howtogetadmininbokunoroblox.blogspot.co.uk/
142.250.74.65 190 B URL howtogetadmininbokunoroblox.blogspot.co.uk/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ec04bba0fa02d0625e745875424097a0
c5e7fb8872595d82ba2390fd2a8b93dbf818f9cc
f51ee49d69d1f1431a47eb6f5a8d8629fb8b92c626700dcf397de89f0953f6b8
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtogetadmininbokunoroblox.blogspot.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Location: http://howtogetadmininbokunoroblox.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 18:36:26 GMT
Expires: Sat, 15 Apr 2023 18:36:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 190
Server: GSE
howtogetadmininbokunoroblox.blogspot.com/
142.250.74.65 190 B URL howtogetadmininbokunoroblox.blogspot.com/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 15164e8100f7f70444cff2cbcec93581
a53d17d8f928d26fc8dbb0cc236f5500fb249b7c
535d67ff715933aa4f227a0673a183a6afc81e09fd7f5ffbd2b1780d1bdd4d16
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtogetadmininbokunoroblox.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://howtogetadmininbokunoroblox.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 18:36:26 GMT
Expires: Sat, 15 Apr 2023 18:36:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 190
Server: GSE
howtogetadmininbokunoroblox.blogspot.com/
142.250.74.65 49 kB URL howtogetadmininbokunoroblox.blogspot.com/
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32023)
Hash b02ef5e324cd5feb8cc23603f6b5c9f3
debc06a78c9782368a1595c1d60f202a260fbc66
9f8f110bd5ee803a90604c1d4ea5fd7e9ff13c9cc9ef5b4e711a606fc918aa3d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: howtogetadmininbokunoroblox.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 15 Apr 2023 18:36:27 GMT
date: Sat, 15 Apr 2023 18:36:27 GMT
cache-control: private, max-age=0
last-modified: Sat, 15 Apr 2023 13:14:55 GMT
etag: W/"108382f6d1d57b5e0e7331ec5f73719904f3855043c7cf5f4a778353fc555d65"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 48951
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
howtogetadmininbokunoroblox.blogspot.com/js/cookienotice.js
142.250.74.65 2.0 kB URL howtogetadmininbokunoroblox.blogspot.com/js/cookienotice.js
IP 142.250.74.65:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: howtogetadmininbokunoroblox.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: howtogetadmininbokunoroblox.blogspot.com
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 15 Apr 2023 18:36:28 GMT
expires: Sat, 22 Apr 2023 18:36:28 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 15:51:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/static/v1/widgets/1852870454-widgets.js
216.58.207.233 57 kB URL www.blogger.com/static/v1/widgets/1852870454-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash d19b4e5daf1cca65910963a91514ff6d
e4c300bb1b62d4ece1b938cb3ee0f6322ee0a8b9
3d2a90a36164abc85a92ede291287c7135725dae9c5c124b8f3f557f7c12c7d4
GET /static/v1/widgets/1852870454-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 08:03:26 GMT
expires: Sat, 13 Apr 2024 08:03:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 14 Apr 2023 04:55:24 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 124382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDQ6MhUKd4Ie48qV1QdjJSjgzyEU2UfsX5NabUasso9PdZsZJNeuo3X7H3qIdcu7Kk08DB9e10in672yWOQb3Xx2NWC5bUkR7_yfARz9824n7g
142.250.74.97 1.2 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDQ6MhUKd4Ie48qV1QdjJSjgzyEU2UfsX5NabUasso9PdZsZJNeuo3X7H3qIdcu7Kk08DB9e10in672yWOQb3Xx2NWC5bUkR7_yfARz9824n7g
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 9fe85dcb3fe48e26d43227a130d47e6a
918db738002dda86a37aca5f2bece573f89d8084
57eb79ec23f95554cfee51062e26a0e62c8b095b030bf7aa4068894370e1052e
GET /blogger_img_proxy/AByxGDQ6MhUKd4Ie48qV1QdjJSjgzyEU2UfsX5NabUasso9PdZsZJNeuo3X7H3qIdcu7Kk08DB9e10in672yWOQb3Xx2NWC5bUkR7_yfARz9824n7g HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 18:36:28 GMT
server: fife
content-length: 1187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDT_xd_EQTV6KvYIPDWFRDZHIKPBRGkIvO5tKPug5ak_ZzhhbOfu8xSi-X7OeOL8Qa6x2deAGumYiToCr6VvwjpSBFoffvMOEGHvDumG0_8EMQ
142.250.74.97 5.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDT_xd_EQTV6KvYIPDWFRDZHIKPBRGkIvO5tKPug5ak_ZzhhbOfu8xSi-X7OeOL8Qa6x2deAGumYiToCr6VvwjpSBFoffvMOEGHvDumG0_8EMQ
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash af657814437027f122629437300048e4
b3eff03425c48f6e9625079b5c50e46b9327e513
fef4864426413b38c7199150262ab409c45f15509345142fbe73df0604a674b7
GET /blogger_img_proxy/AByxGDT_xd_EQTV6KvYIPDWFRDZHIKPBRGkIvO5tKPug5ak_ZzhhbOfu8xSi-X7OeOL8Qa6x2deAGumYiToCr6VvwjpSBFoffvMOEGHvDumG0_8EMQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 16 Apr 2023 18:36:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 18:36:28 GMT
server: fife
content-length: 5730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSopc5yHHnSvDGIIKe5VHG6aIZ92DqVpHaxmOLGMWSW3Z6tEShIXpZutmdprKUePmirHJYIUP9hT7k1RBx4x2elptpwyd2U-T9QWDr6slTt3w
142.250.74.97 5.9 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSopc5yHHnSvDGIIKe5VHG6aIZ92DqVpHaxmOLGMWSW3Z6tEShIXpZutmdprKUePmirHJYIUP9hT7k1RBx4x2elptpwyd2U-T9QWDr6slTt3w
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash c9134e1a2699da25a073c23cec853a6f
bdd2ffd16732d391af8b631614ae625755564153
8b1bb4800e34ea443a9d588821d3be3e6f3943a145503fa01d94af4acf0e0723
GET /blogger_img_proxy/AByxGDSopc5yHHnSvDGIIKe5VHG6aIZ92DqVpHaxmOLGMWSW3Z6tEShIXpZutmdprKUePmirHJYIUP9hT7k1RBx4x2elptpwyd2U-T9QWDr6slTt3w HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 16 Apr 2023 18:36:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 18:36:28 GMT
server: fife
content-length: 5869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDQJKyvClixzONprDrJ268LqXNryWRE7pGEML5LLs1us783ZKLTIp5JKxVuvIq8RAqb4uD8k6PSs03GXUB2GxF3iAVJW0lCO_KfSjkmjTvQ7-no
142.250.74.97 5.3 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDQJKyvClixzONprDrJ268LqXNryWRE7pGEML5LLs1us783ZKLTIp5JKxVuvIq8RAqb4uD8k6PSs03GXUB2GxF3iAVJW0lCO_KfSjkmjTvQ7-no
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 742f358f1e75046ab6f8f3da22fd9783
ca4885c5d2b962adca0a246842bc15144f067cf1
885b49a4203145ed60436b19a07ab6ad9bd5693ae53524515b6b94b2a3f11625
GET /blogger_img_proxy/AByxGDQJKyvClixzONprDrJ268LqXNryWRE7pGEML5LLs1us783ZKLTIp5JKxVuvIq8RAqb4uD8k6PSs03GXUB2GxF3iAVJW0lCO_KfSjkmjTvQ7-no HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 16 Apr 2023 18:36:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 18:36:28 GMT
server: fife
content-length: 5343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDQrmft7Pfb7fl0DQqki0Nk-61KRXyv4JFSu7LWIloZaw3b7v9pFTr--N-jR9rgSXhNeWeoOMDKoUikNbe96rpFDgxWwtFa1fuz73kv8LXpSLA
142.250.74.97 3.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDQrmft7Pfb7fl0DQqki0Nk-61KRXyv4JFSu7LWIloZaw3b7v9pFTr--N-jR9rgSXhNeWeoOMDKoUikNbe96rpFDgxWwtFa1fuz73kv8LXpSLA
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash dc2d85a9c8bddeee463ea60dab51adab
d9657535e6d55fb25134515e64c8fbdf1ce87098
9940938c28af275c7328e2c406b87b9fd188be41ac5103cefb1a5b517fbcb700
GET /blogger_img_proxy/AByxGDQrmft7Pfb7fl0DQqki0Nk-61KRXyv4JFSu7LWIloZaw3b7v9pFTr--N-jR9rgSXhNeWeoOMDKoUikNbe96rpFDgxWwtFa1fuz73kv8LXpSLA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 16 Apr 2023 18:36:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 18:36:28 GMT
server: fife
content-length: 3714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nowqo.net/roblox/images/gamebaglogo.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebaglogo.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebaglogo.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJbVAWwaXr9zszw2JFHVGRpze%2Fp2vGjL8xxC2tMjrKzqJB1TZ930Fsl6OGadGi3L8oX6qJBY9Z0kQcEt7f6e%2Fe26Zcu%2F5c88KVClZicTG2tJtDu%2BAKqpO8L40M0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b590ea1b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ft-1.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/ft-1.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/ft-1.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BHPPVB5ozwja6Q9M%2FFZM246U0gk0Bvw4MZFF37QgTtQtyUsCzXCvQkN2ogXmKbowh8O9BUUqO2buaF%2BWnJm8wdSFiEcw7lkbtua%2BGBfvEUQgkDoDN6Ovnz7VnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b590ea3b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/header.png
104.21.25.78200 OK 131 kB URL GET HTTP/3 nowqo.net/roblox/images/header.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /roblox/images/header.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: image/png
content-length: 131285
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKBe0wYlsnxgFmvPScCQ%2BgU6BYFy2HD0EcOi%2BOm2ExnVr8XMRTCcqv0NbzivsJqPYfqYRNGDAidYfF%2BL0y9XgFYj9QZ1YAOHGLMh90EMFcCfH6FaffPyvGShHAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b590e9fb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.24.14200 OK 1.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.24.14:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7427194
expires: Thu, 04 Apr 2024 18:36:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VURFd5dZbaW6bQk3cjHyIMXWgbTjK5I25x6VXnJGul2FrhMLjIaNf8xA8bHmbx5Gso7S1dKeq%2BzEmhZJSb%2BIXVtNH%2BEEg9q0mhX4cQNd7IKS7EjVNcU94ctljj0PqAFaokmKKp0B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b864b59390eb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/main-bg.jpg
104.21.25.78200 OK 838 kB URL GET HTTP/3 nowqo.net/roblox/images/main-bg.jpg
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type JPEG image data, baseline, precision 8, 2560x1440, components 3\012- data
Size 838 kB (838330 bytes)
Hash ba5d619ee57cf5acc6ebee951a24e01a
a0627942a4e280318a098576257027078cbc40fc
ff5ca3b41fff989a535f80c1119cca50d67fa99c759545a3fc484cc8124cf836
GET /roblox/images/main-bg.jpg HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/jpeg
content-length: 838330
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOsKe3RXSU8tXUUnfiX7rTvWKePP3gk3rqYuFYSGZeXegsOaPmTqqqrrMyDT0WiYiOnPH0nqHH0nd955k%2FhA8OlF21Iz38O%2B%2Bn4QoqBDxUuwmjax5b3DONGoKcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5a58c4b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-r.png
104.21.25.78200 OK 27 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-r.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /roblox/images/pr-r.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 27316
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep1oMefi5zS2HCyx6DYoe5VOUEeMJ%2BuapCBbtRh3DwxycJHBPGRS8PDZptGKUlnpywPWxxHxDqt4k95jAdaDIfRBD9J7lzoxxd8S7T3sbE3NYxrXXM52%2Bm0wgvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae99eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (701), with no line terminators
Hash da2204a870cb1cf5239f4cb8d5a54e73
1f21abcbf599cd78c13e60a7f8a68861891c9c6b
e176d5c8f1e34b7655db75393a7b0c84fca68f8bc9083fa6c302ede69dd28f24
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 07:38:09 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svFOUcFykDZHCuQd%2FCI3zihIgS1QVh97lJeDkfmIWoqSfyXiATBZwhjKzGLV%2F8UGtaZy1R7ukYsIEuh26%2BUPclS6aAlb%2FnnI%2BNOZxlvPVj5%2FLPuFJRIz4PNLRT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58ee75b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/btn-img.png
104.21.25.78200 OK 2.0 kB URL GET HTTP/3 nowqo.net/roblox/images/btn-img.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b750214f9a0276662f12acbbff0d37ce
65e094e10e2b933ab866a66b5f9b25321b99a0d1
db31dae896b9158c4d1c3f32525e6f63281fe9c671a5dc93236cac960013351b
GET /roblox/images/btn-img.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 1977
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 139086
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op6OtYVkSYQ0%2BuhKaahnx8CrEGxAjS1ycvClmuVmCdKHXFtIVyt4pWO9TOLdUM%2BKCmvVz8M9ztDRT2w4o1hMrDQw01i7EGRJWKZgEeB2BFPKtphXWgzABAAR8V4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae9a0b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/panel-overlay.png
104.21.25.78200 OK 3.1 kB URL GET HTTP/3 nowqo.net/roblox/images/panel-overlay.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
GET /roblox/images/panel-overlay.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 3116
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYockxep51pZHoXZlrhWn37FuUT2PfK5JQcqh1bfdi78PKILlFgnO%2FIyNayhDKkXJ7Ch9gCtISfNzKexhnG4HrFHl3xMG2I8wmIkFrzvOMprUzA1AMmZcBCwg2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae99bb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/et-line.woff
104.21.25.78200 OK 55 kB URL GET HTTP/3 nowqo.net/roblox/images/et-line.woff
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/et-line.woff HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: font/woff
content-length: 55220
cache-control: public, max-age=31536000
expires: Sun, 16 Apr 2023 07:06:54 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 503968
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZSemxJt9ldWKKvqoDjt%2FpwVgivzIb7bCjSGt6BW4haw6hKbYTueuGDLg7B47JLTD8HuuIcA1yPlSnorwQZT%2FXwbFUIpx4VQ25z17ltXsDdWicL6oJuy4jFWL9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae9a3b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
104.16.86.20200 OK 2.8 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 104.16.86.20:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5C:61:30:2F:8C:51:BF:3D:79:B5:3A:04:9A:91:F0:1C:D9:78:87:40
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (4802)
Hash e4fc85d2f9e34b54b8c87ac94f7d43ed
3e28b660e87d33f09d96c645af186db19d173f56
63e49a78880615f61d9b9c2c237ffa49f06c0199cbe331716d9990f6f2833ee6
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
x-served-by: cache-fra-eddf8230050-FRA, cache-jnb7024-JNB
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 177766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PGRB1ifstxVKVatS9xcnJcP20Q7R8YtSTiCCKsPVpIiaIXIdVM10PnRqanCrioyWkkCsjJq4yW6R%2BosugoF9giiBQnBRa5lcEwIF%2Bzi0oog2yaHyP18MuSKFf8PlqLMzyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b595cabb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
nowqo.net/roblox/images/font-awesome.min.css
104.21.25.78200 OK 73 kB URL GET HTTP/3 nowqo.net/roblox/images/font-awesome.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (27546)
Hash 64dae9087df4aa4f1c461e80d82e0a21
5ee39784906c14753f3c13e25fa1faaf44eacde0
ec80d4d48a74e1ead21c116c25306dfc4987027b03d74032384f75f185438d43
GET /roblox/images/font-awesome.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 157891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM2nErbAX2%2F00Ul4ubj18HTS4o1qKGUB3CDmMMB7aZ0HR0rWynDBvwbii%2FkjOyPTmtW7NXhJqqZO65PW9tLF6sm7eZjBG9VTPNQk6jgAfPYaJF4ng4%2FqBsC4Cfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58ee7db527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery.countto.js
104.21.25.78200 OK 19 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.countto.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1043)
Hash 07f744196932e75a743460c4ab9eae04
de5876e9c5c204b3d73fd987d2343fd0c4e186e0
9d0eced91baac07271436e5a03adb60ffa35905f9f5fb740d9ccfab5e577a483
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.countto.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 157891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItMm%2BUGOc%2FYlQXJW2GeVy1P%2By2U4z6Liyttg7ntPmjPeybTQcfGkeLBCGneds9XshhVx6bN7cyZgLWCJFlXIt3aJp7C%2BbjNuq4DphPU9Zk6ofj3MaJua3a0s9NU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b590eb2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/scripts.js
104.21.25.78200 OK 19 kB URL GET HTTP/3 nowqo.net/roblox/images/scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with no line terminators
Hash 6fd3be561449a027fb61fbe114c5716c
f83661ec65cecd0952031ce2c9f914704d843145
0a361f0de8c33b9a82f912f39af72aa0db4efc46a4d17c13f814391c0d68cbe6
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4A4PpuMDFx3k8aOX4qzEaB6%2FPOe6Os75ukzWmcgSPW4K1V3trUUronvGywMOG%2Fin8yF2TPT%2B1XQ5xN5D3r%2B%2FY1o2%2BFJ0yomzYk8uHpdl550Ns10abonZnvi%2FDQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ec6b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/bootstrap.min.css
104.21.25.78200 OK 39 kB URL GET HTTP/3 nowqo.net/roblox/images/bootstrap.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (65371)
Hash 3876a5884f4eb5acff60d69cff4da7d1
60872e6e2dd191a4079440a0eb8a67f4248f466e
b5ef5281a500803b22947d4293bc1d555187756b6e86ab39746ab77af5f660fa
GET /roblox/images/bootstrap.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeVjBRkEUsYxmBehzzWQJbIjGH%2FtuwaXuE%2FwV0AgEKQ%2BLeVqd41zzffQktWvTiR2W54Xye4AIuk769rfQ5oKCnOnLse64On3skQdUYEHbMQ60jMkpTEqzJFmcmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58ee81b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ca.png
104.21.25.78200 OK 628 B URL GET HTTP/3 nowqo.net/roblox/images/ca.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 8618709a45d8d1c4d9d254c61bdf29b8
9470a0ba81cf743d77ed3cbe98ea6dc9dfb6a583
3a6c5facc8613948b81833101a2ff8c3a114813ce24077585faee268b8ffb541
GET /roblox/images/ca.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 628
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:42 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 139076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAM02zcCdoelXWwqrgBfspZnAMvAMXiBkT4E7Pa9%2BiMsmvgkK9Tqsog5PrVGT8s3duemz88gop5qCeCGdke%2BcaLjOl3%2FH9kTL18E41EfgKzd1qbeEdoBRJ7LDqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5bdadcb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fancyselect.js
104.21.25.78200 OK 4.8 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1254)
Hash 1d74f4dc2f668a2a87a5dc1d45915d9e
d1bc21af151ac1f5e177642e2552f56b00e65f8e
ff946c6baa8a9847ad39ca65be9ef10ec64cf9c90a31474b656018d4af9b5bfb
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/fancyselect.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am6uppOl32pQ%2BIpefM9bCpEOjfyPmsiS91EoYeWV71n0UbWwtOCJbfRhweUmrTYOColzkvbmkUNPzelydLo%2BYx3KnOgZf1qtUJ6qYt3NWbZHxREbkIVByYgLKng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b590eb4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL GET HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 18:31:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 220926468
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 17:17:02 GMT
expires: Fri, 12 Apr 2024 17:17:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 177567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 19:44:14 GMT
expires: Thu, 11 Apr 2024 19:44:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 255135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 06:40:10 GMT
expires: Fri, 12 Apr 2024 06:40:10 GMT
cache-control: public, max-age=31536000
age: 215779
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g0&@h3&@i1&@j1681583874584&@k3536243&@l3&@mRoblox%20Robux%20Generator%202023&@n0roblox-abx.js=himk|template=SEO-Elite-Premium.xml|himk=howtogetadmininbokunoroblox.blogspot.com|howtogetadmininbokunoroblox.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-56709785&@b3:1681583875&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ&@w
149.56.240.31200 OK 52 B URL GET HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g0&@h3&@i1&@j1681583874584&@k3536243&@l3&@mRoblox%20Robux%20Generator%202023&@n0roblox-abx.js=himk|template=SEO-Elite-Premium.xml|himk=howtogetadmininbokunoroblox.blogspot.com|howtogetadmininbokunoroblox.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-56709785&@b3:1681583875&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ&@w
IP 149.56.240.31:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type ASCII text, with no line terminators
Hash 6dd576e4ca00aa011fb839a51ad759ad
87432d0a852b1af33fbd1d91d5e4cb439f04d728
2d0be92333535ed0f5aa88a6bdf8be1d0c69cf6515054cec99f96d3a15a0e52e
GET /stats/0.php?4275781&@f16&@g0&@h3&@i1&@j1681583874584&@k3536243&@l3&@mRoblox%20Robux%20Generator%202023&@n0roblox-abx.js=himk|template=SEO-Elite-Premium.xml|himk=howtogetadmininbokunoroblox.blogspot.com|howtogetadmininbokunoroblox.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-56709785&@b3:1681583875&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 18:36:30 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
nowqo.net/roblox/images/ac.png
104.21.25.78200 OK 408 B URL GET HTTP/3 nowqo.net/roblox/images/ac.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 7391e6b6df7b181d51ffeb2a5a6d7bd4
e442abb4c7713078983da019502d070f38c12e26
6f20d866841c4514782a46142df22b70b8da9783c513e3d41d8f3313483fe38d
GET /roblox/images/ac.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681583874584; HstCmu4275781=1681580304853; HstPn4275781=3; HstPt4275781=3; HstCnv4275781=1; HstCns4275781=2; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .; timePosted11Cookie=98304; timePosted22Cookie=70599; timePosted33Cookie=25153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:31 GMT
content-type: image/png
content-length: 408
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:47 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pi7WrIQd%2Fn8%2B0NSN%2BnaYNmbcd7wsrDblqIdmTq3S0VOENuVGJe32RaZAKs88L%2FQAjleY6GtITad8f%2BZ6O11iOLDMc1HmkpkfLTppiAKoTm6I%2Flc6MhBJa78IeVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b6aebb1b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/us.png
104.21.25.78200 OK 609 B URL GET HTTP/3 nowqo.net/roblox/images/us.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
GET /roblox/images/us.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681583874584; HstCmu4275781=1681580304853; HstPn4275781=3; HstPt4275781=3; HstCnv4275781=1; HstCns4275781=2; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .; timePosted11Cookie=101304; timePosted22Cookie=73599; timePosted33Cookie=28153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:34 GMT
content-type: image/png
content-length: 609
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:24 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728369
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaOA5rL%2BP3eKFMfbRLJX%2BTxobUGcu9kKGa5GiYvk70v%2FsfSOvsCfz6W%2BUlkKhFqYFxsfke7KmGdKtBs%2BsOwgQiXXRGJUEgCBkHBozsTIhiXrYNsj9c%2BDgYIu36o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b7a8995b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 886 B URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1c50dadac931ecabaf7091ebf459c2e5
bfa28d6b4f663d9439b697a8cba5bde3bd531d77
8f936a607eb214265655b35d7fcf28fbf56f5179d29ccfd6ebcfe90d871b2b98
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681583874584; HstCmu4275781=1681580304853; HstPn4275781=3; HstPt4275781=3; HstCnv4275781=1; HstCns4275781=2; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .; timePosted11Cookie=101304; timePosted22Cookie=73599; timePosted33Cookie=28153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 18:36:34 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 728369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xNO7UNTZU5cIMWs7WFtIFro7y2lCPBP0toLGUZlOEjB3q9Ly4oa4PnSh62dgB3V0B1GTQAWH3loG3WZ9hjRCnocGtEO3JhrQM6MjNSLVynacG%2FFf6ZsnfWQlIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b7a8993b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery-3.2.1.js
104.21.25.78200 OK 139 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-3.2.1.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1237)
Size 139 kB (138802 bytes)
Hash 0b39dc8f94398407369f2c6f32042bac
8c4abc797c784a78061373a0aa078be14c7931b1
41f59ec5d59f17850334323c174baef773d00ed5bb48e3739d77bb41b3c59c00
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-3.2.1.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RswIDDJP3Tlj0X%2FkEfGZKvov3ws5Sz3uj4PSYIo8UPFfQlF00vaU%2BU4GJpzGySLzYLMNf2N%2FGRB4g4muOEx1YnoDCcKNCkXx3%2FRaXZDJV3LFIjNz4XZKzbv80Tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b590ea2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/main.js
104.21.25.78200 OK 34 kB URL GET HTTP/3 nowqo.net/roblox/images/main.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (24637)
Hash b4a27b956eccd646f3bc2b2b2b6503c5
6df97b44c507a440a3c1dd6873b44fbc95e92fb1
948fe10b1ea0b581c4871ae90f94882ed8945bd19c9ce0352b20ac0467dc145a
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/main.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcGd6%2FrOnnZVajxG9fIABGDAnvhF0c7nolTOFNPWAvSswvDq0MnwcP2BjVqu4TrEesGM21ILX6EKITLenId9MdvQxLgrhl84oQqzvTuC%2F5%2B3asx%2FxvyA7jTvX%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ec8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/de.png
104.21.25.78200 OK 545 B URL GET HTTP/3 nowqo.net/roblox/images/de.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash ddabae687ecae5edaaeb808d440543e6
1daf2d67ccaa5be01a330a231ac996a9d5575594
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
GET /roblox/images/de.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681583874584; HstCmu4275781=1681580304853; HstPn4275781=3; HstPt4275781=3; HstCnv4275781=1; HstCns4275781=2; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .; timePosted11Cookie=103304; timePosted22Cookie=75599; timePosted33Cookie=30153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:36 GMT
content-type: image/png
content-length: 545
cache-control: public, max-age=31536000
expires: Fri, 21 Apr 2023 06:34:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 117834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRiDtpvO5x6jbpPEf56NWAsNhoMehmcpxG9PTmQTG4JaaXl6OPImrzsYmGuoSy61PI8OS8KntIj%2F6HfzvunnvBu5LjJX2Pj0iVIld%2BHkfb1ZjkbM2jg56DUeWtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b8a2e7cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/form-scripts.js
104.21.25.78200 OK 1.0 kB URL GET HTTP/3 nowqo.net/roblox/images/form-scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1061), with no line terminators
Hash 6199605916a54c185314b9c5d3b5e809
5fbe1148fc133ac41089c2fa9e50c32e91ba6541
6c7d18b6f23e412b7e2217aae669caf57c56c3de9e6c0f7099151c752512b139
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/form-scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQxiyFM4bqFB68JNXL4q%2FQVM84lCVc8P2opWgdiS7mwbKhin8TJj%2B6nYhoHORcu8VUuK%2BbIZC4Uo%2F8r0%2FcaBD2JLZrx1EhXTnDh8k%2BqPBeIVDSztqlnEk9jx9AA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ebdb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-l.png
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-l.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 6073469203244cc95b8fbe0996b8c405
60c3fe75fa9d7e3ae7f42f9a247d103b9841982a
7509fb455029a48272466bce43b17cf8247f769f9a4b9c51a03eba55924e11f3
GET /roblox/images/pr-l.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 16083
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 728364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FeMAhIaGy0xWt024rXVCvDtQlXBLXA2BwP6G54H1Q96Vt9UGSbbhU7DDhLhPWkLR0AEltwkadrbnLep34ufJTvQlCL2tioRh2Bmkpk40Wzl4NWSf3uo2oRTwB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae99db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/magnific-popup.css
104.21.25.78200 OK 6.1 kB URL GET HTTP/3 nowqo.net/roblox/images/magnific-popup.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (6066), with no line terminators
Hash 5c7b8257bc3d11ed0b9d8c57d9d967d6
77a322afa98376719dd8fdd3942be08bb129d1bf
2c71340892aeebaae880becc0b89bd2ef6938150078692622c04d3f2bc7c0a32
GET /roblox/images/magnific-popup.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xB%2B2MuOgSNOBgsO%2F47jbid95tnPNH5iucQPy9OUnQmBa0ccwC7sdbhoVxH5IqYfogDnUw1ngxE%2BL3YfXVSxPxqEIoDxIPh1Ld9%2BnVmBGEQTlhRCpGUSKpE2D%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe87b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/validator.min.js
104.21.25.78200 OK 6.1 kB URL GET HTTP/3 nowqo.net/roblox/images/validator.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (6259), with no line terminators
Hash c542ac1e946658c7739d7c1244dd647f
5b34ad25a6933d25a3bec582821cdf7e598f90c1
e82795588f13566da7127ae782f27664653c7e7b6f9007c6c85f29580259a08d
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/validator.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XD8ZiApQEXjanRRj3%2F%2BHVZDzx2bH%2BMdG8QIul6juFTanVsgTmDs0Pt5QzetHbX49i0kU1KgZvCjnu6z%2FGNNHhkYTvRaWLUVYQrNMZJmp05n5LOmOwfUURX00dBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ebbb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/sweetalert2.min.css
104.21.25.78200 OK 14 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (13988), with no line terminators
Hash 2854c355b9997439e011705e39b4b3ed
06f14e99f5bee6853283e1d42227f3289781379e
a64645980f5ee5a0aaa66cec5a98103420643da6681221c9cd10fc318adcdb6d
GET /roblox/images/sweetalert2.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqi8G2XzDk1YMuJbfvrJsgRAYHaFaNTRfihO2M94HNXOamx%2BbJeSOUputIzFm%2F%2BSDXcsxfuKUXEjgmqv5jS0UWU1Qzc4j8bV73t69%2FDygWPSGHpzTc4Mv%2BeoJdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe85b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/bebasneue_bold-webfont.html
104.21.25.78200 OK 15 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_bold-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15216, version 256.256\012- data
Hash 343da8bfb3e5f68623f89728e3ac70d5
1e7b5280d24e99691a8023445a80f1a57deb5437
b4cca3534c900c315be9a8d4ca33bb9de6ae987c7e0f22988f9d43913a942fb5
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_bold-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 503968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BPKA3A%2FIYM0PvVf16HgSweeWZArBjeAhH%2BjBH6Di573cOE1NX7AYNfm5WOrHCRx2GbayUHakbmwixuRI%2BtmYj%2FKkjCNtEUU7viDTJljlb2smUHJsmlh1lHLpDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b5ae9a4b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/gamebag-favico.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebag-favico.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebag-favico.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:25 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 523569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCqcD%2BM3uDOc7pcExYeZwQGvGuSdPPyM3cQahaCNi2TOLlLr9XdFa3%2FDWvKAjL1lMb2ZM5k%2BgF67HIkG84YJUj1Y7K3mOviH7iZMWN5oi6zjbEeEg09bpnanmog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5c2b3cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/style.css
104.21.25.78200 OK 40 kB URL GET HTTP/3 nowqo.net/roblox/images/style.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (40387), with no line terminators
Hash 3e05a1f487075dc57f03535a3d6693da
6e4cccd476e7d09d261ebdc7563383d40ec3fa99
52079098bd4de80b7be963bc457d10467682b061619c1d5b96ed628f63c4cd9b
GET /roblox/images/style.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr7mILcNR%2BuMglTo%2BB4AA4RTwDlzE2kRSpZEvWc3AxFPMJaMOWubevF5bil1xJQbTlY1YHkkbrUE7H2qeDe351%2BYHl8JuV4kr265RnyFeT78DP0Ni65olQ6Rdvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe8eb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.10.207200 OK 67 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.10.207:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9b0e9cc931c66bf3d677884409621f3d
cdn-cache: HIT
cf-cache-status: HIT
age: 699898
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b864b5b2f160b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/sweetalert2.min.js
104.21.25.78200 OK 20 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (20305), with no line terminators
Hash 0ad69b0e70b7da1bb8f8a96e9e6b5d9a
7d21a0c1f43d3edb47dd9e69b05243f3fcb53152
4051f26691def4eafcae32928be110c13d1819e544a12b0a9b95378bfaf9859b
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sweetalert2.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 157891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiY5Zli8oiMEkvYXnbH9WDdC5CaVZL80%2BEhiaVuFhdTgdU7BcPuufhv17gVtgTnGkIj%2FoQviAtf%2FYUMptVC%2FD7oK4PdEjft1E%2F08ZRXYrZEYlAhuNll2vWEsOso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b590eb6b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/animate.css
104.21.25.78200 OK 54 kB URL GET HTTP/3 nowqo.net/roblox/images/animate.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (53418)
Hash e2a7d135b1c8e224646c92c6f3fd96a6
b2b50086832927bbd02c4e17c05ebe56b0b48367
0202d4f993c3ef2e05f7073d7058c02956ad2ad252f4dc73cf7f4e90c800b30d
GET /roblox/images/animate.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbLRdl1tG80moOftNPJeqN%2B9PlTv7J7ul%2BQTn1I1hHGPqXYtHvt9J%2FhF4TNQfrVQyA%2BUwMzmkm4XZyDofPgkvS6eNUszZELmKl7y0FZpnOsfGbG51IkDjn8zXvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe83b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery-ui.min.js
104.21.25.78200 OK 200 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-ui.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (563)
Size 200 kB (200104 bytes)
Hash 234f1553c7d27cce512062c59800a9a8
b48e01c35c1e6ad622386b9a3161bd1bf02723c8
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-ui.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1RUHLInCSeQfyUokHc2CDNVou2LUIkJziQtIl0iZm4UfpNc4GE5GoRXRIV4RZRKRzEKOKiZCBbWoCn%2BqErBsQU1IaXdh16QvR3d7yXltGuVpiVtv3zxseOZWHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b590ea5b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery.magnific-popup.min.js
104.21.25.78200 OK 21 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.magnific-popup.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (21014)
Hash be3333626c57af03599abcb59b325e09
3824067348f6485d6b07d3a43660804e3731b21a
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.magnific-popup.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPcbPfLspnIaw%2FaIewgdgx6GwcvLT6OJLQXAUT6LGJZBrU0SA13DQ%2B07oy8xfpg3dtgfV8ov81N%2Bd9mrnOeYnxPjik58rvR9oyxlKE0ZLS5z6k7yNK%2FcwQCLzms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ebfb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/com.js
104.21.25.78200 OK 15 kB URL GET HTTP/3 nowqo.net/roblox/images/com.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/com.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2Wp%2BbHm9cqe1OUIAUp9zGsJrlHzEal7PxlXmlJ4fUtNdBodVp6ag%2FMjhDX4x5RK6TgSKh75ve0NyYuSD1LIgd6BxAEX1H8xGSah78uLN4mKU2mxRIGhuaOwmBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ebab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/bebasneue_regular-webfont.html
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_regular-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15948, version 15811.-24832\012- data
Hash e40e33db088776dcc998d8e79263d860
ae07a83cee583252d5a2bc27b3e5efed83f8dfe9
80fe1f0f417a2e7373882d874e71bc40385c74e453bfb9e2cb8b14e2b70d4842
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_regular-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F; username1Cookie=Priscilla; username2Cookie=Ermes; username3Cookie=Abelardo; comment1Cookie=This software is awesome . thank you Concordio!; comment2Cookie=wow.. thank you admin! 1000000 Clash Royale Gems.; comment3Cookie=thanks! this website is giving some real stuff .
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 503968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGAky%2F8LhOuK0bbk%2BcM6LiijN7PNOeYtfjVksdibOkWanLXIgLxkJRuGhgc0%2Fl7Gv5DNiiiaVhBl39X5y1Vjhm4B%2BHxOSfU%2F%2Fo9OXx7uA0nKiV37lfz4ljg6Dis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b5bdadeb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/button-dot.png
104.21.25.78200 OK 672 B URL GET HTTP/3 nowqo.net/roblox/images/button-dot.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
GET /roblox/images/button-dot.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:29 GMT
content-type: image/png
content-length: 672
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 157892
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI0iQBSpAUb0ErWyTr2tCMjgIBg0yY1LnM%2BAoZ6FUi6oghqCV2vtqvTIWRFXe4Nj13JSwRZqBYh3NJKZXETDorOyjpZ0hVlf%2Bqv1acTydXsfSk%2FAN3ExPcd%2BtCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b864b5ae9a2b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/custom-css.css
104.21.25.78200 OK 1.6 kB URL GET HTTP/3 nowqo.net/roblox/images/custom-css.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1606), with no line terminators
Hash d34740a6a9be71e4be3a3f85bd9ecf8c
7554eff0bb6aba275be019a2bb94b9e7f22890b7
00f0b781fe8a57a9f9844786f6570ce1aad98d4e14ec99fed38d8274f23a4a87
GET /roblox/images/custom-css.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfiXptVYFc5X4seH77uKf82%2BClgRKhl%2B1GU7yPCDHw6RMUV9t4gOBcYGFDmGzdxPMCQ6QjPyeDVRVsrlVQuSs5oyEIaWbVtBvvwFhbc58l49hH2MK%2B%2FQdGqIAKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe8fb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/sticky.js
104.21.25.78200 OK 20 kB URL GET HTTP/3 nowqo.net/roblox/images/sticky.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (16920)
Hash 1180d3ea8d2544bb6bec4dacb60526d2
d2788f5423575404112a66853e0f274960d743e0
bb88a49c99d278abff743baf1f0f492382031afd4212fb27b33a23068723f86e
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sticky.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUlwN1JoZzvmnwlG%2BXSM8I%2B%2BMlH1lS0edKSEe8%2FG2wdleSOuMGvx%2BdlSKn2HBVWrnmPcjoKRc0mJVIRXIj88eXPVAz5GpOvSApKS28d6BbC2Z%2F4hIIlSU%2FTBdbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b591ec4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
104.21.25.78200 OK 15 kB URL User Request GET HTTP/2 nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
IP 104.21.25.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://howtogetadmininbokunoroblox.blogspot.com/
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/html
last-modified: Fri, 07 Apr 2023 06:41:19 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdJq2GMnTeqBtL9JxtyW9ma30QUKN7QYdRqWrJSmoV5ss5lJjC4J%2B9AQPYgRerJPalP3P9hfteR0apJTa4XyVRdgHDrxaxMAmRB29KSnhf72WWKK6WRaamXrxzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b57db5db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/images/fancyselect.css
104.21.25.78200 OK 3.6 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (3597), with no line terminators
Hash b86846846243a51557217cb783b39128
0199ad38dc1de1aeac470288bd1b8ecff464fd5d
a7b61a6c6412f3bacecc0bb6da9d0f6ff60ebb115c66458bd4031518d2cf01e3
GET /roblox/images/fancyselect.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGltayIsInRlbXBsYXRlIiwiU0VPLUVsaXRlLVByZW1pdW0ueG1sIiwiaGltayIsImhvd3RvZ2V0YWRtaW5pbmJva3Vub3JvYmxveC5ibG9nc3BvdC5jb20iLCJob3d0b2dldGFkbWluaW5ib2t1bm9yb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZGlyZWN0IiwicmVmIiwiZGlyZWN0IiwidGFncyIsInJvYmxveC1hYnguanMiXQ
Cookie: HstCfa4275781=1681580304853; HstCla4275781=1681580338341; HstCmu4275781=1681580304853; HstPn4275781=2; HstPt4275781=2; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fjogoslegaisdorobloxcomdinheirolimitad.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 18:36:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 728363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oEX2T%2FzgPaQWxdsPV2oXyS4lvtiZABCJB5ZeO16Y0WnLjf0eL7LB9fgpJq%2BQ1Muhic0k4qY4%2BWnSwoijSd8WDXx1Nth%2BD6zdIPq9daUunlwsIvzZSp4h4xeWVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b864b58fe8cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400