mjtJw0IyAcnwUcUL%2Ff7Pyt6A1PECXCZ5sljT2bvMKBUQzPzxl9MHZ0TfNl61XVhiiFdeWGACdjUF1SMHi3Am1h7qvembh4T4rcOye7WOEpe3yShg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e3f0dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/scripts.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 23114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEhEjxx%2Fg88bgkLngNiD7Pky9%2BbU%2FZqYX0GwwcXZ2wD64S03K1yMACo1%2BbfXLxiyQnrGbQQfeWEO0kI5P8DYncJneFG5Jx02IZAmr%2Bb1VpCNRfeEd%2BgzPJus22Ke1gRtMcGzxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e4f28fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sticky.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH%2F1%2FlKtABMAASSnA9cY24zbdMfIDB%2BsnCMK%2BGxfHjiV4fKcJYniQdxysb8Rccb2dIXB2ey%2FI0D53f5Pd5XJuuVh0KzuzEs3e1wkJYiWVjr8bFDBwsExEo7BIzQ3g8f6bAws%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e4f26fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/bootstrap.min.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 172.67.220.56:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09K%2FGOEYwYfZK0D5%2BeaKWRfVnK3j%2FgTs3N4iNJmMot1DS4x8cf%2B7FmIonc70AR7DJLVx9HOVksBMHfb04ESsWShcrOpEi3ZOkrJL%2FJ3elc3LjOyVs3Og%2FkTj1bDuKVBXcFu4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1ef5fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 172.67.220.56:0
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiElEUftlCFWppsBQYqEuwqNLtDakAPd2fdW6v34tHNhrex%2ByrfAXffOmyblB2LASp8d7CG8Y2Br2g2qWKxnLd72fyx4Sa3Y4kP6SM9SyvRhPVfShMes4a9377NT36VZIGy5eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1ef4fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 172.67.220.56:0
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hvT%2Fgc%2FOzLjuAXVNhU4x4nkHp7AMmJ6wwa6BXe3jUEUBX7BEX3pWE4RK9B26cWllBOxJ8ReLzUyL7gbDD5g1VAykctwJq57R3mEeG6bkL3M5oej3ncJoLgYrkdlX%2BLwSn%2BlUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1ef8fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 172.67.220.56:0
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MocpBKD08FekMWaOblaftTz1bxQPthhJR7r6C7VYGPZQE%2FYj2rkUBOB8XuOtE%2FHc4NDl33Rt9lbafsn8p4DJmDJkE7TkSLG69LqNE98l9u7G0BEm3NaacHSrhvjX3IpkuoidWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e1efafac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700
IP 142.250.74.10:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxcodetrichebloxpiece.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 05:48:42 GMT
date: Fri, 23 Sep 2022 05:48:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.magnific-popup.min.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO%2FrkRNMyi56EqERxw8YT1ot9vj%2B29SwmUwQ3Pq9m0du96ADU3uHSWRRdbFVg9z5SJyiXq%2BasJOfSA9OQIQ0wf5f4s1xKugJVOhhTm8RjtsxJjYEq3wx9v5pPnEWEq2ZRFHh6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e4f24fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mtevor.com/cluster-v2/roblox-crn.js
172.96.187.226200 OK 0 B URL HTTP/2 mtevor.com/cluster-v2/roblox-crn.js
IP 172.96.187.226:0
GET /cluster-v2/roblox-crn.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxcodetrichebloxpiece.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 05:48:42 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/main.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiUGlua1RvbmcueG1sIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInJvYmxveGNvZGV0cmljaGVibG94cGllY2UuYmxvZ3Nwb3QuY29tIiwicm9ibG94Y29kZXRyaWNoZWJsb3hwaWVjZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1663882585032; HstCla4275781=1663911412002; HstCmu4275781=1663882585032; HstPn4275781=5; HstPt4275781=8; HstCnv4275781=3; HstCns4275781=5; c_ref_4275781=https%3A%2F%2Flinkmon99robloxaccountpassword.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:48:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 509514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ufIEgicEDSOVY1EfrcjwoqbZD5MM0m1o0vwDD7S0tdIEi8pcG9qcRZlImDt1pdH7L54%2BXifRecWXqOsoUmWjMFafT8gccI4Vw0ZRpSiCf6k%2BENr6LnrKfjkmm8YUhGWrKYHtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0fe2e4f27fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2