{"report_id":"cd71131b-7c17-4b9f-9417-fae8ea9e5070","version":6,"status":"done","tags":[],"date":"2026-03-06T06:49:57Z","url":{"schema":"http","addr":"rover.mq","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"rover.mq/","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"title":"RoVer","dom":{"size":156325,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (21776)","md5":"26f82043b405f3a3aabc45b9bddff63c","sha1":"1a1847eb2b37e3280945789f0cca88527f3b8e62","sha256":"77e19b255c7d6c21e5d888ed905dd44edac2aa8806274d2a4708119d37ad13d1","sha512":"55c4e76a2467953175a3f1aa334c836575b6d0b17299ea51db8799fadf6b8464e657dec475e9326645c851f17b395675944acd2674c06b0eac561038ab595470","ssdeep":"1536:zHRLx1sUBgjkZ3S32S2Sm6XTIj30XOsRQCAZnk2T9hq2zTN520U:V91s0GzXDs3YObCKNTq21520U","tlshash":"8ae35d254963a19d1c73a81e23e65e172230e003ad05fb4ebaff45648f0fac564d7f6a","dom_hash":"domhashdf905bd20d0f3e84500d92bff21f4ce6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rover.mq","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-10T06:49:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":12}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"roblox.com.py","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"roblox.gs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.gs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.gs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"captchabot.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"captchabot.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rover.mq","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-06T06:49:58.109636Z","last_seen":"2026-03-06T06:49:58.109636Z","alert_count":6,"request_count":3,"received_data":157839,"sent_data":1494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"trollnft.lol","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"2025-08-10","domain_rank":0,"first_seen":"2026-03-06T06:49:58.112979Z","last_seen":"2026-03-06T06:49:58.112979Z","alert_count":0,"request_count":1,"received_data":592,"sent_data":376,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"captchabot.fun","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"2025-08-21","domain_rank":0,"first_seen":"2026-03-06T06:49:58.112882Z","last_seen":"2026-03-06T06:49:58.112882Z","alert_count":2,"request_count":1,"received_data":594,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"roblox.com.py","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":549400,"first_seen":"2023-05-02T15:49:44Z","last_seen":"2026-03-01T07:10:53.299154Z","alert_count":5,"request_count":1,"received_data":593,"sent_data":377,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"roblox.gs","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"2025-07-16","domain_rank":0,"first_seen":"2025-07-28T00:41:42.41242Z","last_seen":"2026-03-01T07:18:39.425425Z","alert_count":3,"request_count":1,"received_data":589,"sent_data":373,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"419.cash","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-06T06:49:58.114297Z","last_seen":"2026-03-06T06:49:58.114297Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":372,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.roblox.com","ip":{"addr":"128.116.44.3","port":443,"asn":22697,"as":"ROBLOX-PRODUCTION","country":"Germany","country_code":"DE"},"domain_registered":"2004-01-30","domain_rank":1776,"first_seen":"2012-05-24T19:56:53Z","last_seen":"2026-03-05T22:23:32.505266Z","alert_count":0,"request_count":4,"received_data":12674,"sent_data":1556,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Arkose Labs","description":"Arkose Labs is a toolkit for fraud prevention that provides solutions to detect and mitigate malicious activity across digital platforms.","website":"https://www.arkoselabs.com","common_platform_enumeration":"","icon":"ArkoseLabs.svg","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"cdn.discordapp.com","ip":{"addr":"162.159.130.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-02-26","domain_rank":16705,"first_seen":"2015-08-24T13:06:21Z","last_seen":"2026-03-05T05:48:30.740834Z","alert_count":0,"request_count":1,"received_data":10726,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rover.mq/","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc272d90366cd9a111a238a1115d2b09","sha1":"b63f89037a813c305f6ba91e02bf7f5654071b25","sha256":"b724f11ecbabbc5be5d08125b00257cbcc14007b76da7e75f7064a6bc04baaca","sha512":"e8df9ecb1dcaf335150655405dbd351a11d546d529be5d2bddda6f1e62e2d988ae21448c7442e8e1febf8d9a711ff908b507d1593e40e7fdfbcb0922878121f9","ssdeep":"192:xGKiio+kal+6eaEnpOd89TE4XXX7Q2QMA:rZkG+6eaEHVA","tlshash":"dbf11e2b2aab153806e7b46af2cb2545373650833149da54bc7dcb082f54ed0b672bdf","size":7539,"data":"","first_seen":"2026-03-06T06:50:07.914425Z","last_seen":"2026-03-06T07:02:58.574093Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"roblox.com.py/favicon.ico","fqdn":"roblox.com.py","domain":"roblox.com.py","tld":"com.py"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:38.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.com.py","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 20:47:01 GMT","end":"Thu, 26 Mar 2026 20:47:00 GMT"},"fingerprint":{"sha1":"7C:59:97:84:1B:7B:6D:9B:69:A0:51:17:19:3F:7A:80:5B:9E:5C:5C","sha256":"23:8E:83:16:D5:10:08:E8:DE:47:86:6B:B8:CB:95:40:EE:F2:29:E6:93:96:B4:92:31:C3:3C:DC:BF:16:9B:70"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: roblox.com.py\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Apache/2.4.52 (Ubuntu)\r\nDate: Fri, 06 Mar 2026 06:49:38 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache-Url: https://roblox.com.py/favicon.ico\r\nLocation: https://www.roblox.com/request-error?code=404\r\nStrict-Transport-Security: max-age=604800; includeSubdomains\r\nX-Cache: HIT\r\nX-Frame-Options: ALLOWALL\r\nCross-Origin-Opener-Policy: same-origin-allow-popups\r\nNel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.1,\"failure_fraction\":1}\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":102,"dns":13,"connect":40,"send":0,"wait":40,"receive":1,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-05","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-05","alert":"Phishing Block","trigger":"roblox.com.py","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.com.py","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"roblox.gs/favicon.ico","fqdn":"roblox.gs","domain":"roblox.gs","tld":"gs"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:38.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.gs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 14 Jan 2026 23:05:18 GMT","end":"Tue, 14 Apr 2026 23:05:17 GMT"},"fingerprint":{"sha1":"51:85:A0:A6:E8:8E:0B:C7:4C:5B:BA:01:56:F2:52:68:E0:9E:FC:DF","sha256":"9C:DE:56:7E:24:2C:C9:9C:E6:26:9A:90:D3:9E:71:94:AD:E1:9E:73:21:9D:1D:5F:9D:C5:98:13:17:54:2B:55"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: roblox.gs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Apache/2.4.52 (Ubuntu)\r\nDate: Fri, 06 Mar 2026 06:49:39 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nLocation: https://www.roblox.com/request-error?code=404\r\nX-Cache: HIT\r\nX-Cache-Url: https://roblox.gs/favicon.ico\r\nNel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.1,\"failure_fraction\":1}\r\nAccess-Control-Allow-Credentials: true\r\nStrict-Transport-Security: max-age=604800; includeSubdomains\r\nCross-Origin-Opener-Policy: same-origin-allow-popups\r\nX-Frame-Options: ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":156,"dns":72,"connect":38,"send":0,"wait":38,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"roblox.gs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.gs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"roblox.gs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rover.mq/RoVer_files/saved_resource.html","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:36.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover.mq","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 21:28:40 GMT","end":"Mon, 16 Mar 2026 21:28:39 GMT"},"fingerprint":{"sha1":"C5:67:5C:6E:51:42:B5:D1:61:9D:5D:8B:88:19:9F:E5:3E:E8:57:E8","sha256":"22:44:C7:47:1E:4E:62:5D:1E:57:96:CF:95:5E:EF:83:17:AD:56:82:4D:BB:55:A7:0B:A3:68:5F:67:FC:E2:F6"}}},"request":{"raw":"GET /RoVer_files/saved_resource.html HTTP/1.1\r\nHost: rover.mq\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:49:36 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 270\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache: HIT\r\nX-Cache-Url: https://rover.mq/RoVer_files/saved_resource.html\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6763ddd2d213358e676656b4ec6cf4fe","sha1":"82a121930613a39ed54d906cd003efea4fd9831f","sha256":"ea254cbc17651bc1de9cf850b20ceec33248aab7c2122e406c8f4012a8494467","sha512":"7f1ad6336b33340a3e592a1336e073ee6446fdddedd2b57a04c40483e8429d95970672552bcc7fa20c3cc5d3f656d789e5448d2825f2f1ede629120c0e7bb2ab","ssdeep":"","tlshash":"13d02baf509363874d12145039c615c2274c52eaa87e85e83d8ad487529853ecd9a588","first_seen":"2026-03-06T06:50:07.906025Z","last_seen":"2026-03-06T06:51:47.386175Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"419.cash/favicon.ico","fqdn":"419.cash","domain":"419.cash","tld":"cash"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:36.916Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 419.cash\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":132,"dns":0,"connect":40,"send":0,"wait":0,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.roblox.com/request-error?code=404","fqdn":"www.roblox.com","domain":"roblox.com","tld":"com"},"ip":{"addr":"128.116.44.3","port":443,"asn":22697,"as":"ROBLOX-PRODUCTION","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:37.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.com","organization":"Roblox Corporation"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 04 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:91:B6:43:7F:DB:B2:C8:95:C3:BB:3A:8F:48:37:2D:A5:47:5B:81","sha256":"B6:0C:0E:33:47:B6:6F:48:BA:63:75:C8:37:A0:A2:72:13:78:8D:AA:5D:2B:7C:73:BA:87:44:B5:BF:81:DA:15"}}},"request":{"raw":"GET /request-error?code=404 HTTP/1.1\r\nHost: www.roblox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 06 Mar 2026 06:49:37 GMT\r\nserver: website\r\ncache-control: no-store, must-revalidate, no-cache\r\ncontent-encoding: br\r\nset-cookie: rbx-ip2=1; domain=roblox.com; expires=Fri, 06-Mar-2026 07:49:37 GMT; path=/\nRBXEventTrackerV2=CreateDate=03/06/2026 00:49:37\u0026rbxid=\u0026browserid=1772779777713001; domain=roblox.com; expires=Tue, 22-Jul-2053 06:49:37 GMT; path=/\nGuestData=UserID=-1090505565; domain=.roblox.com; expires=Tue, 22-Jul-2053 06:49:37 GMT; path=/\r\nvary: Accept-Encoding\r\ncontent-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests;  script-src 'self' 'unsafe-inline' apis.roblox.com roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com js.stripe.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com arkoselabs.roblox.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com api.arkoselabs.com *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com cdn.safecharge.com;  img-src 'self' data: *.cloudfront.net *.gilcdn.com *.gldcdn.com *.google-analytics.com *.google.com *.kaptcha.com *.rblx.org *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat *.stripe.com *.tarobicdn.com *.tarobidevsandboxcdn.com www.facebook.com *.snapchat.com *.safecharge.com;  connect-src 'self' *.roblox.com *.robloxlabs.com *.rblx.org *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com *.safecharge.com;\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000\r\nroblox-machine-id: 7673bfda-2086-fd57-947a-79947ebeff57\r\nx-roblox-region: us-central_rbx\r\nx-roblox-edge: c079\r\nreport-to: {\"group\":\"network-errors\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://ncs.roblox.com/upload\"}]}\r\nnel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.001,\"failure_fraction\":1}\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Arkose Labs","description":"Arkose Labs is a toolkit for fraud prevention that provides solutions to detect and mitigate malicious activity across digital platforms.","website":"https://www.arkoselabs.com","common_platform_enumeration":"","icon":"ArkoseLabs.svg","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":645,"timings":{"blocked":238,"dns":191,"connect":19,"send":0,"wait":165,"receive":3,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trollnft.lol/favicon.ico","fqdn":"trollnft.lol","domain":"trollnft.lol","tld":"lol"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:37.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trollnft.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Feb 2026 23:48:09 GMT","end":"Fri, 15 May 2026 23:48:08 GMT"},"fingerprint":{"sha1":"C3:47:28:7C:CD:6A:28:AC:39:07:01:E9:9C:D6:7E:25:03:F6:BF:31","sha256":"88:C9:08:A9:96:AC:74:F2:C2:BD:C1:71:BE:E8:2E:8C:68:6F:89:09:23:55:68:14:53:8A:9A:11:0D:C1:66:12"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trollnft.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Apache/2.4.52 (Ubuntu)\r\nDate: Fri, 06 Mar 2026 06:49:38 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nNel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.1,\"failure_fraction\":1}\r\nStrict-Transport-Security: max-age=604800; includeSubdomains\r\nX-Frame-Options: ALLOWALL\r\nLocation: https://www.roblox.com/request-error?code=404\r\nAccess-Control-Allow-Credentials: true\r\nX-Cache: HIT\r\nCross-Origin-Opener-Policy: same-origin-allow-popups\r\nX-Cache-Url: https://trollnft.lol/favicon.ico\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":243,"dns":149,"connect":42,"send":0,"wait":40,"receive":1,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover.mq/","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T06:49:36.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover.mq","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 21:28:40 GMT","end":"Mon, 16 Mar 2026 21:28:39 GMT"},"fingerprint":{"sha1":"C5:67:5C:6E:51:42:B5:D1:61:9D:5D:8B:88:19:9F:E5:3E:E8:57:E8","sha256":"22:44:C7:47:1E:4E:62:5D:1E:57:96:CF:95:5E:EF:83:17:AD:56:82:4D:BB:55:A7:0B:A3:68:5F:67:FC:E2:F6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rover.mq\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:49:36 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 156398\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nEtag: \"262ee-64c0e5e7d48bb-gzip\"\r\nX-Cache: HIT\r\nVary: Accept-Encoding\r\nAccept-Ranges: bytes\r\nX-Cache-Url: https://rover.mq/\r\nLast-Modified: Mon, 02 Mar 2026 18:00:58 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]}],"data":{"size":156398,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (21776)","md5":"98a55beb14665e8b3ec558e9313a5251","sha1":"0501c57b59e2d9f83d3f0b709bfdfb52f26ed7ec","sha256":"022a82e478105485f99135f839fd4e390d1ce6809b1a34ccfe43c6f54e0d214f","sha512":"cbb5b016ee1cfda78a18315a2ff10ace088f5f55b52f36164cbcf1376f287a7213512b0448239ed2d732c73d833b53cb2a420dfd4385e0e828a780d42fbe5f61","ssdeep":"1536:wHRLx1sUBgjkZ3S32S2Sm6XTIj30XOsRQCAZnk2T9hq2zFt580U:+91s0GzXDs3YObCKNTq27580U","tlshash":"34e35d254963a19d1c73a81e23e65e172230e003ad05fb4ebaff45648f0fac564d7f6a","first_seen":"2026-03-06T06:50:07.908838Z","last_seen":"2026-03-06T07:02:58.569448Z","times_seen":10,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":94,"dns":1,"connect":40,"send":0,"wait":40,"receive":130,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.discordapp.com/avatars/298796807323123712/7338ed45666cd90ec1a6662491a9eb8a","fqdn":"cdn.discordapp.com","domain":"discordapp.com","tld":"com"},"ip":{"addr":"162.159.130.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:36.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"discordapp.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 15:08:03 GMT","end":"Tue, 02 Jun 2026 16:08:01 GMT"},"fingerprint":{"sha1":"A9:E6:44:38:CA:F4:9F:11:F8:8C:D8:E3:72:EC:1A:11:82:05:F0:73","sha256":"0D:3D:F4:CB:7D:42:B5:CE:DD:B6:21:39:EC:A7:BC:AF:B6:DC:E1:94:74:79:F6:84:C6:E9:E9:08:96:20:ED:A4"}}},"request":{"raw":"GET /avatars/298796807323123712/7338ed45666cd90ec1a6662491a9eb8a HTTP/1.1\r\nHost: cdn.discordapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 06:49:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 9736\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 14 Jan 2026 09:54:38 GMT\r\nset-cookie: __cf_bm=t.AH3EwVCD.0JONMRA4F60fdJVA9CkZYTkVjiMCoJXc-1772779776.8011184-1.0.1.1-gzaZbr_uEZ_B7JVlP65iZpRW6GsnPCqdSWxGHzkMvntYfUB.PFPO8OTjbVhW3fGFt3IkxyNJrF_HcSvhy7k0VVi.ffKGvtUQRzWMXRVxHlTpdmeglo8yLw2iq0s2Ni8i; HttpOnly; Secure; Path=/; Domain=discordapp.com; Expires=Fri, 06 Mar 2026 07:19:36 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1lRN9Vgl7j96SxUU4ZnDjskRjl0uFJgJ6kbYddpU273lSav02qRJNdJLzU1EH08EnQlmfqcH2DRvVwyj1y%2Bf22Y%2BGXE3G9rgysct87QXnQoW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp\r\nserver: cloudflare\r\ncf-ray: 9d7f6be4f836b1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"17f52f4cf16a68011be6c885357788ef","sha1":"3621d89dc22696d8a46cbd7e75d5d6db2e6cf7ff","sha256":"1e56a21d1cfd3d3a5bd1888176ea77b60ad99a53a1c70355956f240defe95cc0","sha512":"473c9dafb2180f62c81503b20114b0da3239fc1e40a9fedaabe7b23b5e1ce40942145acfe9209d142e27dcdb4f720856bbc0cd825b476d70fcdb01bf8a725480","ssdeep":"192:HjLgtsPnZQ/JYhpk4aERqcw6i7fJINp/NJgvR9peqA5188uEv6JtCEP+1:8/ik47ql7mp/NJgvRd8uEv6JtjW1","tlshash":"0e12bfe07502689e4598f13333119dd33a4cbf974f290fe1a95bbab52f532c6b809528","first_seen":"2026-03-06T06:50:07.911761Z","last_seen":"2026-04-18T19:10:10.968775Z","times_seen":13,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":50,"dns":34,"connect":1,"send":0,"wait":18,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover.mq/RoVer_files/saved_resource(1).html","fqdn":"rover.mq","domain":"rover.mq","tld":"mq"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:36.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover.mq","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 21:28:40 GMT","end":"Mon, 16 Mar 2026 21:28:39 GMT"},"fingerprint":{"sha1":"C5:67:5C:6E:51:42:B5:D1:61:9D:5D:8B:88:19:9F:E5:3E:E8:57:E8","sha256":"22:44:C7:47:1E:4E:62:5D:1E:57:96:CF:95:5E:EF:83:17:AD:56:82:4D:BB:55:A7:0B:A3:68:5F:67:FC:E2:F6"}}},"request":{"raw":"GET /RoVer_files/saved_resource(1).html HTTP/1.1\r\nHost: rover.mq\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:49:36 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 270\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache: HIT\r\nX-Cache-Url: https://rover.mq/RoVer_files/saved_resource(1).html\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"6763ddd2d213358e676656b4ec6cf4fe","sha1":"82a121930613a39ed54d906cd003efea4fd9831f","sha256":"ea254cbc17651bc1de9cf850b20ceec33248aab7c2122e406c8f4012a8494467","sha512":"7f1ad6336b33340a3e592a1336e073ee6446fdddedd2b57a04c40483e8429d95970672552bcc7fa20c3cc5d3f656d789e5448d2825f2f1ede629120c0e7bb2ab","ssdeep":"","tlshash":"13d02baf509363874d12145039c615c2274c52eaa87e85e83d8ad487529853ecd9a588","first_seen":"2026-03-06T06:50:07.906025Z","last_seen":"2026-03-06T06:51:47.386175Z","times_seen":2,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":33,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover.mq","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.roblox.com/request-error?code=404","fqdn":"www.roblox.com","domain":"roblox.com","tld":"com"},"ip":{"addr":"128.116.44.3","port":443,"asn":22697,"as":"ROBLOX-PRODUCTION","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:38.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.com","organization":"Roblox Corporation"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 04 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:91:B6:43:7F:DB:B2:C8:95:C3:BB:3A:8F:48:37:2D:A5:47:5B:81","sha256":"B6:0C:0E:33:47:B6:6F:48:BA:63:75:C8:37:A0:A2:72:13:78:8D:AA:5D:2B:7C:73:BA:87:44:B5:BF:81:DA:15"}}},"request":{"raw":"GET /request-error?code=404 HTTP/1.1\r\nHost: www.roblox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 06 Mar 2026 06:49:37 GMT\r\nserver: website\r\ncache-control: no-store, must-revalidate, no-cache\r\ncontent-encoding: br\r\nset-cookie: rbx-ip2=1; domain=roblox.com; expires=Fri, 06-Mar-2026 07:49:38 GMT; path=/\nRBXEventTrackerV2=CreateDate=03/06/2026 00:49:38\u0026rbxid=\u0026browserid=1772779778443001; domain=roblox.com; expires=Tue, 22-Jul-2053 06:49:38 GMT; path=/\nGuestData=UserID=-345619031; domain=.roblox.com; expires=Tue, 22-Jul-2053 06:49:38 GMT; path=/\r\nvary: Accept-Encoding\r\ncontent-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests;  script-src 'self' 'unsafe-inline' apis.roblox.com roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com js.stripe.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com arkoselabs.roblox.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com api.arkoselabs.com *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com cdn.safecharge.com;  img-src 'self' data: *.cloudfront.net *.gilcdn.com *.gldcdn.com *.google-analytics.com *.google.com *.kaptcha.com *.rblx.org *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat *.stripe.com *.tarobicdn.com *.tarobidevsandboxcdn.com www.facebook.com *.snapchat.com *.safecharge.com;  connect-src 'self' *.roblox.com *.robloxlabs.com *.rblx.org *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com *.safecharge.com;\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000\r\nroblox-machine-id: 4a8e34c2-010e-8234-9e3b-6e50588d0b89\r\nx-roblox-region: us-central_rbx\r\nx-roblox-edge: c079\r\nreport-to: {\"group\":\"network-errors\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://ncs.roblox.com/upload\"}]}\r\nnel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.001,\"failure_fraction\":1}\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Arkose Labs","description":"Arkose Labs is a toolkit for fraud prevention that provides solutions to detect and mitigate malicious activity across digital platforms.","website":"https://www.arkoselabs.com","common_platform_enumeration":"","icon":"ArkoseLabs.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":386,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.roblox.com/request-error?code=404","fqdn":"www.roblox.com","domain":"roblox.com","tld":"com"},"ip":{"addr":"128.116.44.3","port":443,"asn":22697,"as":"ROBLOX-PRODUCTION","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:38.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.com","organization":"Roblox Corporation"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 04 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:91:B6:43:7F:DB:B2:C8:95:C3:BB:3A:8F:48:37:2D:A5:47:5B:81","sha256":"B6:0C:0E:33:47:B6:6F:48:BA:63:75:C8:37:A0:A2:72:13:78:8D:AA:5D:2B:7C:73:BA:87:44:B5:BF:81:DA:15"}}},"request":{"raw":"GET /request-error?code=404 HTTP/1.1\r\nHost: www.roblox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 06 Mar 2026 06:49:38 GMT\r\nserver: website\r\ncache-control: no-store, must-revalidate, no-cache\r\ncontent-encoding: br\r\nset-cookie: rbx-ip2=1; domain=roblox.com; expires=Fri, 06-Mar-2026 07:49:38 GMT; path=/\nRBXEventTrackerV2=CreateDate=03/06/2026 00:49:38\u0026rbxid=\u0026browserid=1772779778789002; domain=roblox.com; expires=Tue, 22-Jul-2053 06:49:38 GMT; path=/\nGuestData=UserID=-559370898; domain=.roblox.com; expires=Tue, 22-Jul-2053 06:49:38 GMT; path=/\r\nvary: Accept-Encoding\r\ncontent-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests;  script-src 'self' 'unsafe-inline' apis.roblox.com roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com js.stripe.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com arkoselabs.roblox.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com api.arkoselabs.com *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com cdn.safecharge.com;  img-src 'self' data: *.cloudfront.net *.gilcdn.com *.gldcdn.com *.google-analytics.com *.google.com *.kaptcha.com *.rblx.org *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat *.stripe.com *.tarobicdn.com *.tarobidevsandboxcdn.com www.facebook.com *.snapchat.com *.safecharge.com;  connect-src 'self' *.roblox.com *.robloxlabs.com *.rblx.org *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com *.safecharge.com;\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000\r\nroblox-machine-id: 99b2a717-b6b5-75a5-142a-29a4bc64bc7f\r\nx-roblox-region: us-central_rbx\r\nx-roblox-edge: c079\r\nreport-to: {\"group\":\"network-errors\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://ncs.roblox.com/upload\"}]}\r\nnel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.001,\"failure_fraction\":1}\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Arkose Labs","description":"Arkose Labs is a toolkit for fraud prevention that provides solutions to detect and mitigate malicious activity across digital platforms.","website":"https://www.arkoselabs.com","common_platform_enumeration":"","icon":"ArkoseLabs.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.roblox.com/request-error?code=404","fqdn":"www.roblox.com","domain":"roblox.com","tld":"com"},"ip":{"addr":"128.116.44.3","port":443,"asn":22697,"as":"ROBLOX-PRODUCTION","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:39.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"roblox.com","organization":"Roblox Corporation"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 04 Aug 2025 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:91:B6:43:7F:DB:B2:C8:95:C3:BB:3A:8F:48:37:2D:A5:47:5B:81","sha256":"B6:0C:0E:33:47:B6:6F:48:BA:63:75:C8:37:A0:A2:72:13:78:8D:AA:5D:2B:7C:73:BA:87:44:B5:BF:81:DA:15"}}},"request":{"raw":"GET /request-error?code=404 HTTP/1.1\r\nHost: www.roblox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 06 Mar 2026 06:49:39 GMT\r\nserver: website\r\ncache-control: no-store, must-revalidate, no-cache\r\ncontent-encoding: br\r\nset-cookie: rbx-ip2=1; domain=roblox.com; expires=Fri, 06-Mar-2026 07:49:39 GMT; path=/\nRBXEventTrackerV2=CreateDate=03/06/2026 00:49:39\u0026rbxid=\u0026browserid=1772779779393001; domain=roblox.com; expires=Tue, 22-Jul-2053 06:49:39 GMT; path=/\nGuestData=UserID=-1387505865; domain=.roblox.com; expires=Tue, 22-Jul-2053 06:49:39 GMT; path=/\r\nvary: Accept-Encoding\r\ncontent-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests;  script-src 'self' 'unsafe-inline' apis.roblox.com roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com js.stripe.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com arkoselabs.roblox.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com api.arkoselabs.com *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com cdn.safecharge.com;  img-src 'self' data: *.cloudfront.net *.gilcdn.com *.gldcdn.com *.google-analytics.com *.google.com *.kaptcha.com *.rblx.org *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat *.stripe.com *.tarobicdn.com *.tarobidevsandboxcdn.com www.facebook.com *.snapchat.com *.safecharge.com;  connect-src 'self' *.roblox.com *.robloxlabs.com *.rblx.org *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com wss://realtime-signalr.roblox.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com robloxcorp.s.llnwi.net roblox-poc.global.ssl.fastly.net d1unuk07s6td74.cloudfront.net *.sierra.chat sierra.chat sc-static.net *.sc-static.net *.snapchat.com *.tapad.com analytics.tiktok.com *.safecharge.com;\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000\r\nroblox-machine-id: 9eb3b1e9-405d-a943-b760-f6cf93a431f7\r\nx-roblox-region: us-central_rbx\r\nx-roblox-edge: c079\r\nreport-to: {\"group\":\"network-errors\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://ncs.roblox.com/upload\"}]}\r\nnel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.001,\"failure_fraction\":1}\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Arkose Labs","description":"Arkose Labs is a toolkit for fraud prevention that provides solutions to detect and mitigate malicious activity across digital platforms.","website":"https://www.arkoselabs.com","common_platform_enumeration":"","icon":"ArkoseLabs.svg","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"captchabot.fun/favicon.ico","fqdn":"captchabot.fun","domain":"captchabot.fun","tld":"fun"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rover.mq/","date":"2026-03-06T06:49:37.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"captchabot.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Feb 2026 23:47:44 GMT","end":"Fri, 15 May 2026 23:47:43 GMT"},"fingerprint":{"sha1":"8F:7A:BA:63:58:B7:7C:3D:0E:DB:58:5E:33:61:F5:39:4C:1A:4E:A4","sha256":"AA:2C:CB:48:67:8F:37:D3:55:B4:FB:42:69:1C:DD:42:72:C2:C5:B3:8C:49:93:D0:97:E8:12:60:59:35:34:A3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: captchabot.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Apache/2.4.52 (Ubuntu)\r\nDate: Fri, 06 Mar 2026 06:49:37 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nCross-Origin-Opener-Policy: same-origin-allow-popups\r\nX-Cache-Url: https://captchabot.fun/favicon.ico\r\nLocation: https://www.roblox.com/request-error?code=404\r\nStrict-Transport-Security: max-age=604800; includeSubdomains\r\nAccess-Control-Allow-Credentials: true\r\nNel: {\"report_to\":\"network-errors\",\"max_age\":604800,\"success_fraction\":0.1,\"failure_fraction\":1}\r\nX-Frame-Options: ALLOWALL\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T14:09:45.529761Z","times_seen":16180173,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":213,"dns":118,"connect":40,"send":0,"wait":40,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"captchabot.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"captchabot.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}