Report - robloxstutas.com/

Report Overview

Submitted URL
robloxstutas.com/
IP
45.33.2.79
ASN
#63949 Linode, LLC
Submitted
2022-11-09 04:39:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-10T13:32:17Z	1.5 kB	21 kB	18.244.156.149
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	54 kB	34.120.237.76
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-10T11:12:37Z	885 B	2.3 kB	142.250.74.33
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
js-agent.newrelic.com	378	2018-06-22T06:15:37Z	2023-03-10T05:27:57Z	371 B	15 kB	151.101.86.137
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.187.146.10
bam.nr-data.net	630	2015-02-10T01:06:27Z	2023-03-10T09:26:43Z	626 B	401 B	162.247.241.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.35
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.4 kB	93.184.220.29
robloxstutas.com	unknown			1.1 kB	14 kB	198.58.118.167
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-10T06:40:47Z	476 B	845 B	172.217.21.162
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	1.0 kB	2.7 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www1.robloxstutas.com	unknown			5.6 kB	15 kB	75.2.73.197
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	2.5 kB	112 kB	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-09	medium	robloxstutas.com/	Malware
2022-11-09	medium	robloxstutas.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbuW2kuA6OC5EQdycFVuxm3ug9YdUIJ_DgAHUqDRspjaSkX5ml2HVBpqYqQ5JabDUsfRDeXiFQttaMqvnZODnMOcWAFmXxdVt29X_ldL5d9v3RRcaJPN7j-MMHDdl1vvv0A7zeGjI2ng:1oscs2:vEP1rMtTfE4XjJlrlh7Plairlpw/1/	Malware
2022-11-09	medium	d38psrni17bvxu.cloudfront.net/scripts/js3caf.js	Malware
2022-11-09	medium	www1.robloxstutas.com/ls.php	Malware
2022-11-09	medium	d38psrni17bvxu.cloudfront.net/scripts/js3caf.js	Malware
2022-11-09	medium	www1.robloxstutas.com/ls.php	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	partner.googleadservices.com/gampad/cookie.js?domain=www1.robloxstutas.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie	193 B	2023-03-11	2023-03-11
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www1.robloxstutas.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash 7cfd0f859245e3ee81ba1ccab9633dbb d6b2b45959f38848293a3bbbdd2c12b7af24cbd9 093820cfd9c04defbecfa5a5a64b86198fa0e6ab0c0001bc136cf6a33fc1890e Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	103 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 23:32:26 Times Seen1 Hash eff198359d7830815fe4e33472820d4c d0675c7fc2fa176b9b912473f6f94a56d5e02821 a1ed7e13b07622a1293006c15579645d48e9c0cc0704dfc837a19d4c88461dda Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	3.1 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash d476c8c316e0fdd3d962976ec9412090 9d8735669be5d1638d5154a56f944bcd3b5b30a9 66d8bd4d41572624a1552fb983ef63e935cb5e995fcec6870db00dd0c0838576 Loading...

	robloxstutas.com/	3.7 kB	2023-03-11	2023-03-11
Pretty URL robloxstutas.com/ IP 198.58.118.167 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash ec3de4f7b11fbe38a037b8613d9b78c2 99618a14416224b4bb1bb98e769c03b9e8064dd1 b6fdf2267d783af8a03fb7e8c02eb32866e57a6fa5206e95f0572d3b216e948e Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 01:03:07 Times Seen36969168 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	242 B	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash b708473f39cfe260314dab1ec7c0a8a6 fecba8d70a75057cf42847375365473e001efaee 9230ea8bfe8edfcf84624709518abef33bb58ff1d295f3d2d9f3859d007f6c10 Loading...

	d38psrni17bvxu.cloudfront.net/scripts/js3caf.js	7.0 kB	2023-03-07	2023-03-17
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/js3caf.js IP 18.244.156.149 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-03-17 12:55:53 Times Seen1 Hash cce7f943ec8e7b4ba13be4aba6b463d9 220f3e8ca723daa91fd040cf518991a65f2bf110 ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44 Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4%7Cs&nocache=4741667968765246&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968765248&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Frobloxstutas.com%2F&adbw=master-1%3A530	6.9 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4%7Cs&nocache=4741667968765246&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968765248&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Frobloxstutas.com%2F&adbw=master-1%3A530 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash 8842a1d84e37bde2f590d54e96f41a33 7606f27c1d824a873997318f6162cd4a416fd8f7 40cf77853d675bce1fce610136e4baee0b72852393e347da57214197bf6d45bc Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	40 B	2023-03-08	2023-05-23
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:24:08 Last Seen2023-05-23 17:14:04 Times Seen4695 Hash bbf1d9896eb3544c767d965a657e142c 5df55c7669b87f414501ffc91de02e4756141a83 f73cb6aef53ef853b780335ddf7d4cb319edcf02c8c050f270639a91226a09bc Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	18 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:04:20 Last Seen2023-03-17 12:55:35 Times Seen1 Hash a4becae3bf036c255c5022f2645a9930 1d3cccab55ab95b98bf5d5cdd2d05261456386b2 79776de436621ce3e4c84a6f0cb35d4b9e0f2b9035ff52c3b2c64593fe873ac6 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	387 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-03-17 23:32:26 Times Seen1 Hash 3e73c65a22bdd2d72118af9b51b80b40 f0c600cc278c9111e0164d3d6e20966a4bc8823f 3d7df9ca4013d27166a7de884bad461d25a47400a19b542f62258b2989c9e552 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	386 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:44:55 Last Seen2023-03-17 23:32:26 Times Seen1 Hash e0f461f5e786de00532cae23265f8fa7 00aeec0405f209f8e537dfce729fb7970d332c70 6cf19b1406d2f42b163e5a58b451e5e5f1c31f46e9bd30edd8a1b7ee643f987b Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	523 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-03-17 12:55:53 Times Seen1 Hash 6dab32fd232194a2f271892f2e40ddcd 76af792c7ee2fb00ce569360e9765cc2e504a8ae 9477d438ccb69cf6d0002b99e1db174f3d495798db0deb80ec64549216178c42 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	1.0 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash 3a8a64c752484d437a2821b48deaa1ab 38b119608bdbef13e6436082d6f256d20318dba1 63fe150b5c774f39a0f8ace5e606866047150f8abf2f183de5b9e0eb0854c183 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	166 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:44:55 Last Seen2023-03-17 23:32:26 Times Seen1 Hash 989c3090bdce93db83506dbbea3d636a 518f92aa83893b6c59e328112707e0023ac1fd0c d94b5f67f2517418f079ed4de6e5f09d6f64863f89648684aff4daa4edeb0ac5 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	1.6 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash a1a980b6e3c40bd18747a557e9df3375 48170f1765d3da69b29ebffcc1c8f4cd58f28024 b2ffed083567fdcbab385cda57ae78b84dd7238809ceb4757811c4bc4ccf9be7 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	71 B	2023-03-08	2024-01-04
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:15:50 Last Seen2023-03-11 12:28:08 Times Seen1 Hash 017da3f91288508ededfbcc75c27cd16 e02eb03d07dcef41c45e9edb0454c26a4dd558a9 e39c2d633dd8ee27d14fa526bf2ff6571f16cbcf6409afc78a83cfc902106f1c Loading...

	www.google.com/adsense/domains/caf.js	147 kB	2023-03-10	2023-03-11
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:10:49 Last Seen2023-03-11 09:56:01 Times Seen1 Hash ba96658d06c46c9c58b454aab5390767 b761ac4687847a8c6af84b9be55ba26c9651e1af 0373b67556c12243b63ecff30f1c9e83ef75097952549e493d7bb8d81eb8838e Loading...

	robloxstutas.com/	303 B	2023-03-07	2023-03-17
Pretty URL robloxstutas.com/ IP 198.58.118.167 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:48 Last Seen2023-03-17 12:42:13 Times Seen1 Hash 725aa61d8160dd541afd936a6061aec2 c2c458de965da6c4075f0f64a55ecc4f88b53c5b 68ff867caa47cf624f5a588eac1a5fb69e297b6c830977d724e3d629d1c80efc Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	1.6 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash 7eb70b653612b5d700f31b2a073eee9a 0d3f66483917743d469e1f81413faaf69a19390f 0548ee2aaefa284b416df08efe8fd3b6049e2beecbf5b06a04eb85c6d2602e4e Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	968 B	2023-03-08	2024-04-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:23 Last Seen2024-04-11 06:35:59 Times Seen328 Hash 24452b83930060f1289852c18b9caba2 71cb3af2a5ad788c24aa97b886ea1fd0287b6e16 1c1eba3972708895d659c4582bfa642d69c9e642a9af8c0a4f5347bc59d1b30d Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	242 B	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash ef85bea724f88ae7f69543450008a4ac 618565a4838f447d8839a8700e79e424ef9533af d7618804b87a9715c4be2d742203919ce026023d4f0dda2121843a96c5324299 Loading...

	robloxstutas.com/	26 kB	2023-03-07	2023-03-17
Pretty URL robloxstutas.com/ IP 198.58.118.167 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:48 Last Seen2023-03-17 12:43:59 Times Seen1 Hash e8daca4023c9499c7967ead2d29b047e 5582aac75407067e69e252a127b21e800b69b48e 8ca2e6a1c74cadec4f2f5c3349dc7aab55ffb9cc76cfa5225fcc64fa1027a771 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	1.0 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash c0ed37471e4ac8d860ac0eb4a21f2a2e 687eaf201ab26e905dd5e8fb36673f3a21476aac 7a29123ea7125783a3da38d31400a45c36d9130e6cd896aa9fc0cf12ce831154 Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	3.1 kB	2023-03-11	2023-03-11
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash 6d512639250c7c61bfcef55683c2f9fe 94732f8c83220ebfd971f0f041798938b818f0f0 3bda3c5e53e62b352363038782b50c1be6ea17eb18fe82cbf85bb9c0e06d51f9 Loading...

	www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&sct=ID%3D0e928903fb9aef24%3AT%3D1667968768%3AS%3DALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A&sc_status=6&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=6541667968766702&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968766702&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530	7.0 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&sct=ID%3D0e928903fb9aef24%3AT%3D1667968768%3AS%3DALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A&sc_status=6&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r4%7Cs&nocache=6541667968766702&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968766702&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:22:50 Last Seen2023-03-11 09:22:50 Times Seen1 Hash f8dec5a127da363a99d584260ab1cee5 714abc0f24f3ea32b48ebc2bf96ffd2de656a24a eb593f6fe9adcafec0bbb4865bb6ee4e13eee15d252c445f3891af9f61b8c55f Loading...

	www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0	61 B	2023-03-07	2023-03-17
Pretty URL www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 IP 75.2.73.197 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-03-17 23:32:26 Times Seen1 Hash c3e717e14fb39126a1a768eb229c4e34 16adfa0caba2b3bb811a6ecca476c6106759030b a7a2700f4e83899c84b4ddee3aa552f10fa3230a5ec17476aab9408cacfbd09a Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6463
Expires: Wed, 09 Nov 2022 06:27:09 GMT
Date: Wed, 09 Nov 2022 04:39:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: max-age=113947
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:26 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:18:33 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2969
Expires: Wed, 09 Nov 2022 05:28:55 GMT
Date: Wed, 09 Nov 2022 04:39:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: x+TuobLIqnuFnb9jIIPdvhBZrIzKLQWmPQJE65FzhYtdteHSrUHqu9ctPrGWhPm6V4Lgvg9Hpa8=
x-amz-request-id: 15S6FHC8CWY9B5TF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 04:11:35 GMT
age: 1671
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

robloxstutas.com/

198.58.118.167

200 OK

12 kB

URL HTTP/1.1
robloxstutas.com/
IP
198.58.118.167:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26936)
Size
12 kB (12094 bytes)
Hash
f6d508527e014774015670d816545f1c
9308845f5d0ef3a1f7162cd8df7c86b8b8bed52d
d24b0f39974fb41dcb22db041bd4a4639026bcc246f6f9cb12c6c2a3e370699d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 09 Nov 2022 04:39:26 GMT
content-type: text/html; charset=utf-8
transfer-encoding: chunked
vary: Accept-Language
content-language: en
content-encoding: gzip
connection: close

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 04:39:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

robloxstutas.com/favicon.ico

198.58.118.167

200 OK

43 B

URL HTTP/1.1
robloxstutas.com/favicon.ico
IP
198.58.118.167:0
ASN
#63949 Linode, LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://robloxstutas.com/

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 09 Nov 2022 04:39:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close

js-agent.newrelic.com/nr-1216.min.js

151.101.86.137

200 OK

14 kB

URL HTTP/2
js-agent.newrelic.com/nr-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32022)
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://robloxstutas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 04:39:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1667968767.005475,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2

robloxstutas.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbuW2kuA6OC5EQdycFVuxm3ug9YdUIJ_DgAHUqDRspjaSkX5ml2HVBpqYqQ5JabDUsfRDeXiFQttaMqvnZODnMOcWAFmXxdVt29X_ldL5d9v3RRcaJPN7j-MMHDdl1vvv0A7zeGjI2ng:1oscs2:vEP1rMtTfE4XjJlrlh7Plairlpw/1/

198.58.118.167

200 OK

259 B

URL HTTP/1.1
robloxstutas.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbuW2kuA6OC5EQdycFVuxm3ug9YdUIJ_DgAHUqDRspjaSkX5ml2HVBpqYqQ5JabDUsfRDeXiFQttaMqvnZODnMOcWAFmXxdVt29X_ldL5d9v3RRcaJPN7j-MMHDdl1vvv0A7zeGjI2ng:1oscs2:vEP1rMtTfE4XjJlrlh7Plairlpw/1/
IP
198.58.118.167:0
ASN
#63949 Linode, LLC

File type
ASCII text, with no line terminators
Size
259 B (259 bytes)
Hash
b203482021023c676ce3ab44b00b49dc
75466d350796f11f28423deadc7c4352ee34dbb1
7fe2c289eb3e79db93bae940bf0328a07fc65fcac651672b83561d4a7cc065ce

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbuW2kuA6OC5EQdycFVuxm3ug9YdUIJ_DgAHUqDRspjaSkX5ml2HVBpqYqQ5JabDUsfRDeXiFQttaMqvnZODnMOcWAFmXxdVt29X_ldL5d9v3RRcaJPN7j-MMHDdl1vvv0A7zeGjI2ng:1oscs2:vEP1rMtTfE4XjJlrlh7Plairlpw/1/ HTTP/1.1
Host: robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://robloxstutas.com/
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 09 Nov 2022 04:39:27 GMT
content-type: text/html; charset=utf-8
content-length: 259
x-mtm-path: 7
x-mtm-prov: 1:0.00;70:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJyb2Jsb3hzdHV0YXMuY29tIiwiaHR0cDovL3d3dzEucm9ibG94c3R1dGFzLmNvbS8_dG09MSZzdWJpZDQ9MTY2Nzk2ODc2Ny4wMjkwNzcwMDAwJmt3PVJvYnV4JktXMT1XZWJzaXRlJTIwU3RhdHVzJTIwTW9uaXRvciZLVzI9TmV0d29yayUyMFN0YXR1cyUyME1vbml0b3JpbmclMjBUb29scyZLVzM9Um9idXglMjBNb25leSUyMEZhY3RvcmluZyUyMENvbXBhbnkmS1c0PUZyZWUlMjBSb2J1eCUyMFZpcnR1YWwlMjBDdXJyZW5jeSZzZWFyY2hib3g9MCZkb21haW5uYW1lPTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0xMS0wOSAwNDozOToyNyIsMSwiMTY2Nzk2ODc2Ny4wMjkwNzcwMDAwIiwxLG51bGwsbnVsbF0:1oscs3:T22nY2-wgknIgavj7fVmLjbBLxc; expires=Wed, 09-Nov-2022 05:39:27 GMT; Max-Age=3600; Path=/
connection: close

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2457
Cache-Control: max-age=104896
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:27 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 09:47:43 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0

75.2.73.197

200 OK

5.2 kB

URL HTTP/1.1
www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2922)
Size
5.2 kB (5179 bytes)
Hash
8e01c1140da3ebaadbb1952e9e72148a
d7ebe594592befc276acba8166b98b9058c732d0
aa04309b51f3b0bd23713e28c9ca70ebe96500788b03c4d76e01e78ba2b2fd57

HTTP Headers

GET /?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://robloxstutas.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket003
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_cNbO5woMtcPGvJ7Cc8ISlGtJ3FD/JZ5rBEAnrRVVBgUB0AEAqEw0o2w2Wbq6/J2ZxhUu/C42lWvz11Vg1vc1Bg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

d38psrni17bvxu.cloudfront.net/scripts/js3caf.js

18.244.156.149

200 OK

7.0 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
IP
18.244.156.149:0
ASN
#0

File type
ASCII text, with very long lines (316)
Size
7.0 kB (7000 bytes)
Hash
cce7f943ec8e7b4ba13be4aba6b463d9
220f3e8ca723daa91fd040cf518991a65f2bf110
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/js3caf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7000
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 03:16:10 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 bf3844a119fafd26895a288a42b50a42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: LAdsK5AuDZ_OvjcfmxqbX_VNrET8nl2RvW3gGceShmEtkj-IA8EL8A==
Age: 4997

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53472 bytes)
Hash
2651fd41b8caca3564297aba4abfc0ca
2871e2833099dd198f75fdd5ffcba63b9561db55
2ae3793958b818c7803af70296a4489e3b4738229c4a005429a7b69cdacc896c

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 09 Nov 2022 04:39:27 GMT
Expires: Wed, 09 Nov 2022 04:39:27 GMT
Cache-Control: private, max-age=3600
ETag: "12074600492908671107"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css

18.244.156.149

200 OK

648 B

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
IP
18.244.156.149:0
ASN
#0

File type
ASCII text
Size
648 B (648 bytes)
Hash
706f944f821bc64dff4240a04251ff36
efcf7c46310be1b252baae8e2f4b5e9edfee9fe3
dc365466c780c2d5e58a10925db88facb0cae18cb5a077790c54561e8590b63b

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 00:44:21 GMT
Last-Modified: Fri, 21 Oct 2022 11:27:37 GMT
Content-Encoding: gzip
ETag: W/"63528229-63e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 95f360f450bf272a98ce1e9bee061af8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: eUs6ckqFx6Of45CNDrqJlTlfEjOmOI26im2VHgAHJrUOnwhvm_sgCw==
Age: 14106

push.services.mozilla.com/

54.187.146.10

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.146.10:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Od4NVE4dUXFPFmO75xXTKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: raA1K+SGJ9TQrgOkCLEkQNaE2yc=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
600068581e035a56fc6346d488e8f415
418e562a914c44e4ceed5e12e1104d0b9d962161
324677fc199235a95ed8883ec81bc5a2b2cefc989a42b2f38938b04d60b04fa5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=156291
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Etag: "636ad8a8-1d7"
Expires: Fri, 11 Nov 2022 00:04:19 GMT
Last-Modified: Tue, 08 Nov 2022 22:31:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

18.244.156.149

200 OK

11 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
18.244.156.149:0
ASN
#0

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 02:48:23 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 bf3844a119fafd26895a288a42b50a42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: zrKrT1ah0korcksBBCBXJfBKky0qbwBD0PGNU3GYMDhCuAp4K6ZMxA==
Age: 6665

www1.robloxstutas.com/favicon.ico

75.2.73.197

200 OK

0 B

URL HTTP/1.1
www1.robloxstutas.com/favicon.ico
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:28 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

www1.robloxstutas.com/track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2Ny40NDk6YWFmNTY1NjkzYTg1ZDU4NTAxMjYwMjRiYTZjMzAyMTc1NTE1YTk2Yzc0MjQxYWM4ZDI5YTI3NTAwMjBlZDJjNjo2MzZiMmVmZjZkYTEz

75.2.73.197

200 OK

20 B

URL HTTP/1.1
www1.robloxstutas.com/track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2Ny40NDk6YWFmNTY1NjkzYTg1ZDU4NTAxMjYwMjRiYTZjMzAyMTc1NTE1YTk2Yzc0MjQxYWM4ZDI5YTI3NTAwMjBlZDJjNjo2MzZiMmVmZjZkYTEz
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2Ny40NDk6YWFmNTY1NjkzYTg1ZDU4NTAxMjYwMjRiYTZjMzAyMTc1NTE1YTk2Yzc0MjQxYWM4ZDI5YTI3NTAwMjBlZDJjNjo2MzZiMmVmZjZkYTEz HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

bam.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1216.487a282&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1246&ck=0&ref=http://robloxstutas.com/

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1216.487a282&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1246&ck=0&ref=http://robloxstutas.com/
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/0d385ba8a0?a=31561968&v=1216.487a282&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1246&ck=0&ref=http://robloxstutas.com/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: http://robloxstutas.com
Connection: keep-alive
Referer: http://robloxstutas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:28 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7673dd60e8580b55-OSL
Access-Control-Allow-Origin: http://robloxstutas.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
182f8aecb00a9b97401d839e1e7f5629
05e5f7d37f06fbf503d139746300f2dcf22616ce
8e15a57041c72ef89daa376d714d4f8ec8139c164e5286fff51766b159a0df40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=www1.robloxstutas.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie

172.217.21.162

200 OK

182 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www1.robloxstutas.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
e8451c8ac46bacc188a83a3e4242958a
1d2fc40ec06f26143e873e0173fa066eea50e3fe
44b5d22561e21e323e6ec7e5e0a8c22ee8b63454e27150197dd9e51e6468f48f

HTTP Headers

GET /gampad/cookie.js?domain=www1.robloxstutas.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.robloxstutas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 09 Nov 2022 04:39:28 GMT
server: cafe
cache-control: private
content-length: 182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4%7Cs&nocache=4741667968765246&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968765248&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Frobloxstutas.com%2F&adbw=master-1%3A530

142.250.74.164

200 OK

2.3 kB

URL HTTP/2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4%7Cs&nocache=4741667968765246&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968765248&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Frobloxstutas.com%2F&adbw=master-1%3A530
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6832)
Size
2.3 kB (2287 bytes)
Hash
02f8df3ba40d5f9909333b327f2cba04
d1b27eb5c5e1c63bfc78f69c5c03d660ea3dbc0d
27a65015ff8920d605d68a636405a77d1331c1a78dcdf56efcd96a32889ae8a8

HTTP Headers

GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000215%2Cbucket003&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Website%20Status%20Monitor%2CNetwork%20Status%20Monitoring%20Tools%2CRobux%20Money%20Factoring%20Company%2CFree%20Robux%20Virtual%20Currency&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2150633343939208&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4%7Cs&nocache=4741667968765246&num=0&output=afd_ads&domain_name=www1.robloxstutas.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1667968765248&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=485586056&uio=--&cont=tc&jsid=caf&jsv=485586056&rurl=http%3A%2F%2Fwww1.robloxstutas.com%2F%3Ftm%3D1%26subid4%3D1667968767.0290770000%26kw%3DRobux%26KW1%3DWebsite%2520Status%2520Monitor%26KW2%3DNetwork%2520Status%2520Monitoring%2520Tools%26KW3%3DRobux%2520Money%2520Factoring%2520Company%26KW4%3DFree%2520Robux%2520Virtual%2520Currency%26searchbox%3D0%26domainname%3D0%26backfill%3D0&referer=http%3A%2F%2Frobloxstutas.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.robloxstutas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 09 Nov 2022 04:39:28 GMT
expires: Wed, 09 Nov 2022 04:39:28 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2287
x-xss-protection: 0
set-cookie: CONSENT=PENDING+751; expires=Fri, 08-Nov-2024 04:39:28 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
182f8aecb00a9b97401d839e1e7f5629
05e5f7d37f06fbf503d139746300f2dcf22616ce
8e15a57041c72ef89daa376d714d4f8ec8139c164e5286fff51766b159a0df40

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dacb6df08b90bf743c8171b474c45ab0
1efade0f09bdc50845ad9fef25bb818c136aa87b
db06ebe5ca7ec61c2a8304751e119d159cac6a5237f01f88b6c4452642e168d3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dacb6df08b90bf743c8171b474c45ab0
1efade0f09bdc50845ad9fef25bb818c136aa87b
db06ebe5ca7ec61c2a8304751e119d159cac6a5237f01f88b6c4452642e168d3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

142.250.74.33

200 OK

270 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
270 B (270 bytes)
Hash
5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 11:18:20 GMT
expires: Wed, 09 Nov 2022 10:18:20 GMT
cache-control: public, max-age=82800
age: 62468
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.33

200 OK

174 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 09:02:20 GMT
expires: Wed, 09 Nov 2022 08:02:20 GMT
cache-control: public, max-age=82800
age: 70628
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www1.robloxstutas.com/ls.php

75.2.73.197

201 Created

0 B

URL HTTP/1.1
www1.robloxstutas.com/ls.php
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /ls.php HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2874
Origin: http://www1.robloxstutas.com
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0

HTTP/1.1 201 Created
Date: Wed, 09 Nov 2022 04:39:28 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 636b2f00a80209722833e096
Charset: utf-8
Access-Control-Allow-Origin: http://www1.robloxstutas.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SeQrzOjd1Gm9Y42q7v+QNaLP6kedbOOBhQA4ZqJgGBJduLRyPHHaUINHUxxTd/tO3VzAbJKczw7zQr89lfudxg==

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dacb6df08b90bf743c8171b474c45ab0
1efade0f09bdc50845ad9fef25bb818c136aa87b
db06ebe5ca7ec61c2a8304751e119d159cac6a5237f01f88b6c4452642e168d3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6081
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 04:39:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12510 bytes)
Hash
e3d20f900a883cec8e0cab687df8a251
1105130523fb346dbab9ad2bb8d71c3f505425ce
b5ade9b1302479c4589eb659125d0111c55bb4520d72501cc47b295fd65e8a6e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12510
x-amzn-requestid: ad966326-25a8-44df-880a-608572bf2538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuExNIAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-4eaa4fda178720702d9a9583;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZlRHZYYt_p4bzFjTJAzXR08Oj0B_m9qLrpOAysjxJ2F9tzzF4G7U8g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 24944
etag: "1105130523fb346dbab9ad2bb8d71c3f505425ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6458 bytes)
Hash
1382cce063e7b64ce1a9360db1cb1a03
e773fbc5ba8bb957bce566d353c4580e46d4b31c
88332359957b997367612f496d866de90680f3ff458ead4e6cdc052ad3fe8858

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6458
x-amzn-requestid: 7dc5df31-e521-476f-aee2-6a59192d8c94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuEwBoAMFpVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-1a1866f906458f916d6baac8;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TpRz9GwPmcySJ-e0FjxKkBYmlb6wV8LnMoSMD_GJOpSk_phabHP-7Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:16:10 GMT
age: 22998
etag: "e773fbc5ba8bb957bce566d353c4580e46d4b31c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6635 bytes)
Hash
b3cd10472aabf86c5ffdfd06057f87f6
82728de12017be85f27e65a7222573058aad37c3
1bbb913786c95b51639193739d2cf01de1cdd8afe8b68dfef378b989129f0ef4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6635
x-amzn-requestid: 8348f858-989b-4643-b6f8-4f7254b154ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTmaHunIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc8f-02cc736a29efbcb473e20402;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:27 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1nLdkhJjsLSGP0pS3mmDwAcsKSLD-rYRaRt4X9_L2jWTNQaiVJbqw==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 24944
etag: "82728de12017be85f27e65a7222573058aad37c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff4595af-345a-41e9-bc77-5e5f5719a251.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8586 bytes)
Hash
ee6ac2ea7efd3fab3c55044dc9b01879
a3564349a6c866d4a36fb2d86944b69628bdb8e6
95745616900a0ea1527a69558a415beab18fde9b871e1bf4cf246fa8777dcb91

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff4595af-345a-41e9-bc77-5e5f5719a251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8586
x-amzn-requestid: 4ae185c6-868f-4d10-9c41-a423cdf42101
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTUCG1doAMFtYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc19-3d3201177e8e60866ce59b01;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:29 GMT
x-amz-cf-pop: SFO20-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jkIbA9XW12Vn_yXrK0MDe5IhTzzzvfQONeCwPEYwEbbD5W6fTzAIiQ==
via: 1.1 f9d4b21c935c23e15cfc47b3d33e44e6.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:39:53 GMT
age: 21575
etag: "a3564349a6c866d4a36fb2d86944b69628bdb8e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.8 kB (2766 bytes)
Hash
1b4ae74d6a926ef85ce993a33f7d8a3f
9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857
61b2fea439945e122a8502ab05e6c68bc1b3a9d8c639344ef5b04dfcc6889a65

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2766
x-amzn-requestid: 934d6215-528a-4e78-bc46-3b0838d94671
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3d2HMGIAMF7Gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2be-0c11c2fb6ebc48eb1f0a3aef;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2MtnIC1pavEcDYixORBwRS07BU7q0n-eDUdZAAe3NDSGF6T8yau4ug==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:17:38 GMT
age: 69710
etag: "9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 70233
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

75.2.73.197

200 OK

5.1 kB

URL HTTP/1.1
www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2894)
Size
5.1 kB (5138 bytes)
Hash
2f8091c8860019092e1a5550b9444f53
50757c4fed263dbcc5afdc6c6a76553c037362f6
16c2d466bf667eb673bf0726f54fbc6cad5c353c25acad3885721afdbd85cf32

HTTP Headers

GET /?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=0e928903fb9aef24:T=1667968768:S=ALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket003
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_cNbO5woMtcPGvJ7Cc8ISlGtJ3FD/JZ5rBEAnrRVVBgUB0AEAqEw0o2w2Wbq6/J2ZxhUu/C42lWvz11Vg1vc1Bg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

d38psrni17bvxu.cloudfront.net/scripts/js3caf.js

18.244.156.149

304 Not Modified

0 B

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
IP
18.244.156.149:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/js3caf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/
If-Modified-Since: Thu, 14 Jan 2021 10:54:01 GMT
If-None-Match: "600022c9-1b58"
Cache-Control: max-age=0

HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Wed, 09 Nov 2022 03:16:10 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 bf3844a119fafd26895a288a42b50a42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: KfQjcA1bJ0LJ31RBl6nvYeEVdwExjDDqmaDQMoRNl3xM82njEntDTA==
Age: 4999

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1885)
Size
54 kB (53478 bytes)
Hash
8017cbd1769ac590eb2d5e162524c84c
2ff34f92d98368aae40c39564f472e10b8e00ac0
aadbb3b4b5b2d11b133e278727bdf196c55967d6f478fc45e683e7d41b28e539

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/
If-None-Match: "12074600492908671107"
Cache-Control: max-age=0

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Wed, 09 Nov 2022 04:39:29 GMT
Expires: Wed, 09 Nov 2022 04:39:29 GMT
Cache-Control: private, max-age=3600
ETag: "4581577100604728451"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

www1.robloxstutas.com/track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D

75.2.73.197

200 OK

20 B

URL HTTP/1.1
www1.robloxstutas.com/track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=robloxstutas.com&toggle=browserjs&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=0e928903fb9aef24:T=1667968768:S=ALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www1.robloxstutas.com/ls.php

75.2.73.197

201 Created

0 B

URL HTTP/1.1
www1.robloxstutas.com/ls.php
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /ls.php HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2846
Origin: http://www1.robloxstutas.com
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=0e928903fb9aef24:T=1667968768:S=ALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A; GoogleAdServingTest=Good
Cache-Control: max-age=0

HTTP/1.1 201 Created
Date: Wed, 09 Nov 2022 04:39:30 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 636b2f02cb900453b8416ed9
Charset: utf-8
Access-Control-Allow-Origin: http://www1.robloxstutas.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SeQrzOjd1Gm9Y42q7v+QNaLP6kedbOOBhQA4ZqJgGBJduLRyPHHaUINHUxxTd/tO3VzAbJKczw7zQr89lfudxg==

www1.robloxstutas.com/track.php?domain=robloxstutas.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D

75.2.73.197

200 OK

20 B

URL HTTP/1.1
www1.robloxstutas.com/track.php?domain=robloxstutas.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D
IP
75.2.73.197:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=robloxstutas.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2Nzk2ODc2OC45OTg3OjExOWVkNjI0YmRkYmU3OTgwYzNhMDU2NWFlMWUwNTU2OGE4MWIxYTRiNjAzNjAwODFjYjMwYzJmM2ZiZTFlNTI6NjM2YjJmMDBmM2QyMQ%3D%3D HTTP/1.1
Host: www1.robloxstutas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.robloxstutas.com/?tm=1&subid4=1667968767.0290770000&kw=Robux&KW1=Website%20Status%20Monitor&KW2=Network%20Status%20Monitoring%20Tools&KW3=Robux%20Money%20Factoring%20Company&KW4=Free%20Robux%20Virtual%20Currency&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=0e928903fb9aef24:T=1667968768:S=ALNI_Ma59XLSt-_sZqTLfs1VmUA3b_Ix8A

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 04:39:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

0 B

URL HTTP/2
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 09 Nov 2022 04:39:28 GMT
expires: Wed, 09 Nov 2022 04:39:28 GMT
cache-control: private, max-age=3600
etag: "7279381650299462442"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP