jogoslegaisdorobloxcomdinheirolimitad.blogspot.hu/
216.58.207.193 194 B URL jogoslegaisdorobloxcomdinheirolimitad.blogspot.hu/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f2a352e54f4e533b2f96b6100ae78957
460f22f83e1f5f9a0040d8564d753eb5e382bd47
42b38f7d8bb8e2ccfeef484d33dcd4f18c42b5b73de4b45571def3b1663dd4f1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: jogoslegaisdorobloxcomdinheirolimitad.blogspot.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Location: http://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 17:36:57 GMT
Expires: Sat, 15 Apr 2023 17:36:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 194
Server: GSE
jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
216.58.207.193 195 B URL jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1e843f16c3edadc0ec5be26992c360e9
d326b95249102d65eddd1f66158d22c868b24cb8
1c8bd169c1b16529e8de65c5b2dbc0f8a8e269f727f588ffa33ec772d2e672c0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: jogoslegaisdorobloxcomdinheirolimitad.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 17:36:58 GMT
Expires: Sat, 15 Apr 2023 17:36:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 195
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 46b79db05e8f73d98e627f5fca196625
52c8052b2de7eb56042a3a5dce90a9f4617d0aa0
42ebb62b20df4a8e740ebde9f3da7c9c5781aeb0955e88755b8037ed3379b911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
216.58.207.193 17 kB URL jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14233)
Hash 5f609a33e86fbf28292a6f51a73a118d
35c5f383dc681c821de680e4fdf588804133d630
6975c45f698683e973cf7df5083075b2cc81585d9eefe60465f8508dade91bac
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: jogoslegaisdorobloxcomdinheirolimitad.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 15 Apr 2023 17:36:58 GMT
date: Sat, 15 Apr 2023 17:36:58 GMT
cache-control: private, max-age=0
last-modified: Tue, 04 Apr 2023 23:56:56 GMT
etag: W/"e2e278d4f3b67d437339fb51ed2740174ec31db6fa3f361c9df02a09783b3835"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 17017
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 46b79db05e8f73d98e627f5fca196625
52c8052b2de7eb56042a3a5dce90a9f4617d0aa0
42ebb62b20df4a8e740ebde9f3da7c9c5781aeb0955e88755b8037ed3379b911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/js/cookienotice.js
216.58.207.193 2.0 kB URL jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/js/cookienotice.js
IP 216.58.207.193:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: jogoslegaisdorobloxcomdinheirolimitad.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: jogoslegaisdorobloxcomdinheirolimitad.blogspot.com
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 15 Apr 2023 17:36:59 GMT
expires: Sat, 22 Apr 2023 17:36:59 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 14:52:44 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2554dce603910d54df921c966dcf4534
5b4723c280c6fbf9eb99f5eb4d1b6ce0850b09f5
6af76a4fcf5ef2dcfc2f89e08b927d98ee89cf5afad11a5fe0dfe989e841a7ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/www.inkmagazinevcu.com/wp-content/uploads/2014/06/cover-shot-3.jpg?fit=1000%2C667&ssl=1
192.0.77.2 26 kB URL i1.wp.com/www.inkmagazinevcu.com/wp-content/uploads/2014/06/cover-shot-3.jpg?fit=1000%2C667&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18ea808b8c13635e9ed3bcb7f0cfb3a8
7603fa00203ec4de047f4f7317f41ea4da0584e0
b3dc22d5930e9892b8d410e82a5f1e3c29959521d320ffcec9e8f517286e6fe1
GET /www.inkmagazinevcu.com/wp-content/uploads/2014/06/cover-shot-3.jpg?fit=1000%2C667&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: image/webp
content-length: 25960
last-modified: Mon, 10 Apr 2023 03:33:09 GMT
expires: Wed, 09 Apr 2025 15:33:09 GMT
cache-control: public, max-age=63115200
link: <https://www.inkmagazinevcu.com/wp-content/uploads/2014/06/cover-shot-3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5512057b1786873d"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
142.250.74.161 6.7 kB URL 3.bp.blogspot.com/-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png
IP 142.250.74.161:0
File type PNG image data, 200 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b2271ebafdb2a99c69f429d440c555b
38ab355f4cad880637c156f6afe451a9df8cba60
180547af487d795d7fd737f992fb288eb9ec53b79404955a49dd36569e96a230
GET /-dH83a-EWxQI/WUwQjo12WjI/AAAAAAAAFPM/GUuzo9rqoeYJnryg9Slr3L37faXCVlD0wCK4BGAYYCw/s1600/logo_650c697d3a6002c8f63991bb43c0d6b4.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="logo_650c697d3a6002c8f63991bb43c0d6b4.png"
x-content-type-options: nosniff
server: fife
content-length: 6658
x-xss-protection: 0
date: Sat, 15 Apr 2023 15:05:28 GMT
expires: Sun, 16 Apr 2023 15:05:28 GMT
cache-control: public, max-age=86400, no-transform
age: 9091
etag: "v14f4"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6033939083a8d33a40f75374ef257b57
c624b9d622d6d63dbc9a7a3860a550bb3280886e
053f4269987de853c36e36e0f5dada4725c3ff616092a41c039eb21337c00f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1852870454-widgets.js
216.58.207.233 57 kB URL www.blogger.com/static/v1/widgets/1852870454-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash d19b4e5daf1cca65910963a91514ff6d
e4c300bb1b62d4ece1b938cb3ee0f6322ee0a8b9
3d2a90a36164abc85a92ede291287c7135725dae9c5c124b8f3f557f7c12c7d4
GET /static/v1/widgets/1852870454-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 08:03:26 GMT
expires: Sat, 13 Apr 2024 08:03:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 14 Apr 2023 04:55:24 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 120813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/qCyb-LQZiwc/hqdefault.jpg
142.250.74.150 35 kB URL i.ytimg.com/vi/qCyb-LQZiwc/hqdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash c5695a8eff7eacec3dee1dd75116de9f
16217a1510a4ac2747e73a33fb5354376e96f771
c1b750d8d63fd47f9f151c73727072b8be57fe4b1587a4dc736eaa21003f580a
GET /vi/qCyb-LQZiwc/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35195
date: Sat, 15 Apr 2023 17:36:59 GMT
expires: Sat, 15 Apr 2023 19:36:59 GMT
cache-control: public, max-age=7200
etag: "1525465577"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/1UMly1N_rFM/maxresdefault.jpg
142.250.74.150 168 kB URL i.ytimg.com/vi/1UMly1N_rFM/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 168 kB (167723 bytes)
Hash 587a38d4bb537bb2519dcd9f65438383
791443e6b4f8e58c5875fb859ea1309c2151c07d
b1edaaf33ffddce078d075971d88b7c11f3ea7426e735a7fbd2d5efd60156490
GET /vi/1UMly1N_rFM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 167723
date: Sat, 15 Apr 2023 17:36:59 GMT
expires: Sat, 15 Apr 2023 19:36:59 GMT
cache-control: public, max-age=7200
etag: "1537114285"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash 7c1abcbe083f5d0ca0cad9d6c53fde11
5786f2734be313160a3112d47d6df1ae01e49367
d91c183a45bcc32b66cd75852e362499a4a766a1941112a9e2ed4c19dc877ce9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 17:36:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 13 Apr 2023 21:41:08 GMT
Expires: Thu, 20 Apr 2023 21:41:07 GMT
Etag: "5786f2734be313160a3112d47d6df1ae01e49367"
Cache-Control: max-age=446047,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b85f432d9660b31-OSL
ih1.redbubble.net/image.1607543038.5464/ssrco,slim_fit_t_shirt,mens,101010:01c5ca27c6,front,square_product,600x600.jpg
68.232.35.237 53 kB URL ih1.redbubble.net/image.1607543038.5464/ssrco,slim_fit_t_shirt,mens,101010:01c5ca27c6,front,square_product,600x600.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash f86190814ed2e85b9380fa72dbf3bfca
67860aaee53ef696b03462a324daa9d023919513
4fefceaaa44bc7ad98ee0b74610f11c6f3587cc8bdc7811c295f687248181812
GET /image.1607543038.5464/ssrco,slim_fit_t_shirt,mens,101010:01c5ca27c6,front,square_product,600x600.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 221983
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Apr 2023 17:36:59 GMT
etag: W/"4fefceaaa44bc7ad98ee0b74610f11c6"
last-modified: Thu, 13 Apr 2023 03:57:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EEC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 1165338a-8ca8-4ccc-a0d1-1477b0eb8c8c
x-xss-protection: 1; mode=block
content-length: 53027
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6033939083a8d33a40f75374ef257b57
c624b9d622d6d63dbc9a7a3860a550bb3280886e
053f4269987de853c36e36e0f5dada4725c3ff616092a41c039eb21337c00f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2554dce603910d54df921c966dcf4534
5b4723c280c6fbf9eb99f5eb4d1b6ce0850b09f5
6af76a4fcf5ef2dcfc2f89e08b927d98ee89cf5afad11a5fe0dfe989e841a7ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mtevor.com/cluster-v2/roblox-crn.js
172.96.187.226 4.3 kB URL mtevor.com/cluster-v2/roblox-crn.js
IP 172.96.187.226:0
File type ASCII text, with very long lines (4802), with CRLF line terminators
Hash b2a54a0d4ffe468f3f2f265a45e82cc5
ec1feb9e96192a5fb3435c1e3405795525412b9c
696a293f79d34306ed4796331db25b9b932f3b8762819898fa5188a202d45f3a
GET /cluster-v2/roblox-crn.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Apr 2023 17:36:59 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
nowqo.net/roblox/images/gamebaglogo.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebaglogo.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebaglogo.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYzwI4aDNL6lH3h2BdseAQMSYPZfm5Q8BhfIrlR4WdiUe%2BN8f5lhvvW7ImACPnyEcqs2JMqhU3qeZFqSvSk4ghVPs%2BHBi3ouSAW4mLl4s4uTRGOsTID8yvFhm9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4360fc3fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/header.png
104.21.25.78200 OK 131 kB URL GET HTTP/3 nowqo.net/roblox/images/header.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /roblox/images/header.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: image/png
content-length: 131285
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQbOK33FK8JT9BnilWgyYXviBXn3S8sFkfSGZTOlo7rje%2B3DHP4dL8p1tfv0uDdZhOI8Hh4MB4wzdU8EZ5rmd4Ksnh82227BksllhPNTdobvCH6CRkusrrS3QXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4360fc4fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ft-1.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/ft-1.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/ft-1.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724794
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iypipa%2FEj1vb8%2BbKHBuqvL6vGA3%2FVVcIh2plFUr%2BrCrxatd1%2Fzc5XOUCw%2BZzCghuXqDxti8qJblJVM0DSZ7XRe73G7P%2FQh3Z9d0sAGisGWy4rFcEY3wyabOPSdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4361fd1fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.25.14200 OK 1.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.25.14:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7423624
expires: Thu, 04 Apr 2024 17:36:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9ZXN2glqnVBWyfABUJiIZkZIIq2%2FnmMOR0FmS97mRxhwk3e8OQKKYC7fXEZxbC%2FLitNi2TaZPMEzIwwne7UVA6IscySrN5kmX6pIogkSiY%2BOZ5Fk%2FCIKrkLw4vxaQYKl2hyFayD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b85f4363f09b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/bootstrap.min.css
104.21.25.78200 OK 859 kB URL GET HTTP/3 nowqo.net/roblox/images/bootstrap.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (65371)
Size 859 kB (858577 bytes)
Hash 8df8120d0f3bb363a2ca289823fb7f22
d3d768e09bd7fde57880b01caae0a919649d4455
63a4e35e13b318363d2bca4a1ffe75e82297958e72c42282bb49411d13822ef4
GET /roblox/images/bootstrap.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjfrSpynrQmjPUg66gCgxR2j9xSxYGnaiI8u60v23YKxneEGRBdAN0BkGmlDUYydPKoK0llqCcW7LztMCheYQpX1VD5h0cm3KOwhrVfqQBDn522U0sdnvPIJvlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffb8fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fancyselect.js
104.21.25.78200 OK 29 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1254)
Hash 1aca19c765639eb2b6ad8a20a9c1f672
715a3a6beba293927bc7a27d4c646a3c0a8cad55
2973ac77ec336354f44adbbbef1664979cee5f273fd29348405aefdc2ae99358
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/fancyselect.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBaGwoFbyQTSFfMgdqYxULpgkmbuVyDtDOXpeJOUUBg9nmrptXYNsTvXn%2FvR%2BTgqu1CMylV%2FOvYhd93GjOzdWNUGIB3BE%2BdotvPcSKCXrbJbPfDxOX8OB%2B0dfsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fd6fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/panel-overlay.png
104.21.25.78200 OK 3.1 kB URL GET HTTP/3 nowqo.net/roblox/images/panel-overlay.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
GET /roblox/images/panel-overlay.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 3116
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXTK7JPE7bHXBDmv%2FT6kLtXMOESbHs6XzFL4%2BjfPyqXbS2kxOPgon%2FBZvJFkxswToWjPHCGng1AA1OC2BfVoiaF5Fg64Q3c1%2B88Rre5sipfqvsf3kzk6wtDjmuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4379a3efab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/button-dot.png
104.21.25.78200 OK 672 B URL GET HTTP/3 nowqo.net/roblox/images/button-dot.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
GET /roblox/images/button-dot.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 672
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 154323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkZoLtGPjHJhbyQ7q1Z4dw7idSY03j6DJjKrd6EnKdm4QWU9DBGydZjKk8T%2F5LcXLUs1ur5VgaSXFDVsRaLRxlistxLKHx6HL9701e4SZviOhYHqSI3u9rG3cPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4379a4bfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fancyselect.css
104.21.25.78200 OK 2.8 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (3595), with no line terminators
Hash 6bea98aca5369512b81f4f3e890522dc
1fb4d5aa95bc1b6b5fa486279b029ea02a7405ad
bf2fd7a5a19f8c5bf5cf307f843efe8c7639e24ac7c64351cf0539735270f3c3
GET /roblox/images/fancyselect.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBWuvzZX9xTr52q3v7bsti8RdnPq8bINGPcFW%2FNL6ozaym48Cxu4tvVolzGlSOXVDkBH1zwPvxPhP1CE3jUQfbpOXLwEOzwtvkpkMoqdbfVpgnNxnOjWYIdInJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffbdfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
104.16.89.20200 OK 18 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 104.16.89.20:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5C:61:30:2F:8C:51:BF:3D:79:B5:3A:04:9A:91:F0:1C:D9:78:87:40
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (4802)
Hash 746561b9bda08fcb34e46294abb69b5c
313c4f13580817bbace941229a42416ed9405f10
c74ab444c65e6bb54e949d9ef2c827e83162656e0238585a559a47f1b4ad65ba
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
x-served-by: cache-fra-eddf8230050-FRA, cache-jnb7024-JNB
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 174196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGJBKjWTJdg4uU0C%2BW0iYfaFRapre95zc5b%2FOYuR1mgWTzVZGvuzqEr9iINKmm1sFkakZzLVGE1v3S2%2B0LzIHm3pAeVgqSn2Bn8MfKuGLE2ZwZvIFTnn9ZShyImD5E4ckI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4365f8cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
nowqo.net/roblox/images/et-line.woff
104.21.25.78200 OK 55 kB URL GET HTTP/3 nowqo.net/roblox/images/et-line.woff
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/et-line.woff HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: font/woff
content-length: 55220
cache-control: public, max-age=31536000
expires: Sun, 16 Apr 2023 07:06:54 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 500399
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH5rhJ3hpiZKvVjJo1bz3fZ3XC0s3cHEq9R02w1wRlqjYW3rBZ18PnVkL0vBs8nEBvCiBoNihf9wx5YlLG%2B07rDaKK%2BKSEm3XvaJtfCF41nfKmhehYmoT0YyRc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f437da99fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.11.207200 OK 67 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.11.207:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9b0e9cc931c66bf3d677884409621f3d
cdn-cache: HIT
cf-cache-status: HIT
age: 696329
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b85f4383d86067b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/sweetalert2.min.js
104.21.25.78200 OK 7.1 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (20305), with no line terminators
Hash dd6926149e225810e5356f504a3a14d0
5425d0905ff314d7711591690cffaf072d902483
30eca6633273188955f77976a7021cc19a05bc11eb040bec548846059fdc4e3f
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sweetalert2.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4B410sBpqnEU5JacxGscIfL2E%2Bm94vZwMQOfHn7jMna75SBUS%2FbpiwpUseucM8HMCZ0Drpzc%2FbREwenS%2B3IRlL7JRbyynBHiXW%2F%2BFS6bL59A8s4We9xIy%2FItKsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fdcfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 798d4dfa1bf269cf25be30e15c0faf27
add23a798eb57d7f581a42d0f9084a3acaa076c3
7b38c793ca44a66a992fb67afcd9dca6a1e53824b5c65cf946f1037118f361ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 798d4dfa1bf269cf25be30e15c0faf27
add23a798eb57d7f581a42d0f9084a3acaa076c3
7b38c793ca44a66a992fb67afcd9dca6a1e53824b5c65cf946f1037118f361ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nowqo.net/roblox/images/jquery.magnific-popup.min.js
104.21.25.78200 OK 26 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.magnific-popup.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (21014)
Hash 9e99af8eddbfe4a64c7ddd46c31df449
bfa7b77ba1b8011563014ee3f3d94b1029feaf91
d4c3cd2a4128d57af53074e6157f629bf2e1b19d00f82e58f4d782a0a567f493
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.magnific-popup.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Up4LJBx8BFjXmBCq8Izf2%2FfJCAI80z5Tboe8eDxEeRsSbiMZ5ethAWx9V0cM%2Bknkq9iZ3awQp6O8CvO9ySrsifwyq0FiGlGFW69n0cYloFGNpd%2Bd0nicm1cTjjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fe3fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ca.png
104.21.25.78200 OK 628 B URL GET HTTP/3 nowqo.net/roblox/images/ca.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 8618709a45d8d1c4d9d254c61bdf29b8
9470a0ba81cf743d77ed3cbe98ea6dc9dfb6a583
3a6c5facc8613948b81833101a2ff8c3a114813ce24077585faee268b8ffb541
GET /roblox/images/ca.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin… thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 628
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:42 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 135507
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OLaG6VH4rtWlifqIxRFuP1F0VEmeJ5aDwqhGqz%2BMNarBcoI36uQ820Ftuhzbf7uzaWtpgtWTNr6%2BUxk1%2BPem8mLrYC4kokIkhQfTcDBBTHUmi2O4QPaGYUyyWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4389b31fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery.countto.js
104.21.25.78200 OK 19 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.countto.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1043)
Hash 834244a29e299afb5273964a07dc85e5
14790a4be925da07e7b6a37e7550531da6d7ba88
23b4bd898f3a4abddc614e070f3b13a3e5a9b597446d7562c7e1c2abd042bf49
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.countto.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCrzoZ%2BUIXZ967EJmPNDk32eV%2Fqluk2FjUlTIM6uPfr3ewAZdqUB5Q95MRV9k1vl79Ps4uITwvndGim7fTKkMQToPJW5mu5fWKMQYnkn6u0oKBggR8Gvp4i%2FqVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fd9fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 19:44:14 GMT
expires: Thu, 11 Apr 2024 19:44:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 251566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 798d4dfa1bf269cf25be30e15c0faf27
add23a798eb57d7f581a42d0f9084a3acaa076c3
7b38c793ca44a66a992fb67afcd9dca6a1e53824b5c65cf946f1037118f361ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nowqo.net/roblox/bebasneue_regular-webfont.html
104.21.25.78200 OK 19 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_regular-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Hash b094ae98472a108663adec9c44e2923e
180e06ce3e36cb88937c41f3d600ca7a7d6b65ad
26178ddb117942889fd2a725f240480fcf92af326b7cbb503f20bd01e61f94ad
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_regular-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin… thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 500399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVYT%2B2NbwHYam%2BkmB%2BcrlOkWcQF1%2FyRD5GbTwScViW3nVwmhdJuFLcn9T6vQBI%2F1yxr9LY%2FY8W832B9QzU0BE6QRSTvgVH8nReSWdoBBR4qEo5ztTqPAaaZ5oSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4389b33fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/validator.min.js
104.21.25.78200 OK 2.6 kB URL GET HTTP/3 nowqo.net/roblox/images/validator.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (5862)
Hash 2046d9917ee85b7b16331f4de7aa8bd0
798bb4910b1dc5f1958faa92db6eaa942f2f09c4
8c3625c2447bc4756beb00dcf30314c64ab6417bf47e7fa83aa688e756a927f9
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/validator.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39808pDr6eGohxlbML0b1hdSGkoq5TqEmp7XBzxS0uiMXNHpmftvbagSvH4aaAg5AKWA%2Fo78T523Sm2szckPrfc07rXFUZk%2BMvr9Aj6XxcRRDanKOtLMKtZDBYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fd8fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL GET HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:35:48 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 356679737
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
nowqo.net/roblox/bebasneue_bold-webfont.html
104.21.25.78200 OK 33 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_bold-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Hash 54a2c362c26188da877993c7bf5198c7
264a1d9a0f3e4de6ad68d11f57129f5ba9496737
07359e53abe2f69aca5820c2cb550334c89b344b340994735ab658835db9acd6
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_bold-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 500399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVh%2Bk7EFOnaJwnVxqdqfeEO3F6q0xyiORoH3kcABje6j9U8Xrzs8BktrVdYVuv%2FeH32FMoijxkalpK9zVTy4SwX66ks2shFPitmE54uLjB7KcY9zhclOnpnflV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4379a4dfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 19:44:14 GMT
expires: Thu, 11 Apr 2024 19:44:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 251566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 06:40:10 GMT
expires: Fri, 12 Apr 2024 06:40:10 GMT
cache-control: public, max-age=31536000
age: 212210
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nowqo.net/roblox/images/custom-css.css
104.21.25.78200 OK 517 B URL GET HTTP/3 nowqo.net/roblox/images/custom-css.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1606), with no line terminators
Hash 79d80d9a3e0a67498b56d6c67ed7e6eb
1ff684272ad6e2ccef97fa73197524b8993ead61
f5495ea154f35cc3433c7156ad856b5e576c170e2c5d30e6cb69f5ce3cb06720
GET /roblox/images/custom-css.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQ8S02uBaeBiOPwXIvAHn1%2Fjh1QjY7WO9DPHchDz6V3nKmNaTP2vqT9Pao8YR6YpE2IzUV7kvUhSS7NQHgks6h8QffMPa1qKq9%2Bx%2Frt35pJoUEOHYCWzrnzQJNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffbefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/us.png
104.21.25.78200 OK 609 B URL GET HTTP/3 nowqo.net/roblox/images/us.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
GET /roblox/images/us.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin… thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=196975; timePosted22Cookie=191993; timePosted33Cookie=20243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:05 GMT
content-type: image/png
content-length: 609
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:24 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724800
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2kkP%2FxMRGds%2Bxhsmx%2BuKiNZjVjN%2FF%2B9hDb66EaUYG2ElHoP91H9BcUbOd6Cho%2BhWMhY%2F9i7hz91PgU2Nkix8vDB4e8cTaU7iC4id8WcUr0Ikq%2F3128uJ%2BZ4dNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f457db73fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ac.png
104.21.25.78200 OK 408 B URL GET HTTP/3 nowqo.net/roblox/images/ac.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 7391e6b6df7b181d51ffeb2a5a6d7bd4
e442abb4c7713078983da019502d070f38c12e26
6f20d866841c4514782a46142df22b70b8da9783c513e3d41d8f3313483fe38d
GET /roblox/images/ac.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin… thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=197975; timePosted22Cookie=192993; timePosted33Cookie=21243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:06 GMT
content-type: image/png
content-length: 408
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:47 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724798
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EG7UX%2Bgd9htjlBQRswSA9ztgtxz8UN44ZMRZLIgsGMttWe2XPu7hehghf67szS9aPXMbr9TE078vQV4DJ7F6ZGMB7DwasbfXmdRTZP%2FTUDGulk8swrDdrXoDqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4613d5ffab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/de.png
104.21.25.78 545 B URL nowqo.net/roblox/images/de.png
IP 104.21.25.78:0
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash ddabae687ecae5edaaeb808d440543e6
1daf2d67ccaa5be01a330a231ac996a9d5575594
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
GET /roblox/images/de.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin… thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=201975; timePosted22Cookie=196993; timePosted33Cookie=25243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:10 GMT
content-type: image/png
content-length: 545
cache-control: public, max-age=31536000
expires: Fri, 21 Apr 2023 06:34:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 114268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXa%2BqmXXp4BO9WCqKGhUwP7MiQniw5QpUT%2FxCIByAcqZk%2Blnc83QfczMT2%2FJpudDoK3YYwkSvp%2Ff2avNwOCPlXXgyeP%2Bi2fwpjqYGbx%2FxFn3iyPAf%2B0ejDZMeGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4771d2ffab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-l.png
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-l.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 6073469203244cc95b8fbe0996b8c405
60c3fe75fa9d7e3ae7f42f9a247d103b9841982a
7509fb455029a48272466bce43b17cf8247f769f9a4b9c51a03eba55924e11f3
GET /roblox/images/pr-l.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 16083
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOM5H1flWNp2pj9a7xE%2B5h3Vvmn7oPIYJBSpqw94oCWz5MWwl6d1fP0MhbmMEvgWuxpNjKEJ1xJJCTWmhm85YP%2BHqtqQ7zPfbc2pTLDUuHMr%2FvUaPEze%2B7Wd4lQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4379a44fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
104.21.25.78200 OK 15 kB URL User Request GET HTTP/2 nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
IP 104.21.25.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogoslegaisdorobloxcomdinheirolimitad.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/html
last-modified: Fri, 07 Apr 2023 06:41:19 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKZJ3PDABgh4ISVi4NAVXR0YKTGwsC0EIwpYz5rGcq5s7qAmusIKPolsVELSHBR6ie7E52VrRPTkAX%2BVqVeaoWFYIu48Boj8NI3wwof9XtVjdDYFzjE59VClgNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4351dbfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/sticky.js
104.21.25.78200 OK 20 kB URL GET HTTP/3 nowqo.net/roblox/images/sticky.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (16920)
Hash 1180d3ea8d2544bb6bec4dacb60526d2
d2788f5423575404112a66853e0f274960d743e0
bb88a49c99d278abff743baf1f0f492382031afd4212fb27b33a23068723f86e
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sticky.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keU%2BT7Nn2%2F9IYRqiQ91KJ4rTxw2cvST5V%2FAXnYGzBhOq6csaF0J2E%2BRZM3UBEwm7GobIBJ%2BlLEcSvCX5nQP4X8LM6ghh3SoKxUYDFDCMJu80di%2BxbQIrid4Muss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fe2fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/com.js
104.21.25.78200 OK 15 kB URL GET HTTP/3 nowqo.net/roblox/images/com.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/com.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lyCDak%2FaVVMgeR0JOvNTVyqwkM6OLA68it8sbAvHqFu1KpMwZNqjGodJxG5NZTG5lXoAt%2F7gU4Ux7Jd4%2Bodjio69ftrYlcnw3g3NJ9oi7YsgoIgvPSAxKI%2Bb84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fdffab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/main.js
104.21.25.78200 OK 34 kB URL GET HTTP/3 nowqo.net/roblox/images/main.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (24637)
Hash b4a27b956eccd646f3bc2b2b2b6503c5
6df97b44c507a440a3c1dd6873b44fbc95e92fb1
948fe10b1ea0b581c4871ae90f94882ed8945bd19c9ce0352b20ac0467dc145a
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/main.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3KnJXdR0WVt2R3o36phtGpXd50EInPp2f%2BBZRtyh8YLn1SuZz5HudH%2BbvCAWO7ecs1wLSQST5P6lHN1Eo2z6%2F0TBLR%2BFrqcaEdvq0M5wYWIBL7Jipf8wqC%2FvBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fe4fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/font-awesome.min.css
104.21.25.78200 OK 28 kB URL GET HTTP/3 nowqo.net/roblox/images/font-awesome.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (27546)
Hash a6f297631a1940d525722690710b0f97
60aab26a9c55134097fb9a03594466bf2bb34e4a
8b8fe494229dedb933c6df5dac600a7f6116f989c84241f65c295f44603b4165
GET /roblox/images/font-awesome.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WHpddLcYP9djVUcyveGHCFPyCZccogavmLwhUW2QGNX6tktP0MpgPlzo9l3ioFPLT5Z%2Bt4WVTu2rQWgiW2lOOXXYYnHe8chH1q6VriSV0K6w3IjCkF8MAdd%2FFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffb3fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
216.58.207.227200 OK 26 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash fb6b9d7181b95e76386fd0890878aa5b
36af503d726201d1fddd96a20e2520e9785838d8
793c9557c2fcfd79a48b2ace2d2c2e6a14a09f50d1d3812828838623d643e455
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 17:17:02 GMT
expires: Fri, 12 Apr 2024 17:17:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 173998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 695 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (725), with no line terminators
Hash 4e8f2251a46a64c7688a49a3e999898d
d1a26051b6ac058244584c8eec9830c78bae8af3
648415d8ead4e5a50c915ab2c7057d198671bd1e412d98ac4f8d5b069d7b54c7
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=193975; timePosted22Cookie=188993; timePosted33Cookie=17243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:02 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXbAgzNA1GZxh%2BE3RrqlfhmM9aBLkk96ds%2FiiSYnVicoYkrCeGFnAfQEZaN6ZX7fxevzMt8OgqCe3R1Z7RB3lgz1OpOcddY661QBIdiZ7KT5C%2BcfBGfcNyBf73s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4483bb9fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 695 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (725), with no line terminators
Hash 4e8f2251a46a64c7688a49a3e999898d
d1a26051b6ac058244584c8eec9830c78bae8af3
648415d8ead4e5a50c915ab2c7057d198671bd1e412d98ac4f8d5b069d7b54c7
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=196975; timePosted22Cookie=191993; timePosted33Cookie=20243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:05 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXkPLpFtC4RZ02Br9SRpqvCNgED76P10tz9QRYaAtp15KHEx2%2FsZbhfWk%2FkgP7IkIX%2Blzf3PX1o13%2B%2BaWUkiThCe3h0vTQH34nUjgg0EwXUeDuq%2BphcopR5CHfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f457db6ffab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 695 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (725), with no line terminators
Hash 4e8f2251a46a64c7688a49a3e999898d
d1a26051b6ac058244584c8eec9830c78bae8af3
648415d8ead4e5a50c915ab2c7057d198671bd1e412d98ac4f8d5b069d7b54c7
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=198975; timePosted22Cookie=193993; timePosted33Cookie=22243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:07 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FhFHKWnsA4QUb726phokSR6pBU%2B1orvbYT%2F5%2FrtMMt1k1DLWZnnHqS57%2BxThGIdRwedvn3pAnFO2r8XHeyY%2BBscn5HnS4fmsrAX5Nnn79Kq6OX%2BoP5BW%2B9B4ZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4677c44fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/main-bg.jpg
104.21.25.78200 OK 838 kB URL GET HTTP/3 nowqo.net/roblox/images/main-bg.jpg
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type JPEG image data, baseline, precision 8, 2560x1440, components 3\012- data
Size 838 kB (838330 bytes)
Hash ba5d619ee57cf5acc6ebee951a24e01a
a0627942a4e280318a098576257027078cbc40fc
ff5ca3b41fff989a535f80c1119cca50d67fa99c759545a3fc484cc8124cf836
GET /roblox/images/main-bg.jpg HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/jpeg
content-length: 838330
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLuMQ8I7Y8RV2Yuldgozp6F1ocXoTt7d7d2HyCR2ZSl6BZ6%2FZlqz6ORkXRKgmE8bOufyonNqIdK0g1dMzZcEDd%2FVPLiwrKjU7Mx%2F9hcWmkd22ZQ7zI34ZCz51Z0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4372950fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.25.78200 OK 701 B URL GET HTTP/3 nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (701), with no line terminators
Hash 4dd713bb9231c5094e1c8bc8cb94271c
1e261f6ac19b4c601946704ed1ec811f278a0cda
2d49915f54be165095aa54b17aefae8370c8751ad2421caa309e70302f5f8a04
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 07:38:09 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKOkLby1OmzxtP5YvI5qyPk%2FItQrAeXx%2FDIvjmaCmeG3fD%2F9YLPjPvJLFRhAyVsKhrtX08i9ylb2a1Om9%2FZyqqS%2BPysSszBQjv8UmFnj1UXMCA7NWzME4fA8z4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffb1fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/style.css
104.21.25.78200 OK 40 kB URL GET HTTP/3 nowqo.net/roblox/images/style.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (40387), with no line terminators
Hash 3e05a1f487075dc57f03535a3d6693da
6e4cccd476e7d09d261ebdc7563383d40ec3fa99
52079098bd4de80b7be963bc457d10467682b061619c1d5b96ed628f63c4cd9b
GET /roblox/images/style.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVNPmpnSYfwAkCess3FtTHx3bhHRCjn9EPDGFZj%2FbjWYdOvpBqZpAd2Wuxi2w3JEUwjIFG59Hww5B38%2FKreuqXi0cb9vMuDvyDbvg4DlRXK7ocJliqoaKoI1gd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffbcfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/sweetalert2.min.css
104.21.25.78200 OK 14 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (13988), with no line terminators
Hash 2854c355b9997439e011705e39b4b3ed
06f14e99f5bee6853283e1d42227f3289781379e
a64645980f5ee5a0aaa66cec5a98103420643da6681221c9cd10fc318adcdb6d
GET /roblox/images/sweetalert2.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YXE37xX1ZC3ghvBMTaTor9ru1kxU6YUEVtp45xoBdedXWDiLfXkUHbidJafwaLjScSVgWgkVgn%2F4J%2B4tN4%2BeYN1YqnbRAu%2FC%2FWigSQq8omEruegJ2RVl8K3S0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffb9fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery-3.2.1.js
104.21.25.78200 OK 139 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-3.2.1.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1237)
Size 139 kB (138802 bytes)
Hash 0b39dc8f94398407369f2c6f32042bac
8c4abc797c784a78061373a0aa078be14c7931b1
41f59ec5d59f17850334323c174baef773d00ed5bb48e3739d77bb41b3c59c00
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-3.2.1.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl8krVCdA9HepiDNHOR7bxmDLEi8H6NLuUCSa1PvFbW74x0Aod7JDh7kQq0B9UiCrzdItU2V3eC%2BHKGVoqzy0VL9JDOX%2BRaeTOScQq7%2FsPZtp12jzEPE0D3P00U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fd0fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery-ui.min.js
104.21.25.78200 OK 200 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-ui.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (563)
Size 200 kB (200104 bytes)
Hash 234f1553c7d27cce512062c59800a9a8
b48e01c35c1e6ad622386b9a3161bd1bf02723c8
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-ui.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N78v0sZaGJFxQNM8BujZmmWGUr6%2BP4wFuQdqD%2FJdbMvH7%2B1SbpYLQ2xIzCpRtVPa4fEy7vtfhjeTAthhl4pamuVoSSnH96iB3hD0DABBjWBHghyGN2an%2BCIlZTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fd7fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 695 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (725), with no line terminators
Hash 4e8f2251a46a64c7688a49a3e999898d
d1a26051b6ac058244584c8eec9830c78bae8af3
648415d8ead4e5a50c915ab2c7057d198671bd1e412d98ac4f8d5b069d7b54c7
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed; HstCfa4275781=1681580304853; HstCla4275781=1681580304853; HstCmu4275781=1681580304853; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; timePosted11Cookie=197975; timePosted22Cookie=192993; timePosted33Cookie=21243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:06 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724801
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2TDUUFTKIiHzRHl1PoJryVVOgTmPLVukhtfix04duD1imFL0bMi%2Fkq5nfdX131eZHNK6hBraWhmd1zmw%2F9I8qZc35AlZdsr1nI6%2FaHs9DnLMY6g2P75ZAhkK3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4613d5dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/form-scripts.js
104.21.25.78200 OK 1.0 kB URL GET HTTP/3 nowqo.net/roblox/images/form-scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1061), with no line terminators
Hash 6199605916a54c185314b9c5d3b5e809
5fbe1148fc133ac41089c2fa9e50c32e91ba6541
6c7d18b6f23e412b7e2217aae669caf57c56c3de9e6c0f7099151c752512b139
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/form-scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFTX1WbC9b60kAJeYutbml0IaJjKET1JTpi3yKbB74MrHX2BUtGJFyL%2BN8TTLDCTRzpRVx%2FPx24NmzDgDpTbm5C6xanOxhAfcuj1QJIRkAa9rxx112%2FLpt3mrsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fddfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/scripts.js
104.21.25.78200 OK 196 B URL GET HTTP/3 nowqo.net/roblox/images/scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with no line terminators
Hash 30110b3852b1800156f09776b7f8abc3
b3016d5bcc5d32713d4841b7430e8a36a08f4d82
c7b5716b450a19a471d68d99302a1aefc97409ad09b5248b7493052fb515f9ef
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsZic8mCQw1vrJUAfKEmBn9h1V9O2oBmLTYt5GTLaiDVjnuyvdfo0DKiOIaNS9gdIxAzDebDIOrk7fk599%2FJITE1AyrQlOLQGrbQ4WeSNPugh%2BKvxRqVQpg%2BbE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4361fe5fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-r.png
104.21.25.78200 OK 27 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-r.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /roblox/images/pr-r.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 27316
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJIkJ6D27WirMHUXG8y3nrnarlE4cyu23F37ZvLoVpTgAcBViWi7bsnc4rdvcgQJdpZdzrK8Gew3899VN8TFyE2Dh3VxsSj1lOo7Bi7trdgW%2FgNZRN0n4gOvGAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4379a47fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
216.58.207.227200 OK 26 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash fb6b9d7181b95e76386fd0890878aa5b
36af503d726201d1fddd96a20e2520e9785838d8
793c9557c2fcfd79a48b2ace2d2c2e6a14a09f50d1d3812828838623d643e455
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 17:17:02 GMT
expires: Fri, 12 Apr 2024 17:17:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 173998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nowqo.net/roblox/images/btn-img.png
104.21.25.78200 OK 2.0 kB URL GET HTTP/3 nowqo.net/roblox/images/btn-img.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b750214f9a0276662f12acbbff0d37ce
65e094e10e2b933ab866a66b5f9b25321b99a0d1
db31dae896b9158c4d1c3f32525e6f63281fe9c671a5dc93236cac960013351b
GET /roblox/images/btn-img.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 1977
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 135517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BdiBFQ4n84w3jJ5xodp0nkzyRan%2FzDem4zDdDescIbNgAxM5fpKrg7n2LPPPPCjoAft%2BaEEwNYlXsk2QvucQ%2Bp0IMv4L8utw8wF%2BaIeBawHhtpqZvwIosqDUfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4379a49fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580304853&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0roblox-crn.js=puspiarenagmailcom|template=Fastink.xml|puspiarenagmailcom=jogoslegaisdorobloxcomdinheirolimitad.blogspot.com|jogoslegaisdorobloxcomdinheirolimitad.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-158546652&@b3:1681580305&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
149.56.240.27200 OK 52 B URL GET HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580304853&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0roblox-crn.js=puspiarenagmailcom|template=Fastink.xml|puspiarenagmailcom=jogoslegaisdorobloxcomdinheirolimitad.blogspot.com|jogoslegaisdorobloxcomdinheirolimitad.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-158546652&@b3:1681580305&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
IP 149.56.240.27:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type ASCII text, with no line terminators
Hash 450d4c9562892a7399975be7081f161b
26625d2c692cca51beed7df373407e40e9258a0c
4d6b00ee17409419a50352a49f370c5bada149e9f88fda3be55e6b4e4c5716da
GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580304853&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0roblox-crn.js=puspiarenagmailcom|template=Fastink.xml|puspiarenagmailcom=jogoslegaisdorobloxcomdinheirolimitad.blogspot.com|jogoslegaisdorobloxcomdinheirolimitad.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-158546652&@b3:1681580305&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 17:37:00 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 695 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (725), with no line terminators
Hash 4e8f2251a46a64c7688a49a3e999898d
d1a26051b6ac058244584c8eec9830c78bae8af3
648415d8ead4e5a50c915ab2c7057d198671bd1e412d98ac4f8d5b069d7b54c7
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slaNYn5nh6%2F2JU2eg%2BIdqAbAZ03j27Ks0YAp2RjivDwP8QTAJXoqDWTkmloiHVRJKBLue%2BgA8wiSOzrsxK3w4jKGD%2FkiSW1D2NY7P%2Bt96EYrfq8NwFyoHvpBOnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4389b30fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/gamebag-favico.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebag-favico.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebag-favico.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: username1Cookie=Mafalda; username2Cookie=Ivo Zetticci; username3Cookie=Jonathan; comment1Cookie=This trick is amazing; comment2Cookie=thanks.. amazing job admin⦠thank you for sharing 1000000 Clash Royale Gems! =3 the most powerful tool ever! thank you now i dont need to buy gold! thanks a lot; comment3Cookie=thanks :D this is legit website . thanks a lot dude!!!! WORKS like a charm!!! awesome tool indeed
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:00 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:25 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 520000
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmUnZCZhBktmnoqcXMYe3v4iVgkpGgmwpA3jdBiz3HodegRRCd%2FYO2OKajxZ0sX0BcM2nu6Jka220j9z3fQTdeinAIqWVR%2BVs9qXARERu%2FU%2Bn620dG6MV3NyRuk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4391b9efab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/animate.css
104.21.25.78200 OK 54 kB URL GET HTTP/3 nowqo.net/roblox/images/animate.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (53418)
Hash e2a7d135b1c8e224646c92c6f3fd96a6
b2b50086832927bbd02c4e17c05ebe56b0b48367
0202d4f993c3ef2e05f7073d7058c02956ad2ad252f4dc73cf7f4e90c800b30d
GET /roblox/images/animate.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6vk1096pbH9wrnWdQfzh6ihwIk9M%2Fqttf6%2B3L1ShDY2oFFQdFd4iJy0MA4T2AFCc6OvSwfGxrm%2FrrD2BoVpuAYSMJEbgA49AYcdlqOlars54cQYxkRQGb2AmFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffb7fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/magnific-popup.css
104.21.25.78200 OK 6.1 kB URL GET HTTP/3 nowqo.net/roblox/images/magnific-popup.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (6066), with no line terminators
Hash 5c7b8257bc3d11ed0b9d8c57d9d967d6
77a322afa98376719dd8fdd3942be08bb129d1bf
2c71340892aeebaae880becc0b89bd2ef6938150078692622c04d3f2bc7c0a32
GET /roblox/images/magnific-popup.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicHVzcGlhcmVuYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInB1c3BpYXJlbmFnbWFpbGNvbSIsImpvZ29zbGVnYWlzZG9yb2Jsb3hjb21kaW5oZWlyb2xpbWl0YWQuYmxvZ3Nwb3QuY29tIiwiam9nb3NsZWdhaXNkb3JvYmxveGNvbWRpbmhlaXJvbGltaXRhZC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:36:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRJ91ajiy1H5ltPY0LyomAZnclxpghBVyB8jtsKiWTWiLXYTIWAIoMoVSlY9AkpjPermigfrlaRcn0LE8Oqnkc1DaQGdWr2wVNkwmUUQeShlHqvOuWFM5HrHIoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f435ffbafab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400