2021robloxhackwebsite.blogspot.rs/
142.250.74.161302 Moved Temporarily 187 B URL HTTP/1.1 2021robloxhackwebsite.blogspot.rs/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5bae34aeb68333dc96bb9d8b1709645b
24f64a553644ae3e7eb550ada44c1a6b241a5e40
4c80c875e1cbca3717c5527c636efec400ad542980086534cc34ba9a0d92b1fc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 2021robloxhackwebsite.blogspot.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://2021robloxhackwebsite.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 14:06:10 GMT
Expires: Sat, 24 Sep 2022 14:06:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 187
Server: GSE
firefox.settings.services.mozilla.com/v1/
13.224.245.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.245.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 14:05:41 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 20340eb7909bfa098c771e4c93be880a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: 0-YFpCegHwaCutKctvGLaqajZcv4fbqZ27pQQlGbN3wg72s-wcZfMg==
Age: 29
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8811
Expires: Sat, 24 Sep 2022 16:33:01 GMT
Date: Sat, 24 Sep 2022 14:06:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.245.56200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.245.56:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9eac3543c83a5bddc4ced0070ee5e1f6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: k1zLn-_nxPUTwcIrUHHcykxRoKcFtN17AZ-0B3_clV99TJIVW9WvIw==
age: 35587
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:06:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
2021robloxhackwebsite.blogspot.com/
142.250.74.161301 Moved Permanently 186 B URL HTTP/1.1 2021robloxhackwebsite.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bc6918f4ba6c6dd25e846e4e62fb28fb
f6cb7c0f66100cfc57c0f425b368bd6050f492cb
0427251df703c1e88331f8c1065993231e08c2c17da1bf0f1e686d15b4e67e82
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 2021robloxhackwebsite.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://2021robloxhackwebsite.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 14:06:10 GMT
Expires: Sat, 24 Sep 2022 14:06:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 186
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.245.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.245.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 13:20:46 GMT
Expires: Sat, 24 Sep 2022 13:51:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6b8db06427c7e39e9e30be778e233838.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: xvy82i4MS6mk07QD3TIm8BZfO360tyzjRv9LxzKI6cmJS1yyst6l5w==
Age: 2724
2021robloxhackwebsite.blogspot.com/
142.250.74.161200 OK 17 kB URL HTTP/2 2021robloxhackwebsite.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14233)
Hash 7590b08c991733bb1060347adab1a95f
df571868372125d7e37d38691a0fcced8875e82f
d484518c14656cd159b58aba627040d1e98bdcf55625386dc3e56f1e6ff0b6b7
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 2021robloxhackwebsite.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:06:10 GMT
date: Sat, 24 Sep 2022 14:06:10 GMT
cache-control: private, max-age=0
last-modified: Thu, 22 Sep 2022 00:29:18 GMT
etag: W/"7b8bb3ddbe1775840d64a555c182f9f22293844e42216ea6a8dfcdbd1e88edfa"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16827
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ecd575d97d4cd4413b8356d138803a0
6b811c6936f10e0af0efabf5110ded1a22c44994
dd4c9784dd01dba06078974526115c5b9d4fca13e1fdc4af35b29a1b9439fe90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pics.loveforquotes.com/25-alcohol-tobacco-and-firearms-package-deali-50-spent-my-62236001.png
151.139.128.11200 OK 58 kB URL HTTP/2 pics.loveforquotes.com/25-alcohol-tobacco-and-firearms-package-deali-50-spent-my-62236001.png
IP 151.139.128.11:0
File type PNG image data, 500 x 495, 8-bit colormap, non-interlaced\012- data
Hash 54789de9feb6f46822af6fdd098066eb
ccc15bf8ed6c242ae48bd01e3f8962e4bd5cee28
460fea4d5d91b27d7d6d496fdfdab7a469ba977cd471c579d532ac9e97461de5
GET /25-alcohol-tobacco-and-firearms-package-deali-50-spent-my-62236001.png HTTP/1.1
Host: pics.loveforquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-length: 57539
content-type: image/png
last-modified: Fri, 22 Nov 2019 22:26:44 GMT
accept-ranges: bytes
cache-control: max-age=2592000
etag: "54789de9feb6f46822af6fdd098066eb"
server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head13)
x-amz-id-2: bpo4G3b9gChe8aIz187oMXe4htAIUyjo1cUi/KiM+NMFPe3RyJYPHeg+b2iGh/3VeIWHS8V/EC54
x-amz-request-id: 745A1E1E6B15A4BC
x-hw: 1664028371.cds219.sk1.hn,1664028371.cds246.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3O5vHvJBwUbkPsoPpp6ta5FDBm6-CQTmnMwHsSox6c0nkoaQe8Eq6Dd7FOji1asC5Af9nFkx88J4Oml45p8V5tJSJWUnhDWTGymqvET03_fK30kMSQDFk7Ljo5IFAH6Cid0zwALJLk8Z0YHh8=s0-d
142.250.74.33200 OK 6.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3O5vHvJBwUbkPsoPpp6ta5FDBm6-CQTmnMwHsSox6c0nkoaQe8Eq6Dd7FOji1asC5Af9nFkx88J4Oml45p8V5tJSJWUnhDWTGymqvET03_fK30kMSQDFk7Ljo5IFAH6Cid0zwALJLk8Z0YHh8=s0-d
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 825f9926b1497fb7af5a8ed555e1dab4
83b953dbe722a15eaf0c4a4de0a905a301c36003
03743fa96eb5b9e0f35b8c0449a7a71b8023c9903a1553d822276e778c3ea78c
GET /blogger_img_proxy/ANbyha3O5vHvJBwUbkPsoPpp6ta5FDBm6-CQTmnMwHsSox6c0nkoaQe8Eq6Dd7FOji1asC5Af9nFkx88J4Oml45p8V5tJSJWUnhDWTGymqvET03_fK30kMSQDFk7Ljo5IFAH6Cid0zwALJLk8Z0YHh8=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 25 Sep 2022 14:06:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 14:06:11 GMT
server: fife
content-length: 6311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pics.loveforquotes.com/u-graymdd-adobe-photoshop-google-draw-made-with-love-and-google-55540178.png
151.139.128.11200 OK 56 kB URL HTTP/2 pics.loveforquotes.com/u-graymdd-adobe-photoshop-google-draw-made-with-love-and-google-55540178.png
IP 151.139.128.11:0
File type PNG image data, 500 x 439, 8-bit colormap, non-interlaced\012- data
Hash 8d0dbe2ae6fd41696e1b29afcf92fdd9
937afe3bc3e5992312f6639c3f9146ff3913203b
f10caf7910172fe40516a6d3ca069e33c8dbd2829b500a9afbfe3693f415aa0f
GET /u-graymdd-adobe-photoshop-google-draw-made-with-love-and-google-55540178.png HTTP/1.1
Host: pics.loveforquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
cache-control: max-age=691200
content-length: 55600
content-type: image/png
last-modified: Sun, 03 Nov 2019 00:04:47 GMT
accept-ranges: bytes
etag: "8d0dbe2ae6fd41696e1b29afcf92fdd9"
server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head13)
x-amz-id-2: z7y6INgljfLFVKP6y89jLO0ewCJmQYhXdEceKfhtiyhL5/fon+DgRlB4rWN5Iq1QedzjAeIgyPNe
x-amz-request-id: A78B0BD47E9B0AFB
x-hw: 1664028371.cds219.sk1.hn,1664028371.cds230.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ecd575d97d4cd4413b8356d138803a0
6b811c6936f10e0af0efabf5110ded1a22c44994
dd4c9784dd01dba06078974526115c5b9d4fca13e1fdc4af35b29a1b9439fe90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/paY0lsqKzok/hqdefault.jpg
142.250.74.54200 OK 14 kB URL HTTP/2 i.ytimg.com/vi/paY0lsqKzok/hqdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 1ef1402e0b5b7f922a244ecf43ca916d
eb0305ce2acc28d925d435be01cbf49ff62ded8a
55853fa672525c3b38c0db8ce29ee3228b3e3c69881a1a60bb68e633ff98e6b6
GET /vi/paY0lsqKzok/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13892
date: Sat, 24 Sep 2022 14:06:11 GMT
expires: Sat, 24 Sep 2022 16:06:11 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4681
Cache-Control: max-age=155915
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Etag: "632eba95-1d7"
Expires: Mon, 26 Sep 2022 09:24:46 GMT
Last-Modified: Sat, 24 Sep 2022 08:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/HYlRVnzSiE0/maxresdefault.jpg
142.250.74.54200 OK 47 kB URL HTTP/2 i.ytimg.com/vi/HYlRVnzSiE0/maxresdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash f6e8d3cd7f7cce975a9544504d2b5941
6c1b25bf2181287cc2b7aa3a0389a1cd6c68d8a0
b885861f140794f847eee731e7abe405e996ec46769097e1dd1d72104dfa658f
GET /vi/HYlRVnzSiE0/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 46940
date: Sat, 24 Sep 2022 14:06:11 GMT
expires: Sat, 24 Sep 2022 16:06:11 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 301478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ecd575d97d4cd4413b8356d138803a0
6b811c6936f10e0af0efabf5110ded1a22c44994
dd4c9784dd01dba06078974526115c5b9d4fca13e1fdc4af35b29a1b9439fe90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b9pVYZ+QLtJsHzTG/dje2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i/VgbIlPneGIOF22T0YzOzlwN88=
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash a4dfdf33f94f880a0adb7c17c97b2d8a
3f875a740543fa301396df664c9d0f3d4fd49087
ca83edb56fdb866efbffb357556f3eaff18bcfd42cd170e7c8ef904ca6bf82fa
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/gamebaglogo.png
172.67.220.56200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 172.67.220.56:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcd31zj8l5LyvUdOx0ieUXoAFN7F5AwTd5OdUNDRz4WyCazA1tFJLcpKdtNYtfHlVO0NKz4O%2Fula0MoD62BDEHXLvxGUUyVPhB6FUGGO5FctApBy8b%2BY3Z2WMDPcCxm5xoLkjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cd6b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
172.67.220.56200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 172.67.220.56:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOBile2NGHIhonRymIQs0VUKPCh8UHiyQP%2BKYiLwiPjEToAgr4a3xmwb4KRgoMKswozLEfdQOTGMfWpSoxBtDpobSXhgs5GY3koV%2BXyc%2BC2XaGjowhqIPRlJm5SNUMAP3KwQ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cd8b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
172.67.220.56200 OK 131 kB URL HTTP/2 play.robuxtip.org/images/header.png
IP 172.67.220.56:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNgi%2Fpo3vGjBsCUfF%2BCfHdIqvpCooGnx4fyimGl4yBhTtCYK6QyVnLs1cb8WghgetR%2BE8ZnI0%2BRbAcBj4VV7ofdwOwXafr%2FK%2BhK8sK7sumNvwCaQvTKMq%2FtRscq0nbILgcYWlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cd7b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9469741
expires: Thu, 14 Sep 2023 14:06:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpxEyIzzX9l%2Fd0rAGS9KHrFlfKlr86qBZas8x3DFehqf5E5D7Bnwh0c6Xwdb%2BEtbdyKK8ezenc4nTlKdWKzWBhBDMyzUq6bWNNF%2B%2Bv6v4mHFJjmSW2yoHmY3y6zHdpOITvIroc5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74fc144b7f37fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (4802)
Hash 18914b05d782cca37716837edf14fa8a
c563d127cf718dd86389fdd007b4c51b6bb58dc3
4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Sep 2022 14:06:11 GMT
age: 5221151
x-served-by: cache-fra19165-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2
mtevor.com/cluster-v2/roblox-crn.js
172.96.187.226200 OK 4.3 kB URL HTTP/2 mtevor.com/cluster-v2/roblox-crn.js
IP 172.96.187.226:0
File type ASCII text, with very long lines (4802), with CRLF line terminators
Hash b02d3cb197b37436f445e2d319cd7fbf
44bde79e18b1a2f7588fc29dfdf9787c912d007a
e7c36ab6b96d55852d632b929a4ed48cae5c84351c18053133fbb0ff0946cb03
GET /cluster-v2/roblox-crn.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 14:06:11 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
172.67.220.56200 OK 43 kB URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (1237)
Hash d855e5e917d03b9851e160a4642b1733
88f85495e5dd497367e85e145edb54cfd8289ddc
fab0b6c107ca6ed00d2605a029b8fe270762b19c0c8c94c0fbcddf5b9aef8680
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNLIKkGpsPDYx0W4lPm5VQGRr%2FUrqm4gg4G5L3Yqm1hsljiAC4BzYAx5zOl%2Fon3M5Xqfx1hyJuhl%2BZyZsroxxlyEnyUc%2B5S1eo%2BfQvVSu20eK7SDpqT6ogufanU8U4BaNJII7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cdbb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sticky.js
172.67.220.56200 OK 26 kB URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (16920)
Hash 539a4bc3f604ab7b6567d67c40155308
e565bddba9e8a6cdd3ce8d53abce62a24095fb69
dd6b22a7b90848d40455e5791c9c197123a3514d715cddf924a6c8885c47247b
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHLtysL1vZhnMeSsbfgqNyvtIF9awW469TAWxIno1RMTCy%2F%2Ff%2FMTaWrchx7GsFjiKJaddSy70NEMmpJwaUrG%2BL6AS%2BCd3Msm%2FJpHgpRvHV7X0swm3PdA60wVCgqM7H7RfYj44Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5d01b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/main-bg.jpg
172.67.220.56200 OK 27 kB URL HTTP/2 play.robuxtip.org/images/main-bg.jpg
IP 172.67.220.56:0
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /images/main-bg.jpg HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/images/style.css
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: image/jpeg
content-length: 838330
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-ccaba"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1tUI1LvoDWSlL9F8%2BzSR0TJAz1hPC%2BNF5%2BnFtLOmkALtzsqbTzU%2FC8RfQy%2FN4wKS%2BUBH%2BWpJMNhV%2FvBtJpYTuQITfN6PjkPqwHG3N8rm9F70Y6U8vBegI4oenyGONDMta91hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144bcdcbb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.js
172.67.220.56200 OK 4.5 kB URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (1254)
Hash 7a8cf583f154fdfa557d0fa54b9c8a87
54e1c30d2266947f4d2478a05451a42336114a97
205fcb37c03d3dc3d5d4c2c65dc149d4bdfd92ccb5297210db128862f1648e0d
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvAPPslfgVdI7YrBtcT0isQ%2Fz89TMw5anD2SOF11wPSXjV8nd8TdCoJesjFcMhetviX3N7bTSex9iQhzMGxfHK5QYHTWuvtKuOiv31WIrUV8BnOYiBjSTQ3nyRmfI7AQqtwNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b4ce6b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/scripts.js
172.67.220.56200 OK 2.1 kB URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 172.67.220.56:0
File type ASCII text, with no line terminators
Hash a20d0b8e357a1f7491cc5fa469797194
02308acba486107c6e4987aecb99af930f53afdd
b9c4db9fec88cc7b573e6917097e895e8c0d0ddbc3fd74d52d4c8c277dff0a79
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 139363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yxsN4y9BjyiK1sxPFJgtiYcOLxdzzas5c0WE049k79YPje0C8Re7gOsRC06z2IVdZtVCYuLa7CPZIdZwIB44jeyJkFfHA80AphIRcmRA7l5ky%2FgCYcrPQZOPuc9Qo0ej5KJCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b6d22b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.js
172.67.220.56200 OK 62 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (20305), with no line terminators
Hash 8ba4015c04e4b42e561aec45abe81f99
a290aef89fff0039e184140fdffcf0ca9a9faf64
4ccb1ac6c48014bc684278905c5b05a00b329f7c0b0cbc32c9d75ac3813ee9e2
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcuqYQQ6%2BfE2JCmA3vt5DjI5zTh4QAUae7hFagOndxQipDUJWm2swJ2ztLE2t5%2FKqJXw%2BsmpfiB%2Fw5NXoVN96mvTM8k1BBBBuFOOjdbiWYGlmvfm3DrIGhyOBpMBuRrI931G2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5cf8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:07:48 GMT
expires: Thu, 21 Sep 2023 07:07:48 GMT
cache-control: public, max-age=31536000
age: 284303
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 14c4f50e0f41f858e858b124dcc866ec
1ad2814c77a84887c0f1547a775737e3e6c83f01
fa075971e9f184bf8d79929bbd7e981414d78f12ea06e3246ea4adfa2fbf4eeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6164
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:11 GMT
Last-Modified: Sat, 24 Sep 2022 12:23:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
play.robuxtip.org/images/jquery.magnific-popup.min.js
172.67.220.56200 OK 26 kB URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 172.67.220.56:0
File type ASCII text, with very long lines (21014)
Hash 5c36d26a1215515bf1a54189beaa1b7b
dabe2bd25ef86e4e383bbdbc0c9e975d3040996b
18f55101f420106cace7e092c74021c331d4918c29135d7f4dbad08ba765573f
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ8v3GxK9lqYxwk4DMu82z1Lym0tmM0HDji1sVSXrWCcL4rsz4MrWoXvyDMWylTye0Pus5J93o1nLYz6XEJJthFOewnHNxz8STZnthHCOhtIviXji4lYwROHuNio%2F0FVJNLfuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5cfcb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:43:27 GMT
expires: Thu, 21 Sep 2023 11:43:27 GMT
cache-control: public, max-age=31536000
age: 267764
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.10.207200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 23065d71cd7bf559ee33418a33733bb0
cdn-cache: HIT
cf-cache-status: HIT
age: 625763
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74fc144ce902b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/custom-css.css
172.67.220.56200 OK 3.8 kB URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 172.67.220.56:0
File type ASCII text, with very long lines (1606), with no line terminators
Hash 4ed4e0124f25cfe3b736e97766c24c26
e474a34b9ee7b0d7350450e9c4c572f53d0cb7e6
d46f000e41f324958d4172ac9c4f6bc984b47c0b59d084b1f5411874ad7dd8d0
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kEXP3T7ys3TyXgAjKQytYEQjdHSMCfSObI1%2BGAGB4zaZUa4jl5YVnzPnkYaFdFWuXqkQuugTilS%2FCbCcFvOvcIhO7BVGKF4UCo9iIxwuhMNYWIl7AtDnB7Ecori7lJ3b8PXOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cd2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 14c4f50e0f41f858e858b124dcc866ec
1ad2814c77a84887c0f1547a775737e3e6c83f01
fa075971e9f184bf8d79929bbd7e981414d78f12ea06e3246ea4adfa2fbf4eeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6165
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:12 GMT
Last-Modified: Sat, 24 Sep 2022 12:23:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:06:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f038194067eb0a255d9b9a1a70503e3b
63f77e7ab6971b42bc28dc3aed1a783bc2993efe
299e978fbedd998983ca109f8f7998bce61d822803925aefa78e91d7d9987f73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "299E978FBEDD998983CA109F8F7998BCE61D822803925AEFA78E91D7D9987F73"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2420
Expires: Sat, 24 Sep 2022 14:46:32 GMT
Date: Sat, 24 Sep 2022 14:06:12 GMT
Connection: keep-alive
play.robuxtip.org/images/sweetalert2.min.css
172.67.220.56200 OK 20 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 172.67.220.56:0
File type ASCII text, with very long lines (13988), with no line terminators
Hash e07c997ef0c1e2254439b535d00a4ee0
56f664aadd98d8d7f657eb4a05ea8cb1eb101b46
62b4a6acba6cead8d1d32d0311e453efae381b5f32cb58dbfacd2a3625b09f73
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHia2i3mZiqHSrVbuZzOqjrVgBx6sb00chwDEYcj%2BjTTUBxSt14pdPqTB5UIbIMAT8I5SXeDHFmXfouxZrgj%2B61NWjm8J7HFuEyAX1PhRoL6hr0OoIWUCLkYDz74sv0on5Y8DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cccb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
172.67.220.56200 OK 4.6 kB URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 172.67.220.56:0
File type ASCII text, with very long lines (701), with no line terminators
Hash 85ba2358dc8631cb24c1fb243950b828
b13c150d2cda8b933e68f8cd880c153e632c57d3
5c987358104e70e354ab42a7bd88adc34170afc68ae7ae4e082feed379d2cea5
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WmJOrrouHMjWMW6YiQgojaF9s9CqZyErTWP4r%2B3l7OqwDJb4qb2MQZcnFkGy%2Ba5bpwG6AI5Tc5vL742s%2FuNmHtJGyKWlx4cDe%2BE1Z1cyrlYU%2FLqgJ%2B6Ew8SUSTbSnVrzf0ulA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b2cb8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g0&@h2&@i1&@j1664028371003&@k3587511&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=2021robloxhackwebsite.blogspot.com|2021robloxhackwebsite.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fbuycjheaprobux.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:3127968&@b3:1664028371&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
192.99.0.58200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g0&@h2&@i1&@j1664028371003&@k3587511&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=2021robloxhackwebsite.blogspot.com|2021robloxhackwebsite.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fbuycjheaprobux.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:3127968&@b3:1664028371&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 36f1a508320535c72bb01541bd436c45
b098dea83dd46f086b1e3f1f156f7a31eecbb811
5a53bfb905ec705cfd0eac006dcebfa06a0996944ad8bd250ee33b44fea9deec
GET /stats/0.php?4275781&@f16&@g0&@h2&@i1&@j1664028371003&@k3587511&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=yulianikitagmailcom|template=Fastink.xml|yulianikitagmailcom=2021robloxhackwebsite.blogspot.com|2021robloxhackwebsite.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Fbuycjheaprobux.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:3127968&@b3:1664028371&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 14:06:12 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
172.67.220.56200 OK 4.4 kB URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
IP 172.67.220.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 70b136bc3be3a4b68b9011aaed990581
4321d1ca468b6d32540734d6c495eb73438334f6
8d70a9b3d6b41b638f20657475e36212098316d15d756a1ce1e508090188fc62
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2021robloxhackwebsite.blogspot.com/
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 18685
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BP2WsVGmqI9lUYhcpQrFLrznH1GSnBNDuBhW6cOIRRTfaFV6eBzwoScKqx9z5hhoH4ChpOco79%2BGjXaNIBa8Dj0bNiCUuKIWTV6%2Fd7Qjg4YV6WL0Gkh%2Bx6LsioVKm1YwLsJDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144acc59b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:06:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:06:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:06:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 58150
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 58703
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 58416
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 26 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Hash a4f9069de455e7434d2b2267f590260c
14dd061d94c5e94713b37d4ef1085ddd28c03211
890d367bf13f722dfc316d428ee28c4c892698be298bda0bb65bd51b5626cc3d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 58156
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 58342
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 35614
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KfRlAHaZjrBNyxoYsUtQZ0TgMGD99mnrC3GViYCTRcHPtDfgYbLczg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:02:30 GMT
age: 57829
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 172.67.220.56:0
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPogcRPvWEArztSafx91uquJCw9xBirMLLwm5QgagopvB8HRM8HAmJFxF8gwSw3eVco1l6kfraKV5j%2B%2Bh1MKioA48Nvc8qV1i6c2%2BGb4aCjufGeZdPcz6Kkqlcdcaf5wqdJTOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b2cbab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/animate.css
IP 172.67.220.56:0
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Bl8bI2QI57R%2BRWG4xwox6CwhaecwPYyANIvOg%2FmIRVaCO%2B3A%2FWnPSpwCnUtjN9cBCRp9UsEAjxhMLLHvKRqpn%2FX0RhrHj2%2FsTUgAOHMiaH5ExHkH9SmUnbLtEQW74oaNNNPow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cc3b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/form-scripts.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1bDuB1d%2B7OHz2Xk9IJDlpvgOiEqNB7%2BPej15wXYu973wwK8QV35Ka3chjvSxE%2FZ6N3Hnl%2FiVCMBFgyRo%2BC0x7WQz8AoqXeBHHi2H7VMGpEFL5ZsViI28pa%2BXw%2BjGUej74pUeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5cfbb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 172.67.220.56:0
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSk2KoX9b8tONA7uBHAZdFhgrK68i%2FJI74OpKO7cHsYmtbo8%2Fhksv4MJuU5OcihUWHZ3ljJz9q3fOmt6HmwYWCqP1iweAy2IuVqlGzLZUqKRK1c5b8Ro0o%2BTbmtyUdM9MnPhZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3ccfb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qP5pw1HAeNvMs6Fig%2F%2F4vb%2Bf6e2u3PqiRKNbhd3fJ0kBm1ncbcH6JOz9IXvS58C676ERv89u0HY3NF4wawWJhg7NMZ2%2FqgMl3vgTz2n5UJVGSxE1E5Vb%2FQkROKNOQNvIIHDxXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b4ce0b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/main.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxtHPhklrIAmmVgsdqbYgruTua08KUH%2FqtaDKCcfgEmNCWM7ve4%2BxfbjAiuFX73pCWeYlla6ZszLcQZSsAAQLyrUttCVPPtmbThaB1YBTD8VlnlHIyco8fYA%2BaiIDxTGQcjYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b6d21b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/validator.min.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EaL9gBqF36YXLygsoN1rdV88sKrXYC5GtQV827lH%2FMAohOml4HS77mUm%2B7vpAnsfsL1vMf6WU1bY2OCQhyghWqcro6ueeyKTCwJ68I8JJrGQpL2OnzFevhBj2BnbR7Ah%2F3v3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5cf9b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/com.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/com.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wHRRbJrsvmZFzgQBWt3lWx6JfBQQhkw5f3le%2Fna8qsH90YbHS7J%2FUQQFELkXW%2FeviFrsdlD5gX3agvAqydtHqJE6lehWrbNebfF2bK0OAfxmNlaw9Fiz%2FRv61Si0lgZkDSELw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b5cfab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/bootstrap.min.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 172.67.220.56:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opLW9lWPfYmcTfw5GWl9LBZFA9NxoGHSM44YzIHHxGixhh5nGmx7Je6zKoG1otlZVIllQJgA96E0JeIbJqMeH9N6Vx%2ByzdAJqwIW91%2FFoDLR8DMXYfRsxM7ZTfEMjXxXB%2F%2FflA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b2cbbb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/magnific-popup.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 172.67.220.56:0
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13KVFK4Ga0vsp%2BeS2rm%2Fwq8P%2FDT2gl0oGKuN879zinGtAt4TFirAWRZgIKAc4kRp6%2FMKYQk%2B1KhRLX%2FlXMOT9Tghe2yG%2BiwHBrVh7LVHAO6kqu2vv2zBisVYi95x%2B7ec3zqVVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3ccdb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/style.css
IP 172.67.220.56:0
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ieeB%2Bi8TV4CC00VoMglAUpKvkkLJoXMpp1KgUdT8Ln89WQ6Gr2cBGP7dObxCooPsj8Ns%2BYkHn%2Fgbgtv6aOmxuU4g2JJgRvTxz1UjM%2B8HkG3qTGHLdXajTfnkMG3u441Ph33WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b3cd0b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.countto.js
172.67.220.56200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 172.67.220.56:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwieXVsaWFuaWtpdGFnbWFpbGNvbSIsInRlbXBsYXRlIiwiRmFzdGluay54bWwiLCJ5dWxpYW5pa2l0YWdtYWlsY29tIiwiMjAyMXJvYmxveGhhY2t3ZWJzaXRlLmJsb2dzcG90LmNvbSIsIjIwMjFyb2Jsb3hoYWNrd2Vic2l0ZS5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Cookie: HstCfa4275781=1664024783492; HstCla4275781=1664024783492; HstCmu4275781=1664024783492; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fbuycjheaprobux.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 14:06:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 625763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPJg%2Fpc6WrhA3VCODVMRUkxWCyRMHzLFOmQ2EPcvI1kzBEF6Zz1wBSbn1WGQUnbYM3Ebalae%2FENUzRWJmN5xl9PvvMrWvpCOErcT9U2AFOpo4NQXFmWH8QduiOAPGubHe5wR9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fc144b4ce8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2