Overview

URL jogosderobloxjacomtudofeito.blogspot.com/2021/10/wintertime-all-time-2-roblox-id.html
IP142.250.74.161
ASNGOOGLE
Location United States
Report completed2022-09-27 18:20:41 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 jogosderobloxjacomtudofeito.blogspot.com/2021/10/wintertime-all-time-2-robl (...) Phishing
2022-09-27 2 jogosderobloxjacomtudofeito.blogspot.com/2021/10/wintertime-all-time-2-robl (...) Phishing
2022-09-27 2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFp (...) Phishing
2022-09-27 2 play.robuxtip.org/images/jquery.magnific-popup.min.js Phishing
2022-09-27 2 play.robuxtip.org/images/sweetalert2.min.js Phishing
2022-09-27 2 play.robuxtip.org/images/main.js Phishing
2022-09-27 2 play.robuxtip.org/images/validator.min.js Phishing
2022-09-27 2 play.robuxtip.org/images/com.js Phishing
2022-09-27 2 play.robuxtip.org/images/fancyselect.js Phishing
2022-09-27 2 play.robuxtip.org/images/sticky.js Phishing
2022-09-27 2 play.robuxtip.org/images/form-scripts.js Phishing
2022-09-27 2 play.robuxtip.org/images/jquery-ui.min.js Phishing
2022-09-27 2 play.robuxtip.org/images/jquery-3.2.1.js Phishing
2022-09-27 2 play.robuxtip.org/images/scripts.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS play.robuxtip.org (25) 0 2022-09-18 11:50:28 UTC 2022-09-27 15:38:12 UTC 172.67.220.56 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-27 06:45:58 UTC 104.18.10.207
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 14:55:40 UTC 143.204.55.27
mnemonic passive DNS ocsp.pki.goog (12) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-27 12:08:14 UTC 93.184.220.29
mnemonic passive DNS s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-09-27 08:15:22 UTC 198.27.80.143
mnemonic passive DNS jogosderobloxjacomtudofeito.blogspot.com (2) 0 2022-09-27 14:42:03 UTC 2022-09-27 18:20:25 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS i.ytimg.com (5) 109 2019-09-28 06:57:57 UTC 2022-09-27 16:51:40 UTC 216.58.207.246
mnemonic passive DNS tse2.mm.bing.net (3) 8625 2014-11-11 03:52:47 UTC 2022-09-27 06:45:53 UTC 204.79.197.200
mnemonic passive DNS mtevor.com (1) 0 2019-11-04 00:42:52 UTC 2022-09-27 06:00:39 UTC 172.96.187.226 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.35
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 35.163.147.190
mnemonic passive DNS www.blogger.com (1) 8975 2012-05-22 07:35:03 UTC 2022-09-27 04:53:52 UTC 216.58.207.201
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2022-09-27 08:15:22 UTC 46.105.201.240


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Date UQ / IDS / BL URL IP
2022-12-09 05:42:51 +0000
0 - 0 - 3 brazzers07.blogspot.com/search/label/T%C3%BCr (...) 142.250.74.161
2022-12-09 05:26:55 +0000
0 - 0 - 3 instagramfreefollower10kget.blogspot.nl/ 142.250.74.161
2022-12-09 05:03:29 +0000
0 - 0 - 4 yesilcam-sinema-video-izle-vizyon.blogspot.co (...) 142.250.74.161
2022-12-09 05:00:41 +0000
0 - 0 - 4 aflam-uk.blogspot.de/search/label/Attractive 142.250.74.161
2022-12-09 05:00:40 +0000
0 - 0 - 2 lafamiglialeonionline.blogspot.com/search/lab (...) 142.250.74.161

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-09 05:58:08 +0000
0 - 0 - 2 tszqqhdnmvwdjwnsmmmg6045909973.blogspot.com/u (...) 142.250.74.33
2022-12-09 05:57:22 +0000
0 - 0 - 2 mashgerenciador.blogspot.com/ 172.217.21.161
2022-12-09 05:54:50 +0000
0 - 0 - 3 www.mfiu34kjds.com/cmp/Q9H4NX7Q/77G3B/?__rpt= (...) 34.96.118.183
2022-12-09 05:44:14 +0000
0 - 0 - 16 milsteelonline.com/page-https-www.adp.ca/en/r (...) 34.149.204.188
2022-12-09 05:43:15 +0000
0 - 0 - 14 ow5dirasuek.com/523/999.html 35.205.61.67

Last 1 reports on domain: jogosderobloxjacomtudofeito.blogspot.com

Date UQ / IDS / BL URL IP
2022-09-27 18:20:41 +0000
0 - 0 - 14 jogosderobloxjacomtudofeito.blogspot.com/2021 (...) 142.250.74.161

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-16 08:08:06 +0000
0 - 0 - 3 hakiroblox.blogspot.ug/ 142.250.74.161
2022-11-16 08:06:48 +0000
0 - 0 - 3 robloxjailbreakguiscriptpastebin2020.blogspot (...) 142.250.74.161
2022-11-15 09:36:34 +0000
0 - 0 - 2 premium88subscribed.blogspot.lt/ 142.250.74.161
2022-11-15 09:36:32 +0000
0 - 0 - 2 howtogetfreerobuxhack20192.blogspot.lt/ 142.250.74.161
2022-11-15 07:15:47 +0000
0 - 0 - 2 promocodesforroblox2019november.blogspot.com.by/ 142.250.74.161


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (73)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 18:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9N37r8OjzmJAtUZsOteaoLiJvkYD50Gf56Mqzn6A1BMJQv0WDsRuMw==
Age: 300


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6833
Expires: Tue, 27 Sep 2022 20:14:23 GMT
Date: Tue, 27 Sep 2022 18:20:30 GMT
Connection: keep-alive

                                        
                                            GET /2021/10/wintertime-all-time-2-roblox-id.html HTTP/1.1 
Host: jogosderobloxjacomtudofeito.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://jogosderobloxjacomtudofeito.blogspot.com/2021/10/wintertime-all-time-2-roblox-id.html
Content-Encoding: gzip
Date: Tue, 27 Sep 2022 18:20:30 GMT
Expires: Tue, 27 Sep 2022 18:20:30 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 220
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   220
Md5:    0f19ac56dd1c8f900ca6e6899f25f4da
Sha1:   fcd6af02b202c8e5efedf19420c19fe748f790d0
Sha256: f1e073f511d5acf0d8a8fa69a1560ea7e011f16ec39302f47d5931da9e4202ad

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q2h8kS-8z0ruh5eX8bIl0qt-uqgd8dDa5Su1ktJHaw5siabOxegs3w==
age: 32177
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 18:20:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 18:10:46 GMT
Expires: Tue, 27 Sep 2022 19:04:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZB1ufSXGg-78i53MX0kzHAtUNGalYH0OKxSD8rISnFiauIoMDgm7ew==
Age: 585


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1956
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:20:31 GMT
Last-Modified: Tue, 27 Sep 2022 17:47:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SvUOD0EAxqNmG3bXKuibAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.163.147.190
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ER2/moEsdPYekGSbZZ1MhhhJlbQ=

                                        
                                            GET /2021/10/wintertime-all-time-2-roblox-id.html HTTP/1.1 
Host: jogosderobloxjacomtudofeito.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Tue, 27 Sep 2022 18:20:31 GMT
date: Tue, 27 Sep 2022 18:20:31 GMT
cache-control: private, max-age=0
last-modified: Thu, 22 Sep 2022 11:22:19 GMT
etag: W/"3b11d61902b21af2e470ac95ce2fd69d6343a8f06b1af9cb8e7b636688ee2e03"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20358
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14233)
Size:   20358
Md5:    1e1cb7d6369006b11c3b0e01d392e330
Sha1:   a0580c4d94b6841e42dba049a403e312020cab58
Sha256: e4c2ce6c0deb0a636c68d5f96762fe5fddb779fa8f58aa685a630be63567e3cc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /vi/POOrT_7HqEA/maxresdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.246
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 46164
date: Tue, 27 Sep 2022 18:20:31 GMT
expires: Tue, 27 Sep 2022 20:20:31 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size:   46164
Md5:    e3f34ac77aa6f19273e63b97ee5d3933
Sha1:   7c9db13e474ed768e5c71437373e98c0836e3da9
Sha256: 851f4eb27ee59d2d2c6d788a2631386082e697be6eeeb258546cd7a524929523
                                        
                                            GET /vi/yyqKmzObgQ0/hq720.jpg?sqp=-oaymwEcCOgCEMoBSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLA--4firKNas6rpbd3RmQ2J3nhABw HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.246
HTTP/2 200 OK
content-type: image/webp
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 15358
date: Tue, 27 Sep 2022 18:20:31 GMT
expires: Tue, 27 Sep 2022 20:20:31 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 360x202, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   15358
Md5:    818f6618940a2ff85e5a08709e183eb7
Sha1:   cc4f7ca1ee261e8cf01e5ad6571f5e0ce84fb84a
Sha256: 3d49e5e119d6413a9701b832ff835fa73cdb7fffb05140ce9b0476d15801f64c
                                        
                                            GET /vi/2n6I14yFaSs/maxresdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.246
HTTP/2 404 Not Found
content-type: image/jpeg
                                        
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 18:20:31 GMT
expires: Tue, 27 Sep 2022 18:21:01 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size:   1097
Md5:    e2ddfee11ae7edcae257da47f3a78a70
Sha1:   6e902fa6302eb30cd204579bca6a59b37233e262
Sha256: 20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
                                        
                                            GET /vi/7ofks2BHsSI/maxresdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.246
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 88805
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 18:20:31 GMT
expires: Tue, 27 Sep 2022 20:20:31 GMT
cache-control: public, max-age=7200
etag: "1481584403"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size:   88805
Md5:    b6e801b26ce41307312a4e1ddc809397
Sha1:   68416996a4402706c4ca3f431841ae3b41564a94
Sha256: 00ce8166c313c79d1b754cf0f1cd635ad033ef49d68cf173ee02f631ff2a021f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /th?id=OVP.aqD5AMEt1o9CTIDk7wK91wEsDh&pid=Api/? HTTP/1.1 
Host: tse2.mm.bing.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         204.79.197.200
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=1209600
content-length: 15160
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E24C1551B0B64C6B9DE3A77A27C98C62 Ref B: OSL30EDGE0507 Ref C: 2022-09-27T18:20:31Z
date: Tue, 27 Sep 2022 18:20:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 300x225, components 3\012- data
Size:   15160
Md5:    6aa0f900c12dd68f424c80e4ef02bdd7
Sha1:   9c6f44763662b9f9b0d48306020a02f6b352dc75
Sha256: 9eee31b3fd3c240ae704eaa1983a56c299826c85286a1fed2f667460ec0bb2e1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
age: 181441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56826
Md5:    b318be2224a9b91139a7a4b41f2e4b6e
Sha1:   4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
Sha256: bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /th?id=OVP.LqcAnAkOIdgM2M6uQY9ZewEsDh&pid=Api/? HTTP/1.1 
Host: tse2.mm.bing.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         204.79.197.200
HTTP/2 404 Not Found
                                        
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDE74BBB880C4DBA836FE67AE6800C1C Ref B: OSL30EDGE0507 Ref C: 2022-09-27T18:20:31Z
date: Tue, 27 Sep 2022 18:20:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Size:   1192
Md5:    f0f7d2c575a576fcbe5904900906e27a
Sha1:   2ae9765a166420936e89da8e3a0f4ca51919d1ce
Sha256: 36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
                                        
                                            GET /th?id=OVP.CPzu_jAly3_04MI6NrnVjgEsDh&pid=Api/? HTTP/1.1 
Host: tse2.mm.bing.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         204.79.197.200
HTTP/2 404 Not Found
                                        
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D617DA2A870844B7A27C4BA65BE32AE9 Ref B: OSL30EDGE0507 Ref C: 2022-09-27T18:20:31Z
date: Tue, 27 Sep 2022 18:20:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Size:   1192
Md5:    f0f7d2c575a576fcbe5904900906e27a
Sha1:   2ae9765a166420936e89da8e3a0f4ca51919d1ce
Sha256: 36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
                                        
                                            POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/ft-1.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcrkPpjP41m5q%2Bi9YDjf8Q3TlliwBQ1pSro0MKDIEC7JARJlQw7qXlgpMngwLUP4SyvAOi5jArzNY%2F2R3h1zA6%2FgoDqveHgDCUWkbeR9HQf1%2Fm4w81B1cFQouWpAyegblXYrJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff0bbdb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   3340
Md5:    e84f0caa809a15b2aaa9cb93bbe6669a
Sha1:   22a330ad580aaa6b2232307a87b981adc7fbf38f
Sha256: 1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
                                        
                                            GET /images/header.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YN8sSSJYlQgFuANtzNKAtenZT3oG4L%2BXvRroLOErdCiOTPdpsY%2BmHKOIvt3WBT%2F22cPT0VwT6cw0T8jQgORu3hjtykd01o8EV%2BLnpj14NvWI0rliJNoQydbxWt7dd1OHz7%2B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff0bb9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   131285
Md5:    35e93538f31d67876a2cb38bf94279d8
Sha1:   49bf97732e9bffb5371ad60d024901b09d83651b
Sha256: 95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
                                        
                                            GET /images/gamebaglogo.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7L1cpwZAI5qv5lj%2FuLer4i9k612zVb8BCEtwulgQzcu5oAl8J8QbwKgB53sW0IYWj%2FvHqug3ip%2F1vNBcIpIvvCYgEZlwdkeRreRWEeIvts7ekJUHC5Otsp7AtyEOKh4rE53yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff0bb6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   3340
Md5:    e84f0caa809a15b2aaa9cb93bbe6669a
Sha1:   22a330ad580aaa6b2232307a87b981adc7fbf38f
Sha256: 1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
                                        
                                            GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9744202
expires: Sun, 17 Sep 2023 18:20:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l79YZhwq6x0jEBYoJQXwPS%2BC7eXypVfRdFYt0giQsLvoB3X0ijloF9XQE7EBkK1JdGTWD86Oe5Q4by3cj6pGt6Hpd6ZaHkcVg2MV5SrXqG9FR5XytdSrAbpOmHSy1J%2FBQjIEaU14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751640ff2d9db4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3201), with no line terminators
Size:   1541
Md5:    8e09ceb5490863a66cd2e83ca3d7e524
Sha1:   35e3d074516ec70c508d748f7ae01827bc0c28ba
Sha256: cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
                                        
                                            GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txLoQ%2BBngGx4qW%2BogHeijnh8iYtRH9ppl5pHgni1SvVTbIDVY2H3d2mimmshe7R72GLiHxhXOtleJv6lP36K6GCxurui3vr%2FRaHEHtLMfFpMLiDbVEPJCRaFZud8BXOxciDsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fe6a38b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   6010
Md5:    303855d0e894007be0a316a3f869600c
Sha1:   7db5c2ed9ebeffa55e5c7aefcc42775ba18117ba
Sha256: dd09411fa33c31456ed6f3943d74fac60a2154e110dc1307ffe1196fd3de8d91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/main-bg.jpg HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 838330
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-ccaba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1faJEXW%2FOqgsIx9gmS%2BQuDjlhfN4NzTkXTXO6TtWxNCQwTBDcfG09ywKYlhbjvvkoIBqylpvqrlk4QtcvmYdy%2FTB4%2Bx%2BVHqWuUmsxkNneqqUyXt0ylUz787pa0JBZqSh6Hi6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff9cf5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 2560x1440, components 3\012- data
Size:   838330
Md5:    ba5d619ee57cf5acc6ebee951a24e01a
Sha1:   a0627942a4e280318a098576257027078cbc40fc
Sha256: ff5ca3b41fff989a535f80c1119cca50d67fa99c759545a3fc484cc8124cf836
                                        
                                            POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/jquery.magnific-popup.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UccM3%2FMaDPaSgv65HG0x7POfOZ4obhq1eEcBrdzOab5BzKZoW%2Bp%2BoQdEeH9LxMED%2B0ul7RiVZbIfPydmqedfssmG%2BuAf9aynSvh3D00AW7Sb4j8OlkTd7vkyXlFQBM9AEso4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1be3b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21014)
Size:   9365
Md5:    9664c4ef49248c33639f414fff43261f
Sha1:   c65fa2d1ded1f92b4dc7fc9afa2262ebaf6c9eba
Sha256: ee0610f34cba41539634682478434aa2c413af8498f7ff82141dddd3fa488036

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/sweetalert2.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExPYjEUIK28HaYYsIt5J96pWv8aMfX9MFPRDixje0cu76Gdqwi%2B0NcadI5m3Ux3pfjSpkYYadrkYdV9SrHQgr6o%2FUtCY6A2NAJu2hB35Px2Zn%2FGu6pOZR0UzBBQyGgThOCkS8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fefb8bb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13988), with no line terminators
Size:   4733
Md5:    56252d1062c2fd63157219200e03c73d
Sha1:   a7b95da317672578ba94d9d7ab9f09dfb48b2f90
Sha256: 79c2da272e08ba9cb54ffa4fc879c6995407062038e820ee67b104f5adde09dc
                                        
                                            GET /images/fancyselect.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0ruy6LCUdbDIK29pQ%2FaLPBCNIQHtFh9WrkBAje6w%2FLyLZgCdCNxYL6aKTm6IPqdD0FTdsnzrOcJ662JF%2F3qzFJBrri43Z9b5JzwwUnfnPf0qPEsdm82DTKDDsx3Ke%2BBBETSYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fefb90b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3595), with no line terminators
Size:   28106
Md5:    fe73a0aa8e5e55574e1fb5c41992f722
Sha1:   1a68a9641d109d4fc3e7f64771754a111dc228c6
Sha256: fb262c76df63c9df42a738c77a92250c0d88e028cfdc7ce83ad7196417962b18
                                        
                                            GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgt4o5jDEuBtoSufpoDN6uARwPGgrfPevXIYWap8VLRSGXtcAhx8L1eW8RvhRDfNQmJFM8IM8J9oyzpWwM7QasiMr5bsABxv9F%2F4ZOZQhWtAI%2FVSKfusUcL87AP4UTU9SwEaYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640feeb7bb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (701), with no line terminators
Size:   55495
Md5:    4058e5b657814b62c7e614cf169ba911
Sha1:   df8296db5804b5d01ac196a8843bdb8237d9d5d9
Sha256: 91e750e008cde9f97222ff88f0eeeb076dd56b9c609e9992f20bc904329b7cdd
                                        
                                            GET /images/magnific-popup.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD6ClOZ8PPpqwhX8MjQGTC0qe3JtKFGq2N9QPuBJW6a5P1fxBoWAsHV5MqYUkKG8cNLhZUO4iUWYqRqa9iCnDJR53TeSX8puSUsNiCaxopN0%2FFKi5GTUMCLsSYNcuWdp7bUWpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fefb8fb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6066), with no line terminators
Size:   4791
Md5:    505f3ad7c0e2c8ce11de3f0208281ee3
Sha1:   4837278e985cfbc458885d2b434acdb8287b70ee
Sha256: 060c68399cfd09cd1e5aa170b1fcfae4e05141bf54f6e5abf99536bc1fd3d944
                                        
                                            GET /images/animate.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXQu2ASDYeqocKeKZ2%2FgM8L9ISKtbeBBCXmoWTdUBWqip898rmQIgv32FMiZICb441v92RiA9jSpidBQpj%2B1a%2FTsJm2aXnEAuEwCFGd1k4%2BcQ1Qh0zj0thCgQzX8qu%2Bzlz7xMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640feeb89b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53418)
Size:   20027
Md5:    d4b0aee081decf264ee74983e602998a
Sha1:   12dea240533e2a8ef3ca8dc3ea8e30fd49a1fe87
Sha256: 7c95f85e5f4d24eb889ac4bc1450ca4d00b9ed47b994ce10003511d31e94e8b4
                                        
                                            GET /images/button-dot.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 672
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-2a0"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlLqJ2sY17mdIwvyOcLhpQhAgxhBzuYgJWickJ244ldGM0eLIrwkJoGQEwev9r1x35UqJm%2FZ3YbyfBs%2FD5hjRN3aAY1ushURGcPQFJZhdEoXRm1lcGox3FNLH6QCah6dDWSXZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fffe2eb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Size:   672
Md5:    478aefab2e280b16b0372e607414d3c2
Sha1:   710f5aaa706ec23cbf45006d7c1d25be76b4fa64
Sha256: a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4231
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:20:32 GMT
Last-Modified: Tue, 27 Sep 2022 17:10:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:07:48 GMT
expires: Thu, 21 Sep 2023 07:07:48 GMT
cache-control: public, max-age=31536000
age: 558764
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Size:   17789
Md5:    8c20320e2a77d984348f9e9aa7296b9d
Sha1:   0939a63b6a9982ab64f044dfc3a21dac2bca0499
Sha256: 0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 18:20:32 GMT
Connection: keep-alive

                                        
                                            GET /images/sweetalert2.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2uOPDk11816n%2Fso1t8Eu1%2BBGynk8IoGrwqWoBIWQlA1IZNSEBU1v1%2F2GnkC7cQEABOp3XPk9l1W7A4ac5Drs72NMLvLlOwMJwFFA0gDaZzeFputWz4zN6n9put%2FWbvdvvuKDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1bddb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20305), with no line terminators
Size:   7157
Md5:    da09a8779b25d3a96964c8d7714b6c2c
Sha1:   1be22085fdf6aca61e7388c172959f7ffac5b136
Sha256: c577544789c8baeb30e4aa9123f8c2014d57178f67899b25e57b2ae266f3347d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 23065d71cd7bf559ee33418a33733bb0
cdn-cache: HIT
cf-cache-status: HIT
age: 900224
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75164100ef151c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size:   66624
Md5:    db812d8a70a4e88e888744c1c9a27e89
Sha1:   638c652d623280a58144f93e7b552c66d1667a11
Sha256: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
                                        
                                            GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:43:27 GMT
expires: Thu, 21 Sep 2023 11:43:27 GMT
cache-control: public, max-age=31536000
age: 542225
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Size:   18604
Md5:    5498784000b038638befe230ea392271
Sha1:   efef80115bdabd927501563197827a7ae837a19f
Sha256: 5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 18:20:32 GMT
Connection: keep-alive

                                        
                                            GET /images/main.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqLw%2BtKSLCnmz4ekab4lPMeKy6muY8WGVZ0Xb5B55S2Jc4ERIFcPiOalp0zS0agXgNdJ9kL6RCsImbSIjxq%2FU7j9OKz2XwIGxBWRbqk1J7Ikk%2FcNIVKu7XhMUNCaz8s4qkKpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1be9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24637)
Size:   33334
Md5:    9b9d0e4a53e5797bbcdaf0abf0853be8
Sha1:   07f8b27795be404b11994dd42dffa5f04871a017
Sha256: 9366c0415d429e29c02a096d161fab41bb9be6b058ffc33461964c1eee602069

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 18:20:32 GMT
Connection: keep-alive

                                        
                                            GET /images/validator.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpzlrJfesaX9KBBhuLaXMsEbkGEiFOkuqGl7GdMM8CT05csSxbYJsEVZJXxB%2FuAxaS%2BaYU%2BSV5mmk1p9OrWrSCZNjEbo1yobTB%2FKeg7Mm%2FwV%2FllLXOT%2Bb%2FMEF3JVXM6k1RxVSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1bdfb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5862)
Size:   2591
Md5:    2d3f28f2329377fe92a103f24e0f55d3
Sha1:   b1ff19f99632ecb0fb190bae49e011218d316501
Sha256: 4b0fb8828cfe504807a1a11248e34e8f79862f9c4ccdb0deb465e1719da88a87

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 74495
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DiTKUZCtnzzWsLnaX07RzIFfcP2_SiKqzETIMe3RoXWnQOBaB8BhmQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:14 GMT
age: 62118
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7701
Md5:    9ff2dbdbf6d450f0d9774777b3c5aa6e
Sha1:   2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
Sha256: 4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
                                        
                                            GET /images/com.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d81G7XsKSVCi64dE9gEUPAV%2BFtXzz4piuRbYQfEyNoeBo%2Bd%2BzHMKcBPRKepy7TyrLf3ZWQCo36z6keWxv0vudmozKR8u4UX6TQDr0oIv7rcuYfRNA0t4G3Iw15Aca2d8cAqAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1be0b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Size:   9403
Md5:    ea7426b7c8f006c86ca296827225cf10
Sha1:   5f48fa7790286ab76cfaf08eb6736c0fab06d715
Sha256: 39a2fcc9a515c1ff4b9be925b4f63a85dd8f196c2eac9b5e0163ea8a97084a32

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 74485
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4231
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 18:20:32 GMT
Last-Modified: Tue, 27 Sep 2022 17:10:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:00 GMT
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
age: 74492
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 18:20:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 62025
etag: "1a26007f761e439db575fb80fb403031260aecf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            GET /images/style.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B%2BKK3fGiXqOcQDwpr%2BpDp7jITQTNPftVubOaQvFIZ1NHGwM2rBGB26HCsP4FP5KAC92ON%2But3DoZKs2x6IX8lmVrEY%2Fh0RVW4v6KcRlnBdSJQCCGt%2FmV%2Bub8a8OJVbiNX%2FPnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640fefb92b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40387), with no line terminators
Size:   7939
Md5:    6c225ecb50ebbc140788b34eaa2d5a4d
Sha1:   789b664dae3a925298e9a75581bfe2b15553ed61
Sha256: f40a09f3c86873f94d5e626bc090cc042e16170f1ed7bc8d90374d16f8bd7dfc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7051
Expires: Tue, 27 Sep 2022 20:18:03 GMT
Date: Tue, 27 Sep 2022 18:20:32 GMT
Connection: keep-alive

                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 18:11:41 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 525960405
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4364
Md5:    ed192092c129db6123a3397855f42619
Sha1:   067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
Sha256: 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
                                        
                                            GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1664302830747&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=afikartngmailcom|template=Fastink.xml|afikartngmailcom=jogosderobloxjacomtudofeito.blogspot.com|jogosderobloxjacomtudofeito.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fjogosderobloxjacomtudofeito.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:151262022&@b3:1664302831&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.27.80.143
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 18:20:33 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    4026c0decf9ab022345041b6d1d0ca3b
Sha1:   770670db6d6cc9b5286a28dec2c5959d1228e227
Sha256: 1ef54bc31eec049384fbe847ba0a0b3300524565bd0af8e0e3de9d0ba899b417
                                        
                                            GET /images/fancyselect.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPp6z4w321TicW70eFey6Fnd8Np42khR2B3g32vLTYVdogt8dGg6c52XTJcVd3ZQYplRCfU9p10%2FPVH%2BTb0ICrRTQxvwFdQzmUfi0ewItmwvR2ot4hYY7X8p5MAPMZhnw3rufg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1bdab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/sticky.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibtTCPL210Ad%2FB%2FG9HPH6jl5Ue2pOTtcNVk1MKjbJ34hn1KWoNaMv1fqDdcfJthBXTGCbnxCC%2BuV%2BCbZalVk7Z60JQ0V6BKsYpAcRgKa0Lf31o6%2FtW6ZcRjT56223%2BHXe1Ch3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1be5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/form-scripts.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCaZyBcCQauZkZDG3idMOWYnv0FEXyuDw7YZEpV2FuMMPja5hNqR4r8eDCXSsE91yuzYMN6QPTRlYCSLs6pVLP1ggiTkddL%2FERXYt8wHhdbXq4Y1aEaioKu%2BLEzfqMBZ2LGshw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff1be2b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /vi/j8SkH9cIR-s/maxresdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.246
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 125242
date: Tue, 27 Sep 2022 18:20:31 GMT
expires: Tue, 27 Sep 2022 20:20:31 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/jquery-ui.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFsHyIyvQQDvaJnus9iiic5G5RvrNgOUQkpPt4i%2BLqoYUFmpaq6AAmZT3Yvq7KsyxkJlrk9MrBFSZFkr2e%2FI77NhRizvHg4aKPX3zBMVLFOIvDRomAwoyJgptPsLX9YRP4i5cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff0bcbb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/jquery-3.2.1.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb5E%2FR%2BRWZZP0bKj1HER2%2F2injVcqO978xw16dsMt2yeat7cAj3kee8rRD2DcFLXkjgLqi1gAKbMCKs8yUCYOsPyJcpcKA9WW6SvzNXFC06PbS3hRHL0p3Wn02gVpzh6CPKFZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff0bc8b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cluster-v2/roblox-crn.js HTTP/1.1 
Host: mtevor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jogosderobloxjacomtudofeito.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.96.187.226
HTTP/2 200 OK
content-type: application/javascript
                                        
x-powered-by: PHP/5.6.40
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 18:20:31 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/font-awesome.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln4l4XNawo8Vd2Zv%2FApG1w4LtIlsEBIjzj3uJPYEM1EJ7O8fzXduzA1t5lLMtvJOb0N6D%2BhJ1TI1exteZv%2Bl1fG005umrAh5r4YsWCj1ryR7RjoZraNoqItdLXWM3j4GAg9m%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640feeb7db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/bootstrap.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 900224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkB4bUuipiltH7zoc%2BdERt2hVk%2BLFrgJ5pp8uTGN1zxefW8zN%2FfEAd1inGFeqcCb4WNAkzCT3j0F9b1m1dHVjqhuWaYW5AveXGW1MQzDTXoJmvMWrAWvw3l0Fua8502f11FNtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640feeb82b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/scripts.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwiYWZpa2FydG5nbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJhZmlrYXJ0bmdtYWlsY29tIiwiam9nb3NkZXJvYmxveGphY29tdHVkb2ZlaXRvLmJsb2dzcG90LmNvbSIsImpvZ29zZGVyb2Jsb3hqYWNvbXR1ZG9mZWl0by5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.220.56
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 18:20:32 GMT
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 413824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZTIEooQOHQ19yxQDX%2FZ0ecTV%2B6AjMERH5xP1Jb0ZXDnATpuiEh3uSln4UPK%2BBEHjazYNPPhhlBdQ%2B58kiRzKqmjXKa5QHMHvd%2BOXl8q%2FPU0b0CAtFe8k6BKG%2BL3YVz0jGHUlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751640ff2bf9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing