firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 15:31:00 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _kcRwV2qfMXt1toz3ztCX4B5oMsEfvEBQMvQzRp6ChlKmOGli_1jBw==
Age: 3512
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2806
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 16:29:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qPXfpnYPA9SIBP8CEE7A2uk22gQyZf1hNPibMBANY6A3ggUYIb9cvQ==
age: 25519
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 16:29:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
howtodownloadrobloxrobuxhackdownload.blogspot.cz/
142.250.74.161302 Moved Temporarily 191 B URL HTTP/1.1 howtodownloadrobloxrobuxhackdownload.blogspot.cz/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1cea2bb77773df53da4618da8f76bf33
890ba3311f5a4f831befc33d6d90f8065fbbe497
949031b610fa73b27221d59a3274f037de16ce1d42e04ce741e5ba2095bb3413
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtodownloadrobloxrobuxhackdownload.blogspot.cz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 27 Sep 2022 16:29:33 GMT
Expires: Tue, 27 Sep 2022 16:29:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 191
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 16:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 16:47:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z7yRogN25agI6s1Bqzoq3uhxG3Q9S_eY1Xe88jggckBGmliokFWeKA==
Age: 1127
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6430
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:33 GMT
Last-Modified: Tue, 27 Sep 2022 14:42:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JgFLpVGcy86dI2gPAhmpLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lcIefX/yTMN1w+Q+O68nHExazK8=
howtodownloadrobloxrobuxhackdownload.blogspot.com/
142.250.74.161301 Moved Permanently 192 B URL HTTP/1.1 howtodownloadrobloxrobuxhackdownload.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46b93b032f9433bcc3073ca814b7434c
9748998ec098668a790ac3602ee0d9e61f070753
beaa5837f39d749c6a01c40901cd8ea90f456bfaee051c619f7b76ed7ccb202d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtodownloadrobloxrobuxhackdownload.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 27 Sep 2022 16:29:33 GMT
Expires: Tue, 27 Sep 2022 16:29:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 192
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
howtodownloadrobloxrobuxhackdownload.blogspot.com/
142.250.74.161200 OK 57 kB URL HTTP/2 howtodownloadrobloxrobuxhackdownload.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32023)
Hash d5e57ed40f5928be1a66ff65f7c83b2a
862c655fe0a8cc82ca494870da687fa147a25e04
6ada95920462ad6a0cbb431e22a162fc56fb1de3c55222c5c15993665203e1d7
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtodownloadrobloxrobuxhackdownload.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 27 Sep 2022 16:29:34 GMT
date: Tue, 27 Sep 2022 16:29:34 GMT
cache-control: private, max-age=0
last-modified: Tue, 27 Sep 2022 13:56:19 GMT
etag: W/"d3a326d17cc2fd752f7ee27c5c8faeca39874d73134f2a456160ad9e8bb2537a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 56959
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2ziowiVktJkQ3Yvqve56JfetaCHT0gE7e92gQ19i3FzauWbIo8ayJax71lhIRNaJ6wsm3SRoyKEvE5HikkKVrLBo6AxLJtdLQKIGakruKE3AE
142.250.74.33200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2ziowiVktJkQ3Yvqve56JfetaCHT0gE7e92gQ19i3FzauWbIo8ayJax71lhIRNaJ6wsm3SRoyKEvE5HikkKVrLBo6AxLJtdLQKIGakruKE3AE
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 459e1e7d2c75ca6131289a5fef904116
bf5994c726202fe44d430686fb2b9a9cc7084ab0
ef47e8a4962f15149654b6a84cdf8f715bdb7377ef6c3ac94c8c7e51d8a524a7
GET /blogger_img_proxy/ANbyha2ziowiVktJkQ3Yvqve56JfetaCHT0gE7e92gQ19i3FzauWbIo8ayJax71lhIRNaJ6wsm3SRoyKEvE5HikkKVrLBo6AxLJtdLQKIGakruKE3AE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 16:29:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 16:29:34 GMT
server: fife
content-length: 3210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha21KmqNeLZnKtSL28rLRrCEpRLSgM8X4o0kFek9RoS4qv1kHhipZAPC2jXr0i4oudVibM14G3My1GKBf1UaIVMxDoDMAsb2zFD1q-S_GOsxgmc
142.250.74.33200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha21KmqNeLZnKtSL28rLRrCEpRLSgM8X4o0kFek9RoS4qv1kHhipZAPC2jXr0i4oudVibM14G3My1GKBf1UaIVMxDoDMAsb2zFD1q-S_GOsxgmc
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash b2c18623fa09fc04d19b7e9cb99736e4
5930137533ab0bc70b8e195ec3dda914281c36a1
5ab9656822d4ef930b06ed3a2e970722869a52da266a4c3794ab7a2889e0a0d0
GET /blogger_img_proxy/ANbyha21KmqNeLZnKtSL28rLRrCEpRLSgM8X4o0kFek9RoS4qv1kHhipZAPC2jXr0i4oudVibM14G3My1GKBf1UaIVMxDoDMAsb2zFD1q-S_GOsxgmc HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 16:29:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 16:29:34 GMT
server: fife
content-length: 4500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha19MgSSV3mamb86nWUSPwjzTBUfwXOOuFJf98h5RvLkqoTXtObNGN1-g8bZ9TUmKBZz5LM8cRHYnNpsW9bjWcY4PDDTjoXAG11c_Ea-kHEw7A
142.250.74.33200 OK 5.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha19MgSSV3mamb86nWUSPwjzTBUfwXOOuFJf98h5RvLkqoTXtObNGN1-g8bZ9TUmKBZz5LM8cRHYnNpsW9bjWcY4PDDTjoXAG11c_Ea-kHEw7A
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 724fdda57290f53b14a43c065f6ae925
5fac0d920bd7c399e1e6b32d806a5fcd1f7c33b6
e7cb608b4810252fa0971e9f822c959b79ac37214b68e680692f1e5ffabe702c
GET /blogger_img_proxy/ANbyha19MgSSV3mamb86nWUSPwjzTBUfwXOOuFJf98h5RvLkqoTXtObNGN1-g8bZ9TUmKBZz5LM8cRHYnNpsW9bjWcY4PDDTjoXAG11c_Ea-kHEw7A HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 16:29:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 16:29:34 GMT
server: fife
content-length: 5337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1IwG2dPEwXdw5_17faWUXpieODNJv5njXfALyyoRIceZhSwbYYEgInbHVKMRc6wLkZ9dID-RdzuscQwI3QQvGWA1laQk3Op5ecxPbLsbBzQN8
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1IwG2dPEwXdw5_17faWUXpieODNJv5njXfALyyoRIceZhSwbYYEgInbHVKMRc6wLkZ9dID-RdzuscQwI3QQvGWA1laQk3Op5ecxPbLsbBzQN8
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 0e9dfb35c949957bfcd824442a6a5e82
c256591e68460b57d42e86d7c93ddcba2558a762
1d80587584892d2447a21e626e73aa3a931ad857faa0489c02c4ca73fea88892
GET /blogger_img_proxy/ANbyha1IwG2dPEwXdw5_17faWUXpieODNJv5njXfALyyoRIceZhSwbYYEgInbHVKMRc6wLkZ9dID-RdzuscQwI3QQvGWA1laQk3Op5ecxPbLsbBzQN8 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 16:29:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 16:29:34 GMT
server: fife
content-length: 4817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2-ApgoanXFpXDKLbGCxDo4z_TYbfeIZYuCjVJi_TNUiPG3ocH92HXbdC4fXfuYgNMistru9140sCkXfhpVUDs5910ynoJYCOU_g1nZ--JCK0w
142.250.74.33404 Not Found 1.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2-ApgoanXFpXDKLbGCxDo4z_TYbfeIZYuCjVJi_TNUiPG3ocH92HXbdC4fXfuYgNMistru9140sCkXfhpVUDs5910ynoJYCOU_g1nZ--JCK0w
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 9fe85dcb3fe48e26d43227a130d47e6a
918db738002dda86a37aca5f2bece573f89d8084
57eb79ec23f95554cfee51062e26a0e62c8b095b030bf7aa4068894370e1052e
GET /blogger_img_proxy/ANbyha2-ApgoanXFpXDKLbGCxDo4z_TYbfeIZYuCjVJi_TNUiPG3ocH92HXbdC4fXfuYgNMistru9140sCkXfhpVUDs5910ynoJYCOU_g1nZ--JCK0w HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 16:29:34 GMT
server: fife
content-length: 1187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/4150139458-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 174784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 16:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 16:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 16:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 16:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 16:29:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 67216
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 67607
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 55419
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 67054
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 54222
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 65145
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:34 GMT
Last-Modified: Tue, 27 Sep 2022 15:14:24 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 215c140e936353d4a9740064e5b5b0b3
8f7c64a61f3c60d5e9d860d29f92d9baef884b90
3e2b36e59d0d482140c3330b8aac8631cba24965d65e45f762946660b31d660a
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/gamebaglogo.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHosH7%2F92Vftc7%2BJ%2BnsJlhKH8F8OYzkLcj817Gk9jQGE6YkYJPMJ4%2FkEDIZIUk7knJC%2F5BBRjY%2FrxpRRHtOaArIw1b9S1UQFRUmrnmnBPu25KuvTkwjXYIq1pRSGgl%2FkbHWTYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8c8b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
104.21.78.103200 OK 131 kB URL HTTP/2 play.robuxtip.org/images/header.png
IP 104.21.78.103:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5jlcuKZ9iI%2Ba8ylLlZbeXEQXMtgywvQ%2Ftb6fWX3vPK7n6qalmt3Bt%2F3mhitrVyxX1RB%2F%2FAaCowaeoOdqxvwNjbXld4SmqHr5xNZ5IUqgo9bHh%2Fjam6WI8h92ux2Lcv%2B0swBbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8cab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dyczzwu7TuoFPUrIRIb5K54H5%2F2PZti%2FO8Q9kE8wm5xc9UPkLcjrnx1sLkKUt1MGfSzzSYWUwDJQuy4iZPXGbEQXgaSMY8VdXtcjvyU7EkO4RnnIN4Z9HEU1mhnzBagcWSadDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808e3b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.24.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9737545
expires: Sun, 17 Sep 2023 16:29:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umDjwIgECM1glyo5HJGacEaRyxoPeaSwUA%2BbSdXPOoI3KZmSwtWYEO9sXi3LEFqGbFKb2Ghlq7JqdTC%2Brtu6ucNGjLeGCAfe68zlYAmJtmWZkdeYebF1q6OhpffgwHXB%2Fb1AQ8Zk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75159e782d55b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (4802)
Hash 18914b05d782cca37716837edf14fa8a
c563d127cf718dd86389fdd007b4c51b6bb58dc3
4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 16:29:35 GMT
age: 5488955
x-served-by: cache-fra19165-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2
play.robuxtip.org/images/main-bg.jpg
104.21.78.103200 OK 838 kB URL HTTP/2 play.robuxtip.org/images/main-bg.jpg
IP 104.21.78.103:0
File type JPEG image data, baseline, precision 8, 2560x1440, components 3\012- data
Size 838 kB (838330 bytes)
Hash ba5d619ee57cf5acc6ebee951a24e01a
a0627942a4e280318a098576257027078cbc40fc
ff5ca3b41fff989a535f80c1119cca50d67fa99c759545a3fc484cc8124cf836
GET /images/main-bg.jpg HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/jpeg
content-length: 838330
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-ccaba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ7VbgDKlMpT3RGxyPkuEqItCOXr%2BpXH%2BIc99p7u7j8xGjs%2FO1k6SF7UgC8D8rR2fhmGU8cIKUe14SCXyK1RZQVLGmqnpralH55tlvRe%2BbV3xrhf33yVMIumsQusUJyevwX5tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7889d1b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 215c140e936353d4a9740064e5b5b0b3
8f7c64a61f3c60d5e9d860d29f92d9baef884b90
3e2b36e59d0d482140c3330b8aac8631cba24965d65e45f762946660b31d660a
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/scripts.js
104.21.78.103200 OK 1.6 kB URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 104.21.78.103:0
File type ASCII text, with no line terminators
Hash 992d5623463368100fc6838b7419f299
62895b10c3df128b496eaa04a34da38846218aae
e29f9b83340cdf006ecfd2c13732693b7d12ee2fa1ac2b59400eab94c1812dd2
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 407167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQLv1PZdPOKmK6GrLz3PsBKRXjvmPTl2Jai35GrlUNLN4e%2ByDPHnMDTF58eumd9%2BO8eAaco0egcIfgrWRUCOIbjlM3YSSFnEaX6XmzUSEEmiiaq7LYf%2BzvxGEAJzsXXWqnqSog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e781927b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.js
104.21.78.103200 OK 18 kB URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (1254)
Hash 33f6d94ea6a0b2ec773b94b7d29f0988
11895a5cec2d09057ea94786803a30765c596633
7af820e9ec15e06172cd5a8d8942a63dc564364403959322ed2eb24299d02b68
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrZxZIdfl81G3lXd7W9QugkmYI9PSZ6B9hRQ1Go0MitmWYGbLPvolqdCTuQPzpfBT%2FAEZLoJMHmBi5EQJvQEDOsWCO7XscUHMWRa7ewvcnBLxlK7vFx8q2tHFijKTg5tHlzmkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808e7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/pr-r.png
104.21.78.103200 OK 27 kB URL HTTP/2 play.robuxtip.org/images/pr-r.png
IP 104.21.78.103:0
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /images/pr-r.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/png
content-length: 27316
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-6ab4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X%2F3VIqAKyyYFOyGc8V3Ksj9SzeL4gU82rjiJhMQuHF%2Fj850pkeIWISJtld4z2o5FkJYuKstBoKiS7siBqLYNB0ysg8jyyPo0E2KXYDs6w5nqV6JWqZzx09ptX503R8MDhu7hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e78ca3eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/panel-overlay.png
104.21.78.103200 OK 3.1 kB URL HTTP/2 play.robuxtip.org/images/panel-overlay.png
IP 104.21.78.103:0
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
GET /images/panel-overlay.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: image/png
content-length: 3116
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-c2c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCtkWhKH3dfAZm5y4us2iA38UQK79nmJNd2%2FZjAXyJiUi3fZJYD4yNJbAZ1zDvsm1b7Q%2BJu5zSX%2Fisen%2BGNXQcSWPU9IvgNiCpXJuq2No2IuqVKAjztULY1TA7w%2BLh6gD7Xj4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e78ca3fb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
104.21.78.103200 OK 16 kB URL HTTP/2 play.robuxtip.org/images/main.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (24637)
Hash 2849c849793391fbe9d6f01744517b3c
8826397fd49de6a37867d4cc3967b5db2db4fa4a
8ee0d9fcef62e639c311d3d20901be1a9f8ee8527af15e1ae0f72e9560168682
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Kmcb%2B2lRms4XFhmmJr6TDhCi6dl9Bou%2BSUpPcyAXBDQRSBQJ%2F3bfyPLarjMXeYm5EP2kNmY2NcOZnHoJeoL1DjFhhYtzxOiMQZqB0mcNAYXydmyi5vvJcUsxhO%2BSewpJQKOug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e781921b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sticky.js
104.21.78.103200 OK 12 kB URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (16920)
Hash a092e051fee15f9e7df32d54483b4bc6
91fe43bdcadbf2edad4575049d5bc5e92d53dfef
d86e3f8931f8c1afe8297e589f57baa02238f6efe4173862120488c1af8c7b02
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRi%2FAdTcJCxGv0iHrxXe6kmcNJW3CEZ1fgan0dJGXyvqjGd25V5JecCWCNPSFQ8er3cQwrMvktjt%2BbtXxL3flqUsxGOE8oP5qlC1aYq386V9c0ky3hoaBJcAJJoj3vHoFDwdjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e781918b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Last-Modified: Tue, 27 Sep 2022 15:14:24 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
play.robuxtip.org/images/form-scripts.js
104.21.78.103200 OK 954 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (516)
Hash 44908c5e0087ee9ccd65928acdf6a7dd
b866738ffc8d29224c7dfa2bc7778c1fdda9b6dc
0720638c210f054d02f5fb9768067d71685159c98299c19fdaaa26f66cbaa71b
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in%2BQ%2FZg62RW6KZePDow2JYp3NrFTE8aQR8vRPi%2Bkpcend%2BsxxeTpEJMS3thKd%2BSW6C%2FYtiP9ckpyMIqsc4cTra%2BPb%2Bm6%2BpeViF1FAjOGfSr9t%2FGoG1MuxFf5dp0Ede%2BZ%2B8jAnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808feb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:07:48 GMT
expires: Thu, 21 Sep 2023 07:07:48 GMT
cache-control: public, max-age=31536000
age: 552107
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.magnific-popup.min.js
104.21.78.103200 OK 74 kB URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (21014)
Hash e9e08eb1bd17adcd0ee8a5a07983bd62
7bfcb709745e4213bd3e65dc544dcfcb593aa027
75ce1fe2ed294f88eef39022b42ad3fd644d9508989c9f29501ff3285929951f
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO156t25qv%2B7CW7Dfvsislfp8ndVIX7%2BJda3v5Uk8lJWcFlVqTQi2M8%2B6QesN0UlShY32UC5Vyl6gSDIE6FYIrfEAytgpRBl4ZmDl6QF%2FjQa70LJxxbpB0nTrfjOO2NmDWnIjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e780901b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:58:11 GMT
expires: Thu, 21 Sep 2023 11:58:11 GMT
cache-control: public, max-age=31536000
age: 534684
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.robuxtip.org/images/com.js
104.21.78.103200 OK 22 kB URL HTTP/2 play.robuxtip.org/images/com.js
IP 104.21.78.103:0
File type C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Hash 09f30e70d5301b596ac3fe9926f56d53
5d5359101edc551655af4608dacc20d4d0087466
379210b30b895746faf34f8d557b4f1bbeb986955815a97a249b6d394d847a0c
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agv2%2BSoajcY1XTF5Kz%2F13VOU5cpnx8O%2B1kMSIM2HDEM03%2B1p2dJNkPNq08ejKY1JMypwH0tgtGaiImEftqb4V9%2F287AGOheq6ObTc7RAykBKr3opY7v0Qm%2B9pIGK6DlcV4%2FlAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808fcb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Last-Modified: Tue, 27 Sep 2022 15:14:24 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 16:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 904a8d4d380c2afb0f06401ce4c8491e
6c09e83415a209d302caba25187cae51fb998e9e
10724ff231265f6c0da44eb9ade0a936362252cad64cbcebb1d4414f4985730a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13708
Expires: Tue, 27 Sep 2022 20:18:03 GMT
Date: Tue, 27 Sep 2022 16:29:35 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:21:37 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 490472310
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664296173556&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-abs.js=anisacintia|template=SEO-Elite-Premium.xml|anisacintia=howtodownloadrobloxrobuxhackdownload.blogspot.com|howtodownloadrobloxrobuxhackdownload.blogspot.com=direct|ref=direct|tags=roblox-abs.js&@ohttps%3A%2F%2Fhowtodownloadrobloxrobuxhackdownload.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:94653344&@b3:1664296174&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd&@w
192.99.0.58200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664296173556&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-abs.js=anisacintia|template=SEO-Elite-Premium.xml|anisacintia=howtodownloadrobloxrobuxhackdownload.blogspot.com|howtodownloadrobloxrobuxhackdownload.blogspot.com=direct|ref=direct|tags=roblox-abs.js&@ohttps%3A%2F%2Fhowtodownloadrobloxrobuxhackdownload.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:94653344&@b3:1664296174&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 17d14706b47c61a609fe70e682dc907c
f93deeeec002d78d2a3d9e6a7fde97fdb4b19ad8
9801023533a726c745f99fecaaa608e0f1c85b7e4a562f044108ccc67c692519
GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664296173556&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-abs.js=anisacintia|template=SEO-Elite-Premium.xml|anisacintia=howtodownloadrobloxrobuxhackdownload.blogspot.com|howtodownloadrobloxrobuxhackdownload.blogspot.com=direct|ref=direct|tags=roblox-abs.js&@ohttps%3A%2F%2Fhowtodownloadrobloxrobuxhackdownload.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:94653344&@b3:1664296174&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 16:29:36 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 66385
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mtevor.com/cluster-v2/roblox-abs.js
172.96.187.226200 OK 0 B URL HTTP/2 mtevor.com/cluster-v2/roblox-abs.js
IP 172.96.187.226:0
GET /cluster-v2/roblox-abs.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 16:29:34 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.78.103:0
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBu%2FmDae1UjOyDka%2FpVaa2U2QEZfZEa46LKivzYOToiPhyk1LnR9Bi12CUUOFIP2DLzIdWEqkZUpM3YjgNJY70V%2B3bw4nMPPLDfpDG26bskQP%2FGCg2epV57EQCxxqIHqoAjWWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77e8adb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/custom-css.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 104.21.78.103:0
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmUeWNFfeiaDWeqzCRJ0IloIA88dZ6CzpHSTET2CHwbg7C%2FLCejvy%2B3zp8q9Fyy2Xt9%2FlF44AVgk9jN3llqOaLFweItLAySAKwlT0qPbLO4iJcIriy6ghWJttGorkO%2BcszadOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8c2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtodownloadrobloxrobuxhackdownload.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 173527
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kllpJvFNQAUAn6qhcq1EJ9n%2BRf1vuIrB1vUlSgy4mCE5b2SwlGrUALvADItwhlS7sMGYOawfCQY64Qog4JT1PXoD29pkiJVs%2B6lrUcUMGmeSuFo%2Bpv8gC8bx4MgxPwHXjErtEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e778fefb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/bootstrap.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 104.21.78.103:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tkGiYKwGLV7kkxvlZwkiP%2BwHO9x9tj5G%2FPGhXDJlYwjmQjaCni%2BHPmbVxpf2uxyVZKmxWiX5cQCtMEBgawqbdCeIZE51rjFHjjyA%2Fb15mQ4TAOHFOa3XFgaxSogB2ubqgFIBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77e8b1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 104.21.78.103:0
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0uXx7DAdmIqnaeRhP6ax5cK4bT3JRM7mOXhOgUj2QEIrJgaqG%2FMk%2F%2FNlyJEk03y8eAXr1ReA%2FudyZIyZYnGZ3CnBJPH4KCnp1WNvAsimQw20x%2FIwpXK4NUMFare%2FNZYyczEdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8b7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 104.21.78.103:0
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPqqNfRH7R9E8zbLVM5p%2Bdsbsw%2FKFQ9TblsroV%2FSx0fTTvEoSn0mubync1Z9K8WvOXjJ%2FqBD%2BKr0sSZl8EAO8yooQ%2BWQrxoPpgZm9bTZ3gT0s1vh6QzMLSBcYx3MKdsPZ6%2FDJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77e8afb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/animate.css
IP 104.21.78.103:0
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD6Xa8OO%2FSjaMnN%2BBW%2FKJxhUoXF55xu39fFuVpvE7GaAXQz7XP9jnzSQIiWCwVawQ2OzYEQjksSpJ9UaIrtWXyZQY5n2qPHQ5XJjAUGgtuKej6kwTwN%2BO74BI6VhoNaf%2BuXuIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77e8b3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.countto.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5qGnhHsoasg5UD5qECH7FqYC%2BGLC8OiT1Mf79HejzuTWhz1mr3CYe0UIYh7jBYwJnUPziUAHSsYOJQLkROHMD78xvZuK105y1BP91w%2BAe9JeuiLfFL2C4hVu8LyReLHvnfLCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808e9b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggYwax7hdA3LObxaoM5wo6MVa7VqpT5qd%2BB1dODVbFZDSVDAIwEsKM6UhaVqKer5tp%2F9HlO4szVgfsua%2FsQF%2F%2FPaZBJpPXoUBBde77%2FTWhmdGQPIXCVBlZKOfCoGauGMyZftnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808e5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 104.21.78.103:0
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncbE6yoojPoNml9qX6fpkVu0TBGmH5i6PSDY1GwZABFvP3Y%2BcMCiZmGFwr%2FQgUJUcafpHhhZNwwAVQjFLwOTxcnpnscpbdNVpPw4VJaYoXmfkmx6svkGet6DKOv%2BHp4M24EwUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8b4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/magnific-popup.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 104.21.78.103:0
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXbjslh9Co5Xeyv4gDqcpfZwmLGMvVALflVB6J1kGFE8JoM1HNzcZu7MferuilsOFpN9HQ7H5%2Bli2AO3JC5%2F4r2S33sjuJ97WnybqxVlqt4Tg0VQsB6xN1%2BwuZwcBBVDej%2B1JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8b5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/style.css
IP 104.21.78.103:0
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YBTTx22S9mXyKHGNAtv9J3wRhOH9zYgVcph6bkcZCKEdK%2FVrCpPSAVeAnFZx8w%2BHCYftXFwVTxLl8eG381xBBUvb1pstO8mG0OdDr7vFyKpKeeHm%2FuCf19iDKpAimTqaCqtRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e77f8c1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBJbmwWlN5XUDvNgcE95KCdk%2FVrpUsqisesIrPtGOTOoY3KopbfhzbdylH8X%2F6Pf70toxvqB2EeeacRUwgMv21ktaPtLgPBN3%2FdKudQnOYUgc%2B53LCikzYrwdggSHUBoRaGoHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808ebb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohqDr6pqYE4p7MDZ9NTFX2eFRqnpaiz8cyAwxvd3gf71jM4KcB5IEBmk01UASYq5GqtLMRe3XtVH92zoJ%2FNfBKfDoPGRNFk0uN7aZgzl7bsEmso4Y0gfxCe%2FB4cOKF3A7b2CYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808e6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/validator.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJzLmpzIiwiYW5pc2FjaW50aWEiLCJ0ZW1wbGF0ZSIsIlNFTy1FbGl0ZS1QcmVtaXVtLnhtbCIsImFuaXNhY2ludGlhIiwiaG93dG9kb3dubG9hZHJvYmxveHJvYnV4aGFja2Rvd25sb2FkLmJsb2dzcG90LmNvbSIsImhvd3RvZG93bmxvYWRyb2Jsb3hyb2J1eGhhY2tkb3dubG9hZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWFicy5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 16:29:35 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 893567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J959%2BhfFurSDTyWkWkQpK2Q%2F0tTbQNz5wrpnoGpfq%2BGVIV%2BHhhnkR%2BeQJbPsqRy%2Fj9RVkvobMBip1VXfd51JIwoUWGyddFJO80GlBGLxo7UwyQnCq75wnhX5bAfBpv6B88562w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75159e7808fab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2