Overview

URLfree3dmodelingsoftwareforroblox.blogspot.am/
IP 142.250.74.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-22 17:53:06 UTC
StatusLoading report..
IDS alerts0
Blocklist alert15
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-22 04:32:00 UTC 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-22 17:04:12 UTC 143.204.55.27
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-22 04:34:04 UTC 34.117.237.239
s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2022-09-22 10:46:13 UTC 46.105.201.240
play.robuxtip.org (25) 0 2022-09-18 11:50:28 UTC 2022-09-22 14:03:37 UTC 104.21.78.103 Unknown ranking
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-22 16:28:08 UTC 151.101.85.229
free3dmodelingsoftwareforroblox.blogspot.com (2) 0 2022-09-19 02:20:22 UTC 2022-09-22 17:52:07 UTC 142.250.74.161 Unknown ranking
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-22 05:01:22 UTC 44.240.140.78
progameguides.com (1) 42189 2015-06-13 17:00:03 UTC 2022-09-22 17:52:07 UTC 104.22.49.85
www.blogger.com (1) 8975 2012-05-22 07:35:03 UTC 2022-09-22 07:08:26 UTC 216.58.207.201
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-22 12:52:01 UTC 172.64.155.188
e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-22 05:01:59 UTC 23.36.76.226
ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-22 04:32:28 UTC 142.250.74.3
robloxsong.com (1) 151247 2017-07-01 06:11:29 UTC 2022-09-22 17:51:48 UTC 104.21.92.97
t6.rbxcdn.com (1) 8809 2013-08-21 17:19:13 UTC 2022-09-22 17:52:07 UTC 205.234.175.102
i.ytimg.com (2) 109 2019-09-28 06:57:57 UTC 2022-09-22 16:54:01 UTC 216.58.207.246
cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-22 05:51:40 UTC 104.17.25.14
mtevor.com (1) 0 2019-11-04 00:42:52 UTC 2022-09-22 14:03:37 UTC 172.96.187.226 Unknown ranking
store-images.s-microsoft.com (1) 5954 2015-07-29 10:20:27 UTC 2022-09-22 17:52:07 UTC 23.38.201.128
free3dmodelingsoftwareforroblox.blogspot.am (1) 0 2022-09-22 04:20:29 UTC 2022-09-22 15:37:37 UTC 142.250.74.161 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-22 05:24:31 UTC 143.204.55.25
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-22 14:06:31 UTC 93.184.220.29
ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-22 04:42:02 UTC 104.18.21.226
img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-22 14:28:12 UTC 34.120.237.76
s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-09-22 11:39:02 UTC 158.69.248.123

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-22 2 free3dmodelingsoftwareforroblox.blogspot.com/ Phishing
2022-09-22 2 free3dmodelingsoftwareforroblox.blogspot.com/ Phishing
2022-09-22 2 play.robuxtip.org/images/scripts.js Phishing
2022-09-22 2 play.robuxtip.org/images/jquery.magnific-popup.min.js Phishing
2022-09-22 2 play.robuxtip.org/images/main.js Phishing
2022-09-22 2 play.robuxtip.org/images/fancyselect.js Phishing
2022-09-22 2 play.robuxtip.org/images/sticky.js Phishing
2022-09-22 2 play.robuxtip.org/images/com.js Phishing
2022-09-22 2 play.robuxtip.org/images/jquery-ui.min.js Phishing
2022-09-22 2 play.robuxtip.org/images/validator.min.js Phishing
2022-09-22 2 play.robuxtip.org/images/sweetalert2.min.js Phishing
2022-09-22 2 play.robuxtip.org/images/jquery.countto.js Phishing
2022-09-22 2 play.robuxtip.org/images/form-scripts.js Phishing
2022-09-22 2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRy (...) Phishing
2022-09-22 2 play.robuxtip.org/images/jquery-3.2.1.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161
Date UQ / IDS / BL URL IP
2023-01-21 16:46:31 +0000 0 - 0 - 1 wytike.page.link/pQhBiPQ2o7GVemxA8 142.250.74.161
2023-01-21 16:46:26 +0000 0 - 0 - 1 defewyr.page.link/JoAeTra1xCczHZfv7 142.250.74.161
2023-01-21 16:46:19 +0000 0 - 0 - 1 dymuder.page.link/kvtDZbqxU8AkQ2dV7 142.250.74.161
2023-01-21 13:31:38 +0000 0 - 0 - 1 feqesi.page.link/365pd6duvijVApZL9 142.250.74.161
2023-01-21 13:31:24 +0000 0 - 0 - 1 raliwobe.page.link/BCJyT76QUmkH92Uy7 142.250.74.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-31 10:20:40 +0000 0 - 0 - 2 ninjalegendsunlockallislandsscript.blogspot.bg/ 172.217.21.161
2023-01-31 10:20:39 +0000 0 - 0 - 2 benjizone.blogspot.com/search 172.217.21.161
2023-01-31 10:16:08 +0000 0 - 0 - 1 spotassistant.com/ 34.102.136.180
2023-01-31 10:13:48 +0000 0 - 0 - 1 applywithjenniferjwilson.com/ 34.102.136.180
2023-01-31 10:13:41 +0000 0 - 0 - 2 cvbvcnvbnmbv.blogspot.co.ke/ 172.217.21.161


Last 2 reports on domain: free3dmodelingsoftwareforroblox.blogspot.am
Date UQ / IDS / BL URL IP
2022-09-22 17:53:06 +0000 0 - 0 - 15 free3dmodelingsoftwareforroblox.blogspot.am/ 142.250.74.161
2022-09-22 07:35:36 +0000 0 - 0 - 15 free3dmodelingsoftwareforroblox.blogspot.am/ 142.250.74.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-31 09:53:59 +0000 0 - 0 - 1 daptajogarde2emrobloxxboxone.blogspot.ba/ 172.217.21.161
2023-01-31 09:51:59 +0000 0 - 0 - 3 rbxspacerobux.blogspot.com/?m=1 172.217.21.161
2023-01-31 08:57:14 +0000 0 - 0 - 3 2048x1152bannerroblox.blogspot.com/ 172.217.21.161
2023-01-31 08:36:40 +0000 0 - 0 - 4 petsimulatorhack.blogspot.com.tr/ 172.217.21.161
2023-01-31 07:32:37 +0000 0 - 0 - 4 httpsgrowbuxnetrobux.blogspot.hk/ 172.217.21.161

JavaScript

Executed Scripts (24)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (77)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: free3dmodelingsoftwareforroblox.blogspot.am
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://free3dmodelingsoftwareforroblox.blogspot.com/
Content-Encoding: gzip
Date: Thu, 22 Sep 2022 17:52:55 GMT
Expires: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   193
Md5:    4a31af51ea9b468f9761ee30e7923e90
Sha1:   823b99cef8f66deb54c828261f4e439c711851e7
Sha256: 2aad59a970687018914ca0f4b1372223a3800b20cc8e7dd430559ba0e332a52d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12920
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 17:52:55 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 17:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D8PJPVFliF6Qhdb76pcjGngzI6vX-UrFxiJ2kBs0uxcSX6NoohF4lA==
Age: 2333


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D_2l-tg6u8-tWrFbQZz55K-cpPvPm5MMXq8Rb7LV5B3NDtmWD9wdLw==
age: 47861
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 17:52:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: free3dmodelingsoftwareforroblox.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://free3dmodelingsoftwareforroblox.blogspot.com/
Content-Encoding: gzip
Date: Thu, 22 Sep 2022 17:52:55 GMT
Expires: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   193
Md5:    99925e746eed45ca0ebd9344485b52fc
Sha1:   11864daf21023584f3fc90de0bf446c2efe172b7
Sha256: 80fb12e78c740ca20e6e3a4ecce8655eef11fc679378ff577216352136cf8542

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 17:10:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZZgn0o3-NDDxRtACtT_672pyiEoWwYgnLOlpHRVSFK9qHdJEQHjYJA==
Age: 2973


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6586
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 17:52:56 GMT
Last-Modified: Thu, 22 Sep 2022 16:03:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xyMZmTjSjXolA8Pr1BWIHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.240.140.78
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QRL5/uFzlMobtqjlvG+dNOnUywo=

                                        
                                            GET / HTTP/1.1 
Host: free3dmodelingsoftwareforroblox.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         142.250.74.161
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 22 Sep 2022 17:52:56 GMT
date: Thu, 22 Sep 2022 17:52:56 GMT
cache-control: private, max-age=0
last-modified: Wed, 21 Sep 2022 23:25:01 GMT
etag: W/"d66b94f9a1592b8027baa064b1d9d57245134bf9e014d7a3aef14977c4727136"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 17199
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14233)
Size:   17199
Md5:    a2fc80147b583537f6c175ab8226acf8
Sha1:   19972c28e2b1b803682fdfb1977fbfc7d0ab9802
Sha256: 433f343028e97f99d4c258c4161ffdbeb841080cdb4d1bc61d439c030bd6d8ff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2021/04/Roblox-FNAF-900x506.jpg HTTP/1.1 
Host: progameguides.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.49.85
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 22 Sep 2022 17:52:56 GMT
content-length: 43104
cf-bgj: imgq:100,h2pri
cf-polished: origSize=43975, status=webp_bigger
etag: "6086f38e-abc7"
last-modified: Mon, 26 Apr 2021 17:08:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 49
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b239f60b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x506, components 3\012- data
Size:   43104
Md5:    4310c846aaa1836bc88da9bb44af78d8
Sha1:   7d4b926dc0f402141dd9b1409bffe1b2c75c9296
Sha256: 172a113c81049c3070613e32922934cbc69b3e78dd63591b6680b7366212f16b
                                        
                                            GET /assets/img/codes/169/1099415169.jpg HTTP/1.1 
Host: robloxsong.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.92.97
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 22 Sep 2022 17:52:56 GMT
content-length: 86158
last-modified: Fri, 16 Oct 2020 00:34:31 GMT
etag: "1508e-5b1beed9496cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 35
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz1ZNYe6cK0i6OHpXoMbbv%2FD0ZBfgUm0iX3hMyvwj%2Fx3dc53upcg2HYEEMIb7VhbaE9%2BTq0%2BorOg8HBKwPcrbKTjXQiRFPG1K0Knzw3J3Sv6b4RIV67dgDgjkOaQkwIatg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b23aecb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 808x454, components 3\012- data
Size:   86158
Md5:    152a02077f259eb16b7f95951407c494
Sha1:   8fa6810e1e6d14350c14eaca96259f62ad237db9
Sha256: 5682234cb946c53165e205d2cf06f48bbf87d6a7e6f99c127ee5623d52389c5e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Content-Length: 940
Connection: keep-alive
Expires: Mon, 26 Sep 2022 15:41:42 GMT
ETag: "ac4c807e86223fc59647fb15713191a085043ce2"
Last-Modified: Thu, 22 Sep 2022 15:41:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 629
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ece5b2695ab4e8-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /425e5e080bd1dd22249ae9e78d05cfae HTTP/1.1 
Host: t6.rbxcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         205.234.175.102
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Thu, 22 Sep 2022 17:52:56 GMT
content-length: 243
x-amz-request-id: W0YZSSBKQWA3HE6M
x-amz-id-2: 0n2nJ9V/Y1VFqs38Gv8E2H+fYIRdnxFkL/CZNx0lwAJZq20mwChX1Tvim/f1IdvvDQTao0CobGo=
access-control-allow-origin: *
x-cf3: M
cf4age: 0
x-cf-tsc: 1663869165
cf4ttl: 120.000
x-cf2: H
server: CFS 0215
x-cf1: 28290:fA.arn1:co:1543531200:cacheN.arn1-01:M
x-cf-reqid: a1421d2bbe53af7340bb0652d6282112
access-control-allow-methods: GET
vary: Accept-Encoding
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   243
Md5:    a4057c8d8ec94730fc5f2e741a448cf6
Sha1:   06b13909fce5382ad06c9a7f4ac67e4f24b67f65
Sha256: 03a7aad88f2c5f347f944eb68e259271571517572a52ff770303d4b85ddb491b
                                        
                                            GET /vi/qMwwD3y1I28/maxresdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.246
HTTP/2 404 Not Found
content-type: image/jpeg
                                        
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 17:52:56 GMT
expires: Thu, 22 Sep 2022 17:53:26 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size:   1097
Md5:    e2ddfee11ae7edcae257da47f3a78a70
Sha1:   6e902fa6302eb30cd204579bca6a59b37233e262
Sha256: 20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /vi/3mrdkJmLSiM/hqdefault.jpg HTTP/1.1 
Host: i.ytimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.246
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:52:56 GMT
expires: Thu, 22 Sep 2022 19:52:56 GMT
cache-control: public, max-age=7200
etag: "0"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size:   13240
Md5:    c7bc7431f246702b00faf27664ca892b
Sha1:   36b23fb22c71275acc6f925fecfce3a395df0979
Sha256: 0ede45464aab25ac4517d24812129049c804c89939b23abd1aec64a70c2a007d
                                        
                                            GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
age: 142283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56913
Md5:    c6aef9cbd2abf926a23970b70f8a24c2
Sha1:   78972b4f41a7d2580c383da41e3a472c4cfc647a
Sha256: 111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:56 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 15:20:19 GMT
Expires: Mon, 26 Sep 2022 15:20:18 GMT
Etag: "f58f1eaf5ca2626860e8e5ee35babd4a5ce40478"
Cache-Control: max-age=335841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ece5b298691c0e-OSL

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "EFAA97AFDD910DF2B256576C0B6FACFB3422F26B53B29419A30ECCFC1F71E43C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10086
Expires: Thu, 22 Sep 2022 20:41:02 GMT
Date: Thu, 22 Sep 2022 17:52:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3109
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 17:52:56 GMT
Last-Modified: Thu, 22 Sep 2022 17:01:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/gamebaglogo.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKHmiyy54xVygjL7zDfRZwvMXVT92zKZCe6xpPHz7FgMnqrhiBIGU6pYsjKNRPalt5fLR70VnjLVlet5bGc1H3rwVu3313W3084VJn7Yhr4qDNacF6UoVw6BI7sBrubi%2B%2F7e0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a68fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   3340
Md5:    e84f0caa809a15b2aaa9cb93bbe6669a
Sha1:   22a330ad580aaa6b2232307a87b981adc7fbf38f
Sha256: 1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
                                        
                                            GET /images/ft-1.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHeTRvPEGfaOGyCBwLfeAcmEgCmttx9wz6BzbOAYNlWUhFNenUyWisbGzCAA0ZgaSOXTiVPqwdynfBkGnXDE7ZJokxrhQsw8FDG0kpLjr%2BX3FDUoN%2FGSdhfAVpslNVp8iAYA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6cfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   3340
Md5:    e84f0caa809a15b2aaa9cb93bbe6669a
Sha1:   22a330ad580aaa6b2232307a87b981adc7fbf38f
Sha256: 1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
                                        
                                            GET /images/header.png HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm3Wb8DnntzTEx9%2Fi%2BC7v00K3Xt7HBq41%2Bbs6U9767NyTKyiMVu34IH29HtsGAq%2FXvfDOdufPpF65Eh3MC9SY%2F3dLBzNR0xw1T7BU1%2FhTjoxGF12EYOvpJlC3GhMlM0JdGvISQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6afac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   131285
Md5:    35e93538f31d67876a2cb38bf94279d8
Sha1:   49bf97732e9bffb5371ad60d024901b09d83651b
Sha256: 95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
                                        
                                            GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9310547
expires: Tue, 12 Sep 2023 17:52:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7Or5fSJdzKpfe52WIxASXTj0F%2FSrGrVjoNNT2bK1jizYFErhmHARzAFfTec3q0QvuqbOoblnMrztI2C%2FvWVZscIfcrINvuCUSYR4uQ2hGNRuenGaoeeiEjpBtzdbVemBgb%2FGyqY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ece5b59c6db4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3201), with no line terminators
Size:   1541
Md5:    8e09ceb5490863a66cd2e83ca3d7e524
Sha1:   35e3d074516ec70c508d748f7ae01827bc0c28ba
Sha256: cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
                                        
                                            GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 17:52:57 GMT
age: 5061956
x-served-by: cache-fra19165-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4802)
Size:   2068
Md5:    18914b05d782cca37716837edf14fa8a
Sha1:   c563d127cf718dd86389fdd007b4c51b6bb58dc3
Sha256: 4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "387A151038BA320246CB886628A03474184A1493"
Expires: Fri, 23 Sep 2022 05:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 291
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ece5b5ffc1b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    7c69d6952784ad55ca56267a5916772d
Sha1:   0469c7347f5ed502713c9a4acd788bd26839bf2d
Sha256: ba5cc7f5d603e87c2d53e312f98d085d241867502cbe5dcb028f0ace438562db
                                        
                                            GET /images/scripts.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 252483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1xGp4HQPVDaCkqYtIIu%2FgPNceIfadtmE93%2F0UhUW%2FxItfTBksLkAsCFAYysxGBkkVwjktGB5NP9bkSv5XKxG%2Btv7DMztSJDi8xMLbNrlgE3ou0N%2F%2Frk8qgPCBrMOsab1F1ECw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a82fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   16198
Md5:    5ce830d9a0922920ad3c39200c0d030f
Sha1:   ceb2f0e0564a6f2097db363adfbdcc6cf8352b7e
Sha256: a124070f77cc438d71e1c34c70c714da91cb090123888e1eef47184976fcd484

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/jquery.magnific-popup.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaP%2FjP0JkPmNXZ%2BNtYi7X%2BWkUNPg3pkESDVfbGbivEYugEne1g1VmHgDueTXKQ%2F0tJAzjSuKovhhqD9o12RP79VLM%2FYC1JSr5WxF7%2BMfHINRBshkQZtXRAKsHAdOZnlrP%2F3dAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21014)
Size:   8575
Md5:    da4b5fc59e77bffa02644e0d9685c088
Sha1:   625c71e98072769b041886e8472b631d32337426
Sha256: 198822c26317940c7537bffb9657efbecef583d4c276f826927d2232d40a456a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/main.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq%2BzD1x7t2PsKP5HDgOsG3WsR39RsEYOaTmBGp24ZtH2o5pggtKVhz3AFc%2FYY82QqZZ4Gq8l%2FJxwbl1Zn%2FK2r%2BBz69WBNWuEg8hAcGIFjOFMk1YtfnbjJkE4scB%2FB3PmBOMvXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a81fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24637)
Size:   70163
Md5:    3c9100116601508e64c242c9b0520124
Sha1:   7cc3f27755e12047277c5fd8a9376e3f295f91bc
Sha256: 6beb8fde868fcf69cfbb3a1c85f01f80af6ac65ebe7b7f23c66fabd3df5a1a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5960
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 17:52:57 GMT
Last-Modified: Thu, 22 Sep 2022 16:13:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /images/fancyselect.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh%2FmtPDpJ%2BVPRjPArdyLAIa9mOFGslkI%2F1wZh3T9jD8Y6oM65JPWLypmDHRlfs9YsPyuSHhYWlh07yijuEVLNoeEd5uO1kVFWVuApEZ1%2B9m4qA85Fp%2BF6SSf5cANwPVB3cHYmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1254)
Size:   68039
Md5:    0c91b030b15390ff4c79d6616d137c1a
Sha1:   207a8e180bdb7a17547fdc6353d0d9551540574e
Sha256: a0510b0a1cb012547fd68732c894c90282ad0744f40e4eab8bd5700cfcec483a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/sticky.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm4vAwBHBLRzueClCsdqB2r4A4vOPFkCWTqc1Enq6%2Fn%2Fpgq3xOflkysMzxsNN8Imm41XRnBtSdFmY6tdZ%2B%2FsOjXzTyCWqzrWHpTf61SEEGQwGhONu34t%2FHeFPrO58I%2F%2BFPBrKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a80fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16920)
Size:   10078
Md5:    9acd98d2b7a9d28f13777319a4407f8b
Sha1:   51e6a503b9ee2c4d7f674d36852533bbe581425c
Sha256: 96acdfa6ebc5e29775eb4c132d06a846c6f8fa5962001502b875149022bb1fd7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/com.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ds8p72mZAulIpgGZlJ3NRJgQcNunW9qocQ%2FUSHqLm9GGIBzra3M8tjA8P07PYnuHqBnTRh%2BLGdzUccyWx1BVlySwzkcbf8pT2%2BFQa54ENotNrAEhqtXuBhkTtsruCBp2YdRolQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Size:   21404
Md5:    6526919aef038ec3dbf8c2f3b1a0fae9
Sha1:   5bd4f50e719673f27249787272767a28e1021d0c
Sha256: c8f4084544c582273ffc80373dee14238f3a25056078b0505b08516219ab9791

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/jquery-ui.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAnARHZhhkWMKvLr7kxdm14V9UL03BJrzK5x8UpMlkN8UmolJu3i1ENppMBerqtA2iifdStJuYCiXP9R5EzLP6WEQZ4aqy%2BkdL6AhtjFTTcZ%2FeITxErlrjRipFtztfFqYF5cZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (563)
Size:   70563
Md5:    e9cd69971b25d3ac6cdad20a9091bd4c
Sha1:   9b3271c0e56ad91ab9371baadb179a154b291637
Sha256: e70062201b19e798e18dfb8992f4260a41bbcdc3b40d47e399ba5672834bba1a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5960
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 17:52:57 GMT
Last-Modified: Thu, 22 Sep 2022 16:13:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /images/validator.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF22d20OtsGH2YcNnuSEV1YJ2U4CKsj2EHiTm2G7pkXzBmvy1sSJVAwr86kZpVyAmYFxdUmKVl8cP7O9tKmr6%2FKcct0c%2BhVwqWohUolqfPh9G73DkoJ5KwczQf4mtnXFlJA16g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5862)
Size:   20692
Md5:    ecbf19830a6a35e30737ef9a9d89b0c8
Sha1:   4396f0eb78c7da371c2efdae41b6766abb53c770
Sha256: 676b593a9a6ecf4d9c6bc69e18b6859e59a96cbf1fc9288656928451c2fdc498

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/fancyselect.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8QkxdnbfLXXg5NF%2BXMw4DIPfmlE9Jr58TrOGe7VYsn3A5hklOmQBHWSkIh3ErL1UZAPW6b9JQqsUNlaYe4LXxE2laXw95CDVrrWKTNT44wYx73MjnFiQI0RGh5%2FwYH%2BZB3f9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3595), with no line terminators
Size:   18028
Md5:    705c965e4b0fdf6ce9dd16dea5e9db89
Sha1:   762043487a6b08d4522c737e694453c9ddb42caf
Sha256: bce68547df30d83fd2285759672008474611ed1ffbfc59be6f6f27831856b3ff
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2EE5044F5CBE123FAAEC6042411582DC59A51000999035CABCFB3BFFF5EB41F3"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Thu, 22 Sep 2022 21:55:51 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Size:   16451
Md5:    b4d67988128df8edc94186d51c0d6675
Sha1:   39221b29f10baa3ca54e78fb6a11abe2ba694b54
Sha256: 03222b607cd4b5bc94387eff517b752a294f0aad83641636d962ec063325bca1
                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         46.105.201.240
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Thu, 22 Sep 2022 17:47:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 909870012
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4364
Md5:    ed192092c129db6123a3397855f42619
Sha1:   067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
Sha256: 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12048
x-amzn-requestid: bc551b18-fddb-4502-8c11-b8de83d75def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwlKzF9FoAMFp_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329b578-7e030b2e0af1d1c309d2dde6;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 12:43:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dRyKwUtxiHGz_bqMMSlRKS1cDNhKm_g1ocpZLmE15k8owH789jueWA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:19:10 GMT
age: 70427
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12048
Md5:    c2db94039cb675cb250519fe57b2b3c9
Sha1:   37222a70df5d9a69073b4b32ebc3a5da60006001
Sha256: 444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
age: 72271
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11286
Md5:    9becda6e892a190dbbc63216ae697506
Sha1:   ba3369e1827d8f01ca10acb8648195847dd02ffd
Sha256: d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 8931
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14397
Md5:    c0201d377c57a684452c0d26372e674d
Sha1:   3829f81048cc63b5f0d1e82dfbe3b8e31646e733
Sha256: efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
age: 73128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10754
Md5:    af5773255351157d72c28a670a355c60
Sha1:   c803e5866edbe6c9baec14e93677f610bdf09bff
Sha256: 3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
age: 72270
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5650
Md5:    a5edcd9aee78a6cacc9241b47cbce598
Sha1:   f95b843029e84dbb188427a8c2ff8c9f32740465
Sha256: 6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
age: 73128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8678
Md5:    91c56f0b9810bfdd84e10a626b89e389
Sha1:   15d83e44d568938b6c9c87201e898cedb3edec0a
Sha256: 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
                                        
                                            GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1663869177114&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=refaalesandragmailcom|template=Fastink.xml|refaalesandragmailcom=free3dmodelingsoftwareforroblox.blogspot.com|free3dmodelingsoftwareforroblox.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Ffree3dmodelingsoftwareforroblox.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:81915774&@b3:1663869177&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         158.69.248.123
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 17:52:57 GMT
Content-Length: 52
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   52
Md5:    2630e381b835dae8174899fa261418b5
Sha1:   ec39f4642befa023bd8a1365d116fc682dffb396
Sha256: 6afd75dc3b2db6b7f20049e0cf595878619054382764824c90fee738dae744ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8748
x-amzn-requestid: 83c28267-4d10-476d-8b11-08b48b046985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6CGtroAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab840-1167c5285b6837d311bfe2a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xo0ilY8z0C3rDISFOM5EixEK7HAelSut4hgNNwGYAVQIfPP8C6pUCg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 04:10:05 GMT
age: 49379
etag: "7c27c02029eb49e726a076679be2c793da696e45"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8748
Md5:    888247c1153f8770b880395734749107
Sha1:   7c27c02029eb49e726a076679be2c793da696e45
Sha256: 515852e0d38cdaf86bce45fa5e0df453d08ca36cf6ecfa0c4b868c2143afe333
                                        
                                            GET /images/sweetalert2.min.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnsdK8oaUuu1ETzgjW0lWYBohGJpdlKHTdskHWCh1zgVkIMwjlQV2R4Lj0OQQ%2F7T0e1mr4SSOx9F90CmCz%2BWIPKu1vbaX1pO%2Fx1JmalsGFR0GFqKhyvphQLoNgipzIcMn7W4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a79fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /image/apps.1820.66809160632408244.567a3c93-5dc4-425d-b2f7-01b99eb24d67.e9353143-e608-44e7-93f9-5d4c98965a25?mode=scale&q=90&h=720&w=1280&format=jpg HTTP/1.1 
Host: store-images.s-microsoft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.128
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=7776000, s-maxage=7776000
Last-Modified: Tue, 21 Apr 2020 22:44:16 GMT
Accept-Ranges: none
ETag: W/"AEDwBU86LATbIK+qI5Lf7nGvvvPiRdQgMHg4RDdFNjQ1ODU5NDIxOEI"
MS-CV: bs9QVxr5OUakCXTB.0
Access-Control-Expose-Headers: MS-CV
Content-Length: 145628
Date: Thu, 22 Sep 2022 17:52:56 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /images/bootstrap.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Idj2iNI4iCdv%2FX2BQlZEh%2FVn7MPw5HyK%2BXv2tlmmRd%2BV7G26EaSe%2FLA5f6fOX1n3nOxvBD3JOUsstBNEXmGylpHXdRxzhk2vJ%2BaYAPHWiYD6SeA35NE0rXgOrUfkwRg1qFkwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a51fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/custom-css.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeKZltk9ab6Sqo3Yp2vOSN3KwDWxND%2BLOnkM8N0v9Ln1qLHoTN0YD4STjVNa3Tf5qvHK6Fwf7afmtZg43UUxakt8lblLYvl7a8aA%2F4LsRgxbfAVI0Y6qXkeaze0pB13H2Qy7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/style.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPRcZUr%2Fa64W2J%2BZhvXR538iqiWK4cnkh6gm8A2TVOjGXtBNKo0otaT1POzgjp0tHB9v24HV%2FxmMA4yJKAw5Mu1sOrKkukTfzZMj7S2SznemSUj8ariobhJ8slpq09ZWz37XrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/animate.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQqwTgz4ZKAZUDRvZ%2FixTRQuOFm%2F6O1XzjYHfU%2BAneyTrEAHwh%2FnWbVmENpliRfrShmdYsC%2BBBsAGm50cgsU%2FmVTC4Qj%2FE2OaCuflnt2xcVyvMLqDf10OZadAB91VXgyi6XjTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a54fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/jquery.countto.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbnB%2BozQA6Xo0xy0dIto3qLT5EdP8slNff92moMdGegO9Cplt1eu0q4fp6CRZwOIgwHOUr73taI4h4k9BrrRyWV5YfV1Qx7t%2F0mLyA%2BruF2xCFw8MrcmK8kQn9v70%2B827iqLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a78fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcW2HUEscnMCn0Zqzzb1ubP7Xx7y0llQELOz%2BZWwu0AqfA9Fnt1zrK15ScyxRNPYcXtnsUnPtBeDYqQOYv6mCoPYxT5eFB%2FnxHkogbpTrFRiXCP4xvudE%2FDu9LmPSFb3ToUkUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a4cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/font-awesome.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIzctkvsZF%2BpxcxelgNAbKgtM09sUGhVtZ2O1oGigz3yLKIAwvK3mS8G7dQLQc79Eb2I%2BKS%2F8422DYz8%2B23powIFvlMBI7wC6xEQzCxq%2Buh0Jc49SLEi3FWJ4zANSsoXO5zXgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a4efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/sweetalert2.min.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBnAqibTkG2QmOB8HJwuw6vDBPZoh%2BvVRYHc2mAlUt%2BKt%2FM6irZALxHU51mNqNuC3bRufT%2FukG1gqhKXXl2fBr%2FRUzbwITD4QrAo57BP0ijCB565%2F3cF5CwMqxj0gox0q%2B73kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a55fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/form-scripts.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emgLU533PqyMLGPp88xM4BNe7P2Wu10CpxsqAvel%2FPpVtzUfsJVFkRmaCd%2FOm4z5igGDbyKuO2bLcZ9qESLfB91RDISkldCcdtLEc%2BDmf8vzdXgWVkQl5yM8zZNMoVYekU%2Bo4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 37055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=493oOEZDz8wmUROPN%2BDOLlMtf3wtum3xHDleFumMa0d95%2BxeRhkpt2ebwx0bIvJ%2FskFklixYbc5xB0eyOkDDeJZrSMx5DmnABXl3of2Rs%2BxR%2F%2Fpd2qZlhTtHAx0RQIrazvwkmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b50a1afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/magnific-popup.css HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8d%2FPxpaSajbuZA9JEYh4n3uMFK2GjKs80%2B5xDfO6RFGu25hcpHQcjgp8bmhlfr5wqiZQcL%2BPf23DJGlyqOsSQtVEpncRy%2FVn5kbay4EzXzuvOQXsGgwvwcH9jf7cLvBSu65iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a56fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cluster-v2/roblox-crn.js HTTP/1.1 
Host: mtevor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.96.187.226
HTTP/2 200 OK
content-type: application/javascript
                                        
x-powered-by: PHP/5.6.40
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 17:52:56 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/jquery-3.2.1.js HTTP/1.1 
Host: play.robuxtip.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.78.103
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 17:52:57 GMT
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ex%2BC5xen0bJvMjrC924hVVymr02HnfeDYVfft85tdod4iDkJ5QkqZK3GQ%2F2GaHL5fnNczv78CDf8ogZOqmZ4KwgWgi7nS01fgy6j88e7e2IVOsG6zDFbOeY5Yw%2FkBs3%2FpT9%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing