howtogettonsofrobuxforfree.blogspot.ba/?m=1
142.250.74.161302 Moved Temporarily 193 B URL HTTP/1.1 howtogettonsofrobuxforfree.blogspot.ba/?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0981692656fb9c925247ba005a73425a
6e27fee9ad3500e3fe4a631f5741108e59741887
12e254d3e11571132d3d68640e859c37d954a7de7584cc13ef5fe55c7e541ad4
Analyzer Verdict Alert fortinet Phishing
GET /?m=1 HTTP/1.1
Host: howtogettonsofrobuxforfree.blogspot.ba
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://howtogettonsofrobuxforfree.blogspot.com/?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 22:11:03 GMT
Expires: Sat, 24 Sep 2022 22:11:03 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 22:04:54 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zDQS6mT6QDe4ImkD2fGSNi9jU3AuYRPsecvl0prHlGJUI75fMVT_Fw==
Age: 369
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10030
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sat, 24 Sep 2022 22:11:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6qCoAPtNi4qZyYppwMVrkZbm_Ey-Sz9BRwMMpu-AVxOnh3Y5CXXyCA==
age: 63350
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 22:11:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
howtogettonsofrobuxforfree.blogspot.com/?m=1
142.250.74.161301 Moved Permanently 192 B URL HTTP/1.1 howtogettonsofrobuxforfree.blogspot.com/?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 741eb36971dde7488b5347f2f9f5f4d3
c64ab6eceff919dc00bdd1f484cc2f92dc49e942
734c7c33ef5e9a970e0d006e6450e9ae1846f0639a70c3f473769d0141110f25
Analyzer Verdict Alert fortinet Phishing
GET /?m=1 HTTP/1.1
Host: howtogettonsofrobuxforfree.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://howtogettonsofrobuxforfree.blogspot.com/?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 22:11:04 GMT
Expires: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 192
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 22:04:17 GMT
Expires: Sat, 24 Sep 2022 23:02:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mwEcTboZZ_0oPlyp8R7d1YvtSlDnjHiHfKXDCMesOuaHhfy7luMkYA==
Age: 407
howtogettonsofrobuxforfree.blogspot.com/?m=1
142.250.74.161200 OK 16 kB URL HTTP/2 howtogettonsofrobuxforfree.blogspot.com/?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14233)
Hash a16b6c5617407f877088724ac80eb52d
a215342598fff98c2a9a1db0a4a03d3c77c384ec
7720a6e2dc6d1c80242d3650301d28f0a0871957790c495816765ce303a06e9d
Analyzer Verdict Alert fortinet Phishing
GET /?m=1 HTTP/1.1
Host: howtogettonsofrobuxforfree.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 22:11:04 GMT
date: Sat, 24 Sep 2022 22:11:04 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 22:58:41 GMT
etag: W/"386b14372b0e1c06164ff30120cdd1bde8e4eeacd393675a871b4f36ac32ce9c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16443
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
142.250.74.161200 OK 6.7 kB URL HTTP/2 3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
IP 142.250.74.161:0
File type PNG image data, 200 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b2271ebafdb2a99c69f429d440c555b
38ab355f4cad880637c156f6afe451a9df8cba60
180547af487d795d7fd737f992fb288eb9ec53b79404955a49dd36569e96a230
GET /-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="logo_650c697d3a6002c8f63991bb43c0d6b4.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6658
x-xss-protection: 0
date: Sat, 24 Sep 2022 19:44:49 GMT
expires: Thu, 04 Aug 2022 16:51:24 GMT
cache-control: public, max-age=86400, no-transform
age: 8775
etag: "v14f4"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2d6b384162abb715786693222b341a43
2a68f142c91b5700b9481a64e6c6aa23070b3839
2a2e9dfac0cf910ec76692a5d6fa3462422b1cb9b804934b275baca7b0cf1ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 778
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Last-Modified: Sat, 24 Sep 2022 21:58:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 704236d1e5e6f07c465e9358b5682033
d27c69853a55fe719b1d0557c8f12085be989c85
5144bdf17147008710aa4ba21b3bd85499b76d3ef60e5f006f806fd1d49a46a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6518
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Last-Modified: Sat, 24 Sep 2022 20:22:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2d6b384162abb715786693222b341a43
2a68f142c91b5700b9481a64e6c6aa23070b3839
2a2e9dfac0cf910ec76692a5d6fa3462422b1cb9b804934b275baca7b0cf1ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2d6b384162abb715786693222b341a43
2a68f142c91b5700b9481a64e6c6aa23070b3839
2a2e9dfac0cf910ec76692a5d6fa3462422b1cb9b804934b275baca7b0cf1ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/hbcg9D7X0YI/maxresdefault.jpg
216.58.207.246404 Not Found 1.1 kB URL HTTP/2 i.ytimg.com/vi/hbcg9D7X0YI/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/hbcg9D7X0YI/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: image/jpeg
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sat, 24 Sep 2022 22:11:34 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
http2.mlstatic.com/roblox-1000-robux-002-D_NQ_NP_944359-MLC31413216752_072019-F.jpg
23.36.76.88200 OK 315 kB URL HTTP/2 http2.mlstatic.com/roblox-1000-robux-002-D_NQ_NP_944359-MLC31413216752_072019-F.jpg
IP 23.36.76.88:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x675, components 3\012- data
Size 315 kB (314786 bytes)
Hash 840a849deb31db8c76e2eac8b4998ebc
50710be56347ef3a58a712af497223dc7c2c43eb
317af1386926c910b3b72f9b424cdb0604c261ff30439fafe2d91a7c319bba46
GET /roblox-1000-robux-002-D_NQ_NP_944359-MLC31413216752_072019-F.jpg HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 314786
server: Tengine
cache-control: public, max-age=31536000, immutable
etag: "2444357888"
last-modified: Thu Jul 11 03:26:21 UTC 2019
x-check-cacheable: YES
x-container: 944359
x-extension: jpg
x-id: MLC31413216752_072019
x-progressive: false
x-server: 172.19.0.7:44186
x-site: MLC
x-smartcrop: false
x-square: false
x-version: F
x-version2x: false
x-envoy-upstream-service-time: 85
x-envoy-decorator-operation: read.pictures-proxy-go.melifrontends.com
x-request-id: faa68519-79ea-4cbc-bca3-221f06b49093
x-request-device-id: faa68519-79ea-4cbc-bca3-221f06b49093
x-d2id: faa68519-79ea-4cbc-bca3-221f06b49093
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
timing-allow-origin: *
date: Sat, 24 Sep 2022 22:11:04 GMT
x-cdn: a
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/k0DaIvab7FM/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLCNWNl9u6C6saqWHsEnXkWVoLokNw
216.58.207.246200 OK 8.5 kB URL HTTP/2 i.ytimg.com/vi/k0DaIvab7FM/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLCNWNl9u6C6saqWHsEnXkWVoLokNw
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 168x94, components 3\012- data
Hash 222c471a62ea11dbcb6700738010d237
7810dec0b33ee250fbf894b9cc494e83a2b95a10
03d060a81972a42e3533ab76d26aaabf5e2e61dc4936da1e8a397d3d45d84ecb
GET /vi/k0DaIvab7FM/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLCNWNl9u6C6saqWHsEnXkWVoLokNw HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 8523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sun, 25 Sep 2022 00:11:04 GMT
cache-control: public, max-age=7200
etag: "1508674993"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image.winudf.com/v2/image1/Y29tLmd1aWRlLmFzc2Fzc2luX2h1bnRlcjIwMjBfc2NyZWVuXzFfMTU4MTczNjc1Ml8wODk/screen-1.jpg?fakeurl=1&type=.jpg
104.26.8.22200 OK 135 kB URL HTTP/2 image.winudf.com/v2/image1/Y29tLmd1aWRlLmFzc2Fzc2luX2h1bnRlcjIwMjBfc2NyZWVuXzFfMTU4MTczNjc1Ml8wODk/screen-1.jpg?fakeurl=1&type=.jpg
IP 104.26.8.22:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 1050x620, components 3\012- data
Size 135 kB (134634 bytes)
Hash ec0fa49bced1e89d09e2c86f5116fad2
46aeecedcae4cc1dabafb81b4109d94afff52b5e
4bc4774e1ed1e85e1aed63e45e545f6aaca79a010e2fc71f8d926f3ffdbf5fab
GET /v2/image1/Y29tLmd1aWRlLmFzc2Fzc2luX2h1bnRlcjIwMjBfc2NyZWVuXzFfMTU4MTczNjc1Ml8wODk/screen-1.jpg?fakeurl=1&type=.jpg HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:04 GMT
content-type: image/jpeg
content-length: 134634
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138179, status=webp_bigger
etag: 5c882cd6
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: MISS
cache-control: max-age=31536000
cf-cache-status: HIT
age: 22956
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Acx5jtJ3ECxYYnVai3FypevzYrlmgFg5EJzhpvH6Tih%2FVDiFr%2Fq8HJlkR0Xfy%2FKvWPR7M4xpyJPOyGiffv6Ecyow%2F60x9bMWInId%2FJJe2hyUMNu8Le2t%2Bf5ONfKGnd9hSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 74feda930af6b527-OSL
X-Firefox-Spdy: h2
i.ytimg.com/vi/nlz9rG2ZGRE/maxresdefault.jpg
216.58.207.246200 OK 144 kB URL HTTP/2 i.ytimg.com/vi/nlz9rG2ZGRE/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 144 kB (143733 bytes)
Hash 0a063e97a8c8266d3d2c3f49684ab1cb
e4c03b247f3fda99c57b69a6f93475e7d09b6db3
b6aa51973dd3911c7719456fc18837e8e6d04cb6234e79d5f3fc0e2192c5cdf0
GET /vi/nlz9rG2ZGRE/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 143733
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sun, 25 Sep 2022 00:11:04 GMT
cache-control: public, max-age=7200
etag: "1531078901"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/dTjJ8pHnyus/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLC2fPdpcUuqrZwB2YwwCTcWamownQ
216.58.207.246200 OK 7.8 kB URL HTTP/2 i.ytimg.com/vi/dTjJ8pHnyus/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLC2fPdpcUuqrZwB2YwwCTcWamownQ
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 168x94, components 3\012- data
Hash 781aebfcf1ff5b0a06b669a63087a56b
330158ce605b20229f1d13c6a7f3959b08265a2e
984206500d0d1a0272a05060e621d26903cdb5e7a68f78c040e71cdef88f49cf
GET /vi/dTjJ8pHnyus/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLC2fPdpcUuqrZwB2YwwCTcWamownQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 7763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sun, 25 Sep 2022 00:11:04 GMT
cache-control: public, max-age=7200
etag: "1533072727"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 330571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/Wwg3weN3ZOo/maxresdefault.jpg
216.58.207.246200 OK 112 kB URL HTTP/2 i.ytimg.com/vi/Wwg3weN3ZOo/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 112 kB (112410 bytes)
Hash 13e3d281f783a938355d6b27b4cfa036
55d1ab529dd7ff97f2f34a545766e6453caa5041
e2fdcf23806ea81480751568b088b5fd96e13e97fd6c74ccf9b5461712befe5f
GET /vi/Wwg3weN3ZOo/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 112410
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sun, 25 Sep 2022 00:11:04 GMT
cache-control: public, max-age=7200
etag: "1574230068"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/ynuk_ygu4OU/maxresdefault.jpg
216.58.207.246200 OK 108 kB URL HTTP/2 i.ytimg.com/vi/ynuk_ygu4OU/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 108 kB (107829 bytes)
Hash 6bc794cdfb2106855a2989653d0edc8d
0e0a5206194ad778a0cdf2deea3af0c173979b6d
4d507e5e923bf6dc3b57be7228e5aed8b5a41b9f43984b92a7330c266148c092
GET /vi/ynuk_ygu4OU/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 107829
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 22:11:04 GMT
expires: Sun, 25 Sep 2022 00:11:04 GMT
cache-control: public, max-age=7200
etag: "1557787758"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2d6b384162abb715786693222b341a43
2a68f142c91b5700b9481a64e6c6aa23070b3839
2a2e9dfac0cf910ec76692a5d6fa3462422b1cb9b804934b275baca7b0cf1ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ac3e151754ab47096355cde3775ade04
0b5caee81e70eccc817d07ded5b645367eccb672
73ce20b32370d3c0758f3a47c93e6462a903966c7a6ebcc5c969195618fb6d69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:04 GMT
Server: ECS (amb/6B9F)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 73b7121b1f8dbf4ae2b374638e81f20e
440ccc75f9977ca84feb59f9fcbf95f93a9c32c2
f33248ab145ed21e539407015e7591df6d74a09d644d7a9e59e80d1082884326
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:05 GMT
Last-Modified: Sat, 24 Sep 2022 21:51:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +M1fHElCqhNu8Pjs7Ngf7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HQwoPnuGmRhpiXBbk0TEsXxJnnU=
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 6e5577f6d5d5f592b59c4a00beaaa2c3
6f441641619ac55ae79d38b21ec9eee0288fec1c
74d3098f6eb279ff7cdbc84fafdd7b6bcafb8b1c1072db50459b399e505c9709
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9498835
expires: Thu, 14 Sep 2023 22:11:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw9h4YMBpk9oq1ZWXOSjTi81Tq0n%2Bttdo7Ml68TXuCkHPJ7OL7mAkJvKwpAe1RgcD%2FP1MgHSfUutkzOMiZp274mkh2j2pwUgKIrwbyQ%2BbuSjmtjQRuGpkml%2BC5Br%2FUcMcghSvu%2Bl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74feda9629a51c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/gamebaglogo.png
172.64.137.20200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 172.64.137.20:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWcySzylz7FZn4FGlS%2FHV26y7VYWf7CQon43LugiUO8GCI3eoW7DENOyIBT3eXvhndNSoaB%2Bp1xbdQO6en369p7ph96u3OfYPYj9QyxAfeom%2BQBRQ7n2f%2FrQPziluZTP05F1YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961cd276cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
172.64.137.20200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 172.64.137.20:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2FDmFL3uovm0KepF7MQB3RNxCzxfYU01F8bAzwftaBOHPKdsht8T97iLtGsFesUsSWyCarsNMcxAKF1k9LBO%2FSrVap5rcMhBilz%2Fw28ZgAwtrXbYQWXMBjsbP690yT8kAFaCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961cda76cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (4802)
Hash 18914b05d782cca37716837edf14fa8a
c563d127cf718dd86389fdd007b4c51b6bb58dc3
4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Sep 2022 22:11:05 GMT
age: 5250245
x-served-by: cache-fra19165-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2
play.robuxtip.org/images/validator.min.js
172.64.137.20200 OK 3.6 kB URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 172.64.137.20:0
File type ASCII text, with very long lines (5862)
Hash b0b7128e8de22effe91367fee019f060
deb616f9977b6c8b76683697f868746f4af7ae20
2fcd7bf87d2c0301f161150d788e3c5b11f941fa8d87328642095c0f89da0794
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 165842
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8whBkrgb0vC06xkv8S%2FI2cHF1ahAuAxUsKfWsPYgGT8mFtEDqtX0kD%2BqeWQx0gzaNsrKJnTlNz0SaPJyRVN4LGzOf8VlH3%2B3KftHZIqk2tpuUEgAeEEFOErzgKhEIR96Oeq4CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cf576cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 6e5577f6d5d5f592b59c4a00beaaa2c3
6f441641619ac55ae79d38b21ec9eee0288fec1c
74d3098f6eb279ff7cdbc84fafdd7b6bcafb8b1c1072db50459b399e505c9709
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/pr-r.png
172.64.137.20200 OK 27 kB URL HTTP/2 play.robuxtip.org/images/pr-r.png
IP 172.64.137.20:0
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /images/pr-r.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 27316
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-6ab4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX1BsGjqhELn2LmRHKKG45LnmAnHRtm1jvrKUrk11sV%2FHTyW21r%2FM2kXLLrJl9ks3JxWMb%2F1nna%2BQXeRd5YdeAFYoHBUeW%2BgYF9JU95fik%2BscKcIzQiR5Wsf9m5jiGEh12ntog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda96be1876cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/btn-img.png
172.64.137.20200 OK 2.0 kB URL HTTP/2 play.robuxtip.org/images/btn-img.png
IP 172.64.137.20:0
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b750214f9a0276662f12acbbff0d37ce
65e094e10e2b933ab866a66b5f9b25321b99a0d1
db31dae896b9158c4d1c3f32525e6f63281fe9c671a5dc93236cac960013351b
GET /images/btn-img.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 1977
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-7b9"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656463
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QyMlw1Thr3CFsbsqYfUsQl7tgVDs5c97sNrpxwj%2BPZVlvS3UpEvH%2FA3ksCo7%2Fk7E9YnNNZ9YOr3%2F7QzTWr3avITfCKcdJVMUS8z%2FaO3ZtQcp1XejsH3kASVyMIaD0wWd%2BEIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda96ce2376cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
172.64.137.20200 OK 18 kB URL HTTP/2 play.robuxtip.org/images/main.js
IP 172.64.137.20:0
File type ASCII text, with very long lines (24637)
Hash fe358f2f1eab97894e26b82b67ed05fe
d969c53a7eafc9aac9232a51f73bbba786601d10
42101ef7051214443f39a27db94f4e76b26d38342fe94795b305c3dd5bf0999a
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XAoi7xp%2FFeRbJdF8lR9kTtfUMldaFeRP2laPDV3n9sf78oHQaCrw2I8OGJfBrGQhd%2FYUJ2qxA2BCxJZ645xmrRFTGmTJ6Pmlp9DYfgSxDJAbbnR96ap6DOUKuvbz6m2Osvfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962d0276cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/pr-l.png
172.64.137.20200 OK 16 kB URL HTTP/2 play.robuxtip.org/images/pr-l.png
IP 172.64.137.20:0
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 6073469203244cc95b8fbe0996b8c405
60c3fe75fa9d7e3ae7f42f9a247d103b9841982a
7509fb455029a48272466bce43b17cf8247f769f9a4b9c51a03eba55924e11f3
GET /images/pr-l.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 16083
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-3ed3"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bOTelgfxpwXda9m7RlE%2BW4xTVn%2BLLmCQlgOXkEA3xRPECAUz7U02iDCijANiBdQaERBQcrjtuSiCQHTRkGwt3iCafTkKRkjdidjkyn6bhqI87E16yTKcjZU1fekQfNwMEZDBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda96be1676cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/button-dot.png
172.64.137.20200 OK 672 B URL HTTP/2 play.robuxtip.org/images/button-dot.png
IP 172.64.137.20:0
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
GET /images/button-dot.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 672
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-2a0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF%2FZ1ScgwROrwpaei2YHTl%2FRrndhcyOks9jChCTuAPyPT2IevMoM1AWsFz9N2VMjqI1il%2FJAjAiHu9GojV7Ks2OWvcxYJ1oS4MN7vYSxBQMmQIuojucsuSmcfMNpHD77V%2FyXEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda96ce2076cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
172.64.137.20200 OK 6.7 kB URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 172.64.137.20:0
File type ASCII text, with very long lines (27546)
Hash c03cedc8eb21073cac4a4a928963d7e0
0cbcf8303a99468bfcfda35c0fb37cb5b53ec366
89bbbc2fcbaa4ac646ca7e169b1b175a723a653d488d8568d79cecefc173f883
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FNg6I1qIOaRTkE8mP9IAWL0NJgKD7E9yaQK89i1k2GPAduKVwKEdYyVnbe%2BfxSIruo%2FhmYpsx3XEPfehxwkvI8Ne9xbv5EQCKMsWKpguRECTNqFl0ccMs8yjCmWavn8TUrFew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda95fcb476cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/com.js
172.64.137.20200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/com.js
IP 172.64.137.20:0
File type C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Hash b5772169e8bdee1023ead599d7de95bc
7f8ee6e821be83f5d982fed48935595accb37a70
95db3e0250249796e8a3d2b0f20af265c87c6d407d855ca96cb5666dc023b5d0
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BSDZOw5Xdpie7HSmnp%2Bh5CrbZTyAddkRO92K9WWWw0anfq%2BhVLhoVH9usBWcZcKZwHZL1QqAIJHmaDH%2BpCHLf1mpFVtlZckZ6w%2BSu8jv1wy7KD%2FiqUpJQX1zD%2BK0gpxHUFgzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cf776cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:07:48 GMT
expires: Thu, 21 Sep 2023 07:07:48 GMT
cache-control: public, max-age=31536000
age: 313397
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.robuxtip.org/images/custom-css.css
172.64.137.20200 OK 19 kB URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 172.64.137.20:0
File type ASCII text, with very long lines (1606), with no line terminators
Hash 93afc464f009cc8bd4cb21e17780d120
f117bd1c643f94be97e8a8bdecb4bfd7f80cbbc6
faa64ffeb81cd7f58e94094b5b5a279056ad7af874a43c09ba132ff24e52dfb4
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEgKzoMqvwghrwFjEWp%2F8K1ciWbtNPe0bxNRjTgyOAiOv474k73vM0IZw6Yfm43F7HnO0dXB2GHYMjidoP7xdpu6LrH%2Bq5GxyRylaPas43%2BJP5Ypv12I1Yw8LUAlGahTKt1erQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961ccf76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.10.207200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 23065d71cd7bf559ee33418a33733bb0
cdn-cache: HIT
cf-cache-status: HIT
age: 654857
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74feda975eafb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sticky.js
172.64.137.20200 OK 848 kB URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 172.64.137.20:0
File type ASCII text, with very long lines (16920)
Size 848 kB (847936 bytes)
Hash e5b414fdc0aa4f98119417174b8717b5
2548a9667697f804f90efeb9b65ccb9e406bf565
ab72fffbc5050479649369d440cc0e09b8a5f65b598b1d175121ae4125462661
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXa0xTb%2BofTA%2BOCf5Dcr1YVyMwh2k2Lg%2BmygEc61gR%2BlQUM3ccK6zkEkFQoQ8RXTNQNx2ydYxOIL7xEFc2FsdfV5GHEa2BuKW3SNagV%2FkhlOwbcF1brLwszQIlX45otUZdqpBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962d0176cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:43:27 GMT
expires: Thu, 21 Sep 2023 11:43:27 GMT
cache-control: public, max-age=31536000
age: 296858
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 14c4f50e0f41f858e858b124dcc866ec
1ad2814c77a84887c0f1547a775737e3e6c83f01
fa075971e9f184bf8d79929bbd7e981414d78f12ea06e3246ea4adfa2fbf4eeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3943
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:05 GMT
Last-Modified: Sat, 24 Sep 2022 21:05:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 22:11:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d60144b96f72539719011cc71dcaa7c2
02a0962fe84b3466d77542f7b1b42a9efcc84479
814e75d1f248cd7bdc505fabec42b103880ed89329940be06d039b84d1f1b95f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Sat, 24 Sep 2022 23:07:27 GMT
Date: Sat, 24 Sep 2022 22:11:05 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:06:43 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 84247971
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664057464429&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=howtogettonsofrobuxforfree.blogspot.com|howtogettonsofrobuxforfree.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fhowtogettonsofrobuxforfree.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:199025049&@b3:1664057464&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ&@w
192.99.8.34200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664057464429&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=howtogettonsofrobuxforfree.blogspot.com|howtogettonsofrobuxforfree.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fhowtogettonsofrobuxforfree.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:199025049&@b3:1664057464&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ&@w
IP 192.99.8.34:0
File type ASCII text, with no line terminators
Hash ea5242e3b3861e733b3814b9aeafb237
e1a07912e5ed12514b9ad77bff6a1a967055524c
c355be5b606bca5f0575355cd992d414e1c6af1f63cfa23f1c196bd7228e3cf2
GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664057464429&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=howtogettonsofrobuxforfree.blogspot.com|howtogettonsofrobuxforfree.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fhowtogettonsofrobuxforfree.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:199025049&@b3:1664057464&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 22:11:06 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13838
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 22:11:06 GMT
Connection: keep-alive
play.robuxtip.org/images/magnific-popup.css
172.64.137.20200 OK 2.2 kB URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 172.64.137.20:0
File type ASCII text, with very long lines (6066), with no line terminators
Hash ec8c3286c41bda675bf29ab0103e796e
51b7d285c71a64ccaf9e6eb66ebc86be34e2670e
b62fc958854d26d29faa3147e2ca8a413f5486cf08fab460b98e9890fef0ad60
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMdQTnGVuLS76t%2FelMLcgYnQfhEyA2ogWK33p0vMBKLQmZsdqwdAuWFjLJ8wd96epRavXVygt416o3RhTxVlehEkMoM2ykQA63qldQS2mSxVVvx7BiMbE6TqovYGrr53gZUXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda960cbe76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.js
172.64.137.20200 OK 7.2 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 172.64.137.20:0
File type ASCII text, with very long lines (20305), with no line terminators
Hash 8cfab27b4cdfaf07c05dc555b80da603
959910992bb55db488b032f25078cebb8ef68f7a
c6b2486586fe7e3662a703933bfce4e42e444d12ea172511e59a47c9dc615731
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMyK3JzvcTp2Hum3GfpLdV2luIcsbycdj8PHVkjR7DlFbnZQZ3OEcECesvsMQV7e%2BdxvSkg3SQh2StzvMj0%2FL6xBF99fC54Dcryhgk%2B8MyQxjzAAJPagbEibf4%2FNEuVAuXyMIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cf476cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13838
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 22:11:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 2027
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
172.64.137.20200 OK 9.2 kB URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 172.64.137.20:0
File type ASCII text, with very long lines (701), with no line terminators
Hash 96cb0499f6d7d60c6cffb534a03768e6
0971da341469cc846acfcf4c51e73267b5e74280
9546571cbd00780034a121cd92fd1d6516ec4a61af195f084f1a8aa58cc61179
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID%2B6pNBqcSsSyohLY9ZnRUcGZmpoHuoqeFj0FMc9orPsn9Hmq%2BW9chZsAHTrcpMfPuk4WYh%2Bp4ixAJwLhcIT4Z5a%2BJL7KeiTz93%2BLjZ1KuNTQzsi%2FU%2BwtKbin5tmtZAQgKfhJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda95fcb276cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328516d7184ca4b4f6e50bf895b9bce0
752c2278004a98fcfacf4c3f16470d610ffd2daa
8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6671
x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EAHQ2oAMFaqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa"
content-type: image/jpeg
age: 2041
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 2040
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a0d2b8beddf9f866a2bfe96ac21c2e
dfe5c93dc1637162a0b6ac174dcd7107af80763a
0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12552
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YlYTrHz0oAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 2041
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a9f4d93ea4a06628bc31a00a9c4e692
27f05479fd4fbe68993748fdb043850807ddebdd
31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11435
x-amzn-requestid: e1288aca-0375-4ce8-9daa-81afe23c9c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_ETHE6oAMFqGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-01a836ab57a326356f838bfc;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X8xpMQCKuQGx46BrQ_851U0HhXIALy0k22WRO-zp8TuFhK0KaHItBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "27f05479fd4fbe68993748fdb043850807ddebdd"
content-type: image/jpeg
age: 2040
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b156552f4d76fd964b279ebcf8cd1f8e
6a02487368bbe41b87feeef1f70f7320392d72a3
ceddf1a515c64d0071a4d90c26de60a27ee2bf2af341bf1572fb05743d2cc644
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5293
x-amzn-requestid: a35423bc-9112-48da-85e0-93ac41794d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PkGehoAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-450fad077885fae416572443;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IAon_ZYxu87A9OB775Q1unI4sdLHdE-Ij9QNYaB2mqftP0IoAsgnvQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:22 GMT
age: 1911
etag: "6a02487368bbe41b87feeef1f70f7320392d72a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/scripts.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK0yIgLJsmzldFEvImWnkFoG8ZWWM%2By1%2FEmpDGtihTJr5pPxm%2Ftvconfy8cKEE%2BM54W2YykWoOQSDHd9CAxiPe5JsHZErfjJnN3a9hFeLsuVEOmDOYXCztRtQaBpmNU7QURS8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962d0476cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/animate.css
IP 172.64.137.20:0
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PP2ygDyMvOczbFkEfj1xMrJU2rtXbCZ4HFXfMYbk6bu7Ily5tkNxSsVWVTD%2BwVo0jkPHHUjLEnR1vWvHJ5wcFbc3Np6%2BwElAf0RpIlFe0l4E8xCQ9uHawbkZbXAUgGKjr1kl3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda95fcb776cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 63058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2sy1D1VevRP0%2B5HqawboNQUhBws6VXcOwzTmKkZw80UNNmpWrespjdsKIJg2iB7XOZsb7DueIwxV7UHV%2BIS8jJpUEi1xwI3eSEF37bivL%2Bnih9%2Bq5yjGub6ehE%2FYH9i2UCrIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda955bcd76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mtevor.com/cluster-v2/roblox-crn.js
172.96.187.226200 OK 0 B URL HTTP/2 mtevor.com/cluster-v2/roblox-crn.js
IP 172.96.187.226:0
GET /cluster-v2/roblox-crn.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 22:11:04 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/header.png
IP 172.64.137.20:0
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 656464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQCHQgnrndS2lW%2FrKrK8qTZZ2ncQbMePs3tBmTdLh5v87hs4OQ%2BPx8woPQkZ7fGnF%2BUHUz8wlyqV01AdPjxL36AUw%2FzzJJiylWi3CTQ%2FeUyfTsCfu2AglE%2FqoIh6ZPtpyT05VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961cd476cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.countto.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0m2BI2nVygsDDARbzHQYVe%2F4hEoCO88UBdJy19d3E5nshiSQOg%2Br0aem4ZoibOkyv5F7ZBEnZY6IupuSfOrTvcQ0lRfpfZXMEqIKMYQL6kiBLnWoYP8NUHDfIPMXhY7%2Fo6vBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cf276cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mejoress.com/en/wp-content/uploads/Saber-Simulator-Codes.jpg
172.67.69.250403 Forbidden 0 B URL HTTP/2 www.mejoress.com/en/wp-content/uploads/Saber-Simulator-Codes.jpg
IP 172.67.69.250:0
GET /en/wp-content/uploads/Saber-Simulator-Codes.jpg HTTP/1.1
Host: www.mejoress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogettonsofrobuxforfree.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 24 Sep 2022 22:11:04 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxV4BoYpSN%2BMlkWpdsmLIVgmmsKPadsGgCyR2lBg%2BPQrsM4FMYRjWwSpQc2shzkErlNvI4yrW4YhV6afKsSyjeQknoi0eayIGmYmVrq2TDGh%2Fg44OktQgegOHBXP4EZ8Sp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74feda93ef02b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bAsb1K7gHJxvKPQHgt20bQVY2Xep0L2CF6da3pGWkZ4tiBd1LCb9nAueq%2FzX8E9HUl67GPczecLN%2FNseNO1U5KjL9fZNYYphbHnN%2Bv4jVAPli5Eyk0ZlYZxy2cHGE7f9RhVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961ce976cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.css
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 172.64.137.20:0
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 438506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKJWYuXN6abMZgPcAwctTRr9EaUhlvv5lsk9nE3Siq1lifySm%2FZTovrJVXD1yCNlgMWzmRGm8KvhwRE8J%2B23Ad60bgS5VWoL4tEyy61NoU4GVFukrPUjrCHSFxAdZN3Ozg3piw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda960cb976cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/style.css
IP 172.64.137.20:0
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK3jY3lQj9gRgurafK0ukR17DFEybuthzEzVhtAdIJi7vI6otgz36E8on9GqkuoPswt7a6z7pTNblEChYMp8ksuJ3JQqKgLEot%2FCv3L1Cb6DUPz1lZK8rD8quujP8PPO%2Fn%2FJrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda960cc776cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgbs9D8DO49tb2l8Ad9s7LcguXPJ1YVU8dOLAFBY%2FvsbR3y0aqSBtSBGRpsjOZHEbv%2FAG%2B5fASrdngdOtfptx4FYycBxB9BjNtGUgx0DKCkrYvbDu6wyBl0cdNpNVCQ%2FnYRGnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961cdd76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.magnific-popup.min.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fp%2Fqgygkf3pc%2FotLlJO%2B9vN37UdvpPm%2B6ffayw71wwX86g2mriuMKZgMKEQcSk3%2Fo0xIiTOmavWirAFQhByykKnvudPdSkzZPai5%2Fin1%2B8k2sS%2Fstw1IjZPWcQeYNPZK9Ni9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cfc76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.css
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 172.64.137.20:0
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dadMzygfKzNo2xQekFjeQBQjNjIwwXE31q9w6NmLADfNFNteAa%2BuaJBdl%2FZHGureTz4jUweFNY5iHrIHhjavbWqSmVmBrQHtVC88pKbpAuB6BxT%2FYFpsY2kgVFw3ddSlS7BFIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda960cc676cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkAdPcqReM%2BTN6e1yXr2TcxN3Mgbs6JDV%2BoJcwen8Ed1ANs%2BSYxehFGC8gRG2HPZ67as%2B2syCSwABRtKQArvJFm73NyXzevB4TMz%2Fc395sqYxNJw2cPV8X4bfBSSuAFhr9EfIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda961cdb76cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/form-scripts.js
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 172.64.137.20:0
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660609
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ovhlZnKTFY287ZyCjSEjUmBgzCEsjh3Opb6Vbd2VAlUCM1rR%2FMeJDHTcAm%2F%2FicBwu7Qj1pDkrTp%2BokHgUNXnfPWGELzXIq214DRUkxnGZTLa4eRklo9wV5iEIURmYREgl1Odw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda962cf876cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/bootstrap.min.css
172.64.137.20200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 172.64.137.20:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiaG93dG9nZXR0b25zb2Zyb2J1eGZvcmZyZWUuYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1jcm4uanMiXQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 22:11:05 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 660610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzKNMzNks24vVtREhnVh7WWDTLiF1Z0p5iNVIwIvtkECutbhyUNVO0Sku4PBM41VbeiUNfbhuJV4%2FD83QTpE%2BMa3x6ZwfDKqc4haGoeYYIpCOWEJshFGE8%2B0Uu5mLKdA6aO8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74feda95fcb676cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2