free3dmodelingsoftwareforroblox.blogspot.am/
142.250.74.161302 Moved Temporarily 193 B URL HTTP/1.1 free3dmodelingsoftwareforroblox.blogspot.am/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4a31af51ea9b468f9761ee30e7923e90
823b99cef8f66deb54c828261f4e439c711851e7
2aad59a970687018914ca0f4b1372223a3800b20cc8e7dd430559ba0e332a52d
GET / HTTP/1.1
Host: free3dmodelingsoftwareforroblox.blogspot.am
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://free3dmodelingsoftwareforroblox.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 22 Sep 2022 17:52:55 GMT
Expires: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12920
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 17:52:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 17:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D8PJPVFliF6Qhdb76pcjGngzI6vX-UrFxiJ2kBs0uxcSX6NoohF4lA==
Age: 2333
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D_2l-tg6u8-tWrFbQZz55K-cpPvPm5MMXq8Rb7LV5B3NDtmWD9wdLw==
age: 47861
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:52:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
free3dmodelingsoftwareforroblox.blogspot.com/
142.250.74.161301 Moved Permanently 193 B URL HTTP/1.1 free3dmodelingsoftwareforroblox.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 99925e746eed45ca0ebd9344485b52fc
11864daf21023584f3fc90de0bf446c2efe172b7
80fb12e78c740ca20e6e3a4ecce8655eef11fc679378ff577216352136cf8542
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: free3dmodelingsoftwareforroblox.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://free3dmodelingsoftwareforroblox.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 22 Sep 2022 17:52:55 GMT
Expires: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 193
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 17:10:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZZgn0o3-NDDxRtACtT_672pyiEoWwYgnLOlpHRVSFK9qHdJEQHjYJA==
Age: 2973
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0e6f7ad30af48f5591742a9a6dd1d992
82fb60705b705a4f98998ac514836669e09fea79
687c9c8105a92f6f31713916b4b626a01a7374180d81d513c7b01dd64fc02c67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6586
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Last-Modified: Thu, 22 Sep 2022 16:03:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xyMZmTjSjXolA8Pr1BWIHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QRL5/uFzlMobtqjlvG+dNOnUywo=
free3dmodelingsoftwareforroblox.blogspot.com/
142.250.74.161200 OK 17 kB URL HTTP/2 free3dmodelingsoftwareforroblox.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14233)
Hash a2fc80147b583537f6c175ab8226acf8
19972c28e2b1b803682fdfb1977fbfc7d0ab9802
433f343028e97f99d4c258c4161ffdbeb841080cdb4d1bc61d439c030bd6d8ff
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: free3dmodelingsoftwareforroblox.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 22 Sep 2022 17:52:56 GMT
date: Thu, 22 Sep 2022 17:52:56 GMT
cache-control: private, max-age=0
last-modified: Wed, 21 Sep 2022 23:25:01 GMT
etag: W/"d66b94f9a1592b8027baa064b1d9d57245134bf9e014d7a3aef14977c4727136"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 17199
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
progameguides.com/wp-content/uploads/2021/04/Roblox-FNAF-900x506.jpg
104.22.49.85200 OK 43 kB URL HTTP/2 progameguides.com/wp-content/uploads/2021/04/Roblox-FNAF-900x506.jpg
IP 104.22.49.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x506, components 3\012- data
Hash 4310c846aaa1836bc88da9bb44af78d8
7d4b926dc0f402141dd9b1409bffe1b2c75c9296
172a113c81049c3070613e32922934cbc69b3e78dd63591b6680b7366212f16b
GET /wp-content/uploads/2021/04/Roblox-FNAF-900x506.jpg HTTP/1.1
Host: progameguides.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:56 GMT
content-type: image/jpeg
content-length: 43104
cf-bgj: imgq:100,h2pri
cf-polished: origSize=43975, status=webp_bigger
etag: "6086f38e-abc7"
last-modified: Mon, 26 Apr 2021 17:08:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 49
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b239f60b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
robloxsong.com/assets/img/codes/169/1099415169.jpg
104.21.92.97200 OK 86 kB URL HTTP/2 robloxsong.com/assets/img/codes/169/1099415169.jpg
IP 104.21.92.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 808x454, components 3\012- data
Hash 152a02077f259eb16b7f95951407c494
8fa6810e1e6d14350c14eaca96259f62ad237db9
5682234cb946c53165e205d2cf06f48bbf87d6a7e6f99c127ee5623d52389c5e
GET /assets/img/codes/169/1099415169.jpg HTTP/1.1
Host: robloxsong.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:56 GMT
content-type: image/jpeg
content-length: 86158
last-modified: Fri, 16 Oct 2020 00:34:31 GMT
etag: "1508e-5b1beed9496cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 35
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz1ZNYe6cK0i6OHpXoMbbv%2FD0ZBfgUm0iX3hMyvwj%2Fx3dc53upcg2HYEEMIb7VhbaE9%2BTq0%2BorOg8HBKwPcrbKTjXQiRFPG1K0Knzw3J3Sv6b4RIV67dgDgjkOaQkwIatg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b23aecb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8812bd1fa7aae4e1a1c07c8e83f169a8
343e735a6c9d78e904456984e4ad1c427ad9ff36
ff7c0bdf2f9bdc0eb48771a456424c8fa595ae398e1ba110f4fb54f1a1caaf8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e017f435ec5c88c11e8d90d6a758fdc6
ac4c807e86223fc59647fb15713191a085043ce2
1f48e52f65923e49dccc16fbe0526ad6d4a4dd0875698ce6203aaf62eaa33835
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:52:56 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 26 Sep 2022 15:41:42 GMT
ETag: "ac4c807e86223fc59647fb15713191a085043ce2"
Last-Modified: Thu, 22 Sep 2022 15:41:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 629
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ece5b2695ab4e8-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8812bd1fa7aae4e1a1c07c8e83f169a8
343e735a6c9d78e904456984e4ad1c427ad9ff36
ff7c0bdf2f9bdc0eb48771a456424c8fa595ae398e1ba110f4fb54f1a1caaf8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t6.rbxcdn.com/425e5e080bd1dd22249ae9e78d05cfae
205.234.175.102403 Forbidden 243 B URL HTTP/2 t6.rbxcdn.com/425e5e080bd1dd22249ae9e78d05cfae
IP 205.234.175.102:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash a4057c8d8ec94730fc5f2e741a448cf6
06b13909fce5382ad06c9a7f4ac67e4f24b67f65
03a7aad88f2c5f347f944eb68e259271571517572a52ff770303d4b85ddb491b
GET /425e5e080bd1dd22249ae9e78d05cfae HTTP/1.1
Host: t6.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 22 Sep 2022 17:52:56 GMT
content-type: application/xml
content-length: 243
x-amz-request-id: W0YZSSBKQWA3HE6M
x-amz-id-2: 0n2nJ9V/Y1VFqs38Gv8E2H+fYIRdnxFkL/CZNx0lwAJZq20mwChX1Tvim/f1IdvvDQTao0CobGo=
access-control-allow-origin: *
x-cf3: M
cf4age: 0
x-cf-tsc: 1663869165
cf4ttl: 120.000
x-cf2: H
server: CFS 0215
x-cf1: 28290:fA.arn1:co:1543531200:cacheN.arn1-01:M
x-cf-reqid: a1421d2bbe53af7340bb0652d6282112
access-control-allow-methods: GET
vary: Accept-Encoding
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
i.ytimg.com/vi/qMwwD3y1I28/maxresdefault.jpg
216.58.207.246404 Not Found 1.1 kB URL HTTP/2 i.ytimg.com/vi/qMwwD3y1I28/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/qMwwD3y1I28/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: image/jpeg
date: Thu, 22 Sep 2022 17:52:56 GMT
expires: Thu, 22 Sep 2022 17:53:26 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a66068824c8bed97e895f8f292ef0623
704bb22deb8b53f64e199eea05e680cf93f1192a
2e7f65288c12ebae7ed8e7616377045016d8ea89017d7429b68d8ded3a90c633
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/3mrdkJmLSiM/hqdefault.jpg
216.58.207.246200 OK 13 kB URL HTTP/2 i.ytimg.com/vi/3mrdkJmLSiM/hqdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash c7bc7431f246702b00faf27664ca892b
36b23fb22c71275acc6f925fecfce3a395df0979
0ede45464aab25ac4517d24812129049c804c89939b23abd1aec64a70c2a007d
GET /vi/3mrdkJmLSiM/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:52:56 GMT
expires: Thu, 22 Sep 2022 19:52:56 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 142283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8812bd1fa7aae4e1a1c07c8e83f169a8
343e735a6c9d78e904456984e4ad1c427ad9ff36
ff7c0bdf2f9bdc0eb48771a456424c8fa595ae398e1ba110f4fb54f1a1caaf8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a66068824c8bed97e895f8f292ef0623
704bb22deb8b53f64e199eea05e680cf93f1192a
2e7f65288c12ebae7ed8e7616377045016d8ea89017d7429b68d8ded3a90c633
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fb0c8de6181e20d1f0261ded7b31fb60
f58f1eaf5ca2626860e8e5ee35babd4a5ce40478
8abd134454a879b53de6fe9b942e2869657e6071605d9cdb1b4064cd3231faaf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:52:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 15:20:19 GMT
Expires: Mon, 26 Sep 2022 15:20:18 GMT
Etag: "f58f1eaf5ca2626860e8e5ee35babd4a5ce40478"
Cache-Control: max-age=335841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ece5b298691c0e-OSL
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50eafea4e2f15beb55f83673dfef670e
0773397022a78edde54c1c8f2180872426c2b311
efaa97afdd910df2b256576c0b6facfb3422f26b53b29419a30eccfc1f71e43c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "EFAA97AFDD910DF2B256576C0B6FACFB3422F26B53B29419A30ECCFC1F71E43C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10086
Expires: Thu, 22 Sep 2022 20:41:02 GMT
Date: Thu, 22 Sep 2022 17:52:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 93cbd701b1b00d5f0fe208028d13b89a
76c2f9f7bcad2611ae07d4139e65c51de37b2662
e72a3ba760a50656cf23e0832d2ca8f2014a43f8e7bf28c3b11fdc42afdd34c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3109
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:56 GMT
Last-Modified: Thu, 22 Sep 2022 17:01:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 34311ea618c6843119740ba3b58d5eda
76301cab8a24695901236f1f98733d4f1f73ed53
ea68cb2e56dbab67e038a928b850ba16c801e7794757eaa48c76cb84383c223e
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/gamebaglogo.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKHmiyy54xVygjL7zDfRZwvMXVT92zKZCe6xpPHz7FgMnqrhiBIGU6pYsjKNRPalt5fLR70VnjLVlet5bGc1H3rwVu3313W3084VJn7Yhr4qDNacF6UoVw6BI7sBrubi%2B%2F7e0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a68fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHeTRvPEGfaOGyCBwLfeAcmEgCmttx9wz6BzbOAYNlWUhFNenUyWisbGzCAA0ZgaSOXTiVPqwdynfBkGnXDE7ZJokxrhQsw8FDG0kpLjr%2BX3FDUoN%2FGSdhfAVpslNVp8iAYA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6cfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
104.21.78.103200 OK 131 kB URL HTTP/2 play.robuxtip.org/images/header.png
IP 104.21.78.103:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm3Wb8DnntzTEx9%2Fi%2BC7v00K3Xt7HBq41%2Bbs6U9767NyTKyiMVu34IH29HtsGAq%2FXvfDOdufPpF65Eh3MC9SY%2F3dLBzNR0xw1T7BU1%2FhTjoxGF12EYOvpJlC3GhMlM0JdGvISQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6afac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9310547
expires: Tue, 12 Sep 2023 17:52:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7Or5fSJdzKpfe52WIxASXTj0F%2FSrGrVjoNNT2bK1jizYFErhmHARzAFfTec3q0QvuqbOoblnMrztI2C%2FvWVZscIfcrINvuCUSYR4uQ2hGNRuenGaoeeiEjpBtzdbVemBgb%2FGyqY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ece5b59c6db4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (4802)
Hash 18914b05d782cca37716837edf14fa8a
c563d127cf718dd86389fdd007b4c51b6bb58dc3
4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 17:52:57 GMT
age: 5061956
x-served-by: cache-fra19165-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 7c69d6952784ad55ca56267a5916772d
0469c7347f5ed502713c9a4acd788bd26839bf2d
ba5cc7f5d603e87c2d53e312f98d085d241867502cbe5dcb028f0ace438562db
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:52:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "387A151038BA320246CB886628A03474184A1493"
Expires: Fri, 23 Sep 2022 05:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 291
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ece5b5ffc1b4e8-OSL
play.robuxtip.org/images/scripts.js
104.21.78.103200 OK 16 kB URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 104.21.78.103:0
File type ASCII text, with no line terminators
Hash 5ce830d9a0922920ad3c39200c0d030f
ceb2f0e0564a6f2097db363adfbdcc6cf8352b7e
a124070f77cc438d71e1c34c70c714da91cb090123888e1eef47184976fcd484
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 252483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1xGp4HQPVDaCkqYtIIu%2FgPNceIfadtmE93%2F0UhUW%2FxItfTBksLkAsCFAYysxGBkkVwjktGB5NP9bkSv5XKxG%2Btv7DMztSJDi8xMLbNrlgE3ou0N%2F%2Frk8qgPCBrMOsab1F1ECw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a82fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.magnific-popup.min.js
104.21.78.103200 OK 8.6 kB URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (21014)
Hash da4b5fc59e77bffa02644e0d9685c088
625c71e98072769b041886e8472b631d32337426
198822c26317940c7537bffb9657efbecef583d4c276f826927d2232d40a456a
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaP%2FjP0JkPmNXZ%2BNtYi7X%2BWkUNPg3pkESDVfbGbivEYugEne1g1VmHgDueTXKQ%2F0tJAzjSuKovhhqD9o12RP79VLM%2FYC1JSr5WxF7%2BMfHINRBshkQZtXRAKsHAdOZnlrP%2F3dAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
104.21.78.103200 OK 70 kB URL HTTP/2 play.robuxtip.org/images/main.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (24637)
Hash 3c9100116601508e64c242c9b0520124
7cc3f27755e12047277c5fd8a9376e3f295f91bc
6beb8fde868fcf69cfbb3a1c85f01f80af6ac65ebe7b7f23c66fabd3df5a1a0b
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq%2BzD1x7t2PsKP5HDgOsG3WsR39RsEYOaTmBGp24ZtH2o5pggtKVhz3AFc%2FYY82QqZZ4Gq8l%2FJxwbl1Zn%2FK2r%2BBz69WBNWuEg8hAcGIFjOFMk1YtfnbjJkE4scB%2FB3PmBOMvXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a81fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Last-Modified: Thu, 22 Sep 2022 16:13:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
play.robuxtip.org/images/fancyselect.js
104.21.78.103200 OK 68 kB URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (1254)
Hash 0c91b030b15390ff4c79d6616d137c1a
207a8e180bdb7a17547fdc6353d0d9551540574e
a0510b0a1cb012547fd68732c894c90282ad0744f40e4eab8bd5700cfcec483a
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh%2FmtPDpJ%2BVPRjPArdyLAIa9mOFGslkI%2F1wZh3T9jD8Y6oM65JPWLypmDHRlfs9YsPyuSHhYWlh07yijuEVLNoeEd5uO1kVFWVuApEZ1%2B9m4qA85Fp%2BF6SSf5cANwPVB3cHYmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6ffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/sticky.js
104.21.78.103200 OK 10 kB URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (16920)
Hash 9acd98d2b7a9d28f13777319a4407f8b
51e6a503b9ee2c4d7f674d36852533bbe581425c
96acdfa6ebc5e29775eb4c132d06a846c6f8fa5962001502b875149022bb1fd7
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm4vAwBHBLRzueClCsdqB2r4A4vOPFkCWTqc1Enq6%2Fn%2Fpgq3xOflkysMzxsNN8Imm41XRnBtSdFmY6tdZ%2B%2FsOjXzTyCWqzrWHpTf61SEEGQwGhONu34t%2FHeFPrO58I%2F%2BFPBrKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a80fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/com.js
104.21.78.103200 OK 21 kB URL HTTP/2 play.robuxtip.org/images/com.js
IP 104.21.78.103:0
File type C source, Unicode text, UTF-8 text, with very long lines (15173), with no line terminators
Hash 6526919aef038ec3dbf8c2f3b1a0fae9
5bd4f50e719673f27249787272767a28e1021d0c
c8f4084544c582273ffc80373dee14238f3a25056078b0505b08516219ab9791
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ds8p72mZAulIpgGZlJ3NRJgQcNunW9qocQ%2FUSHqLm9GGIBzra3M8tjA8P07PYnuHqBnTRh%2BLGdzUccyWx1BVlySwzkcbf8pT2%2BFQa54ENotNrAEhqtXuBhkTtsruCBp2YdRolQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
104.21.78.103200 OK 71 kB URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (563)
Hash e9cd69971b25d3ac6cdad20a9091bd4c
9b3271c0e56ad91ab9371baadb179a154b291637
e70062201b19e798e18dfb8992f4260a41bbcdc3b40d47e399ba5672834bba1a
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAnARHZhhkWMKvLr7kxdm14V9UL03BJrzK5x8UpMlkN8UmolJu3i1ENppMBerqtA2iifdStJuYCiXP9R5EzLP6WEQZ4aqy%2BkdL6AhtjFTTcZ%2FeITxErlrjRipFtztfFqYF5cZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Last-Modified: Thu, 22 Sep 2022 16:13:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
play.robuxtip.org/images/validator.min.js
104.21.78.103200 OK 21 kB URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (5862)
Hash ecbf19830a6a35e30737ef9a9d89b0c8
4396f0eb78c7da371c2efdae41b6766abb53c770
676b593a9a6ecf4d9c6bc69e18b6859e59a96cbf1fc9288656928451c2fdc498
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF22d20OtsGH2YcNnuSEV1YJ2U4CKsj2EHiTm2G7pkXzBmvy1sSJVAwr86kZpVyAmYFxdUmKVl8cP7O9tKmr6%2FKcct0c%2BhVwqWohUolqfPh9G73DkoJ5KwczQf4mtnXFlJA16g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:52:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/fancyselect.css
104.21.78.103200 OK 18 kB URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (3595), with no line terminators
Hash 705c965e4b0fdf6ce9dd16dea5e9db89
762043487a6b08d4522c737e694453c9ddb42caf
bce68547df30d83fd2285759672008474611ed1ffbfc59be6f6f27831856b3ff
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8QkxdnbfLXXg5NF%2BXMw4DIPfmlE9Jr58TrOGe7VYsn3A5hklOmQBHWSkIh3ErL1UZAPW6b9JQqsUNlaYe4LXxE2laXw95CDVrrWKTNT44wYx73MjnFiQI0RGh5%2FwYH%2BZB3f9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 16 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Hash b4d67988128df8edc94186d51c0d6675
39221b29f10baa3ca54e78fb6a11abe2ba694b54
03222b607cd4b5bc94387eff517b752a294f0aad83641636d962ec063325bca1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EE5044F5CBE123FAAEC6042411582DC59A51000999035CABCFB3BFFF5EB41F3"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Thu, 22 Sep 2022 21:55:51 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:47:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 909870012
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:52:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: bc551b18-fddb-4502-8c11-b8de83d75def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwlKzF9FoAMFp_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329b578-7e030b2e0af1d1c309d2dde6;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 12:43:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dRyKwUtxiHGz_bqMMSlRKS1cDNhKm_g1ocpZLmE15k8owH789jueWA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:19:10 GMT
age: 70427
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 72271
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 8931
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 73128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 72270
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 73128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1663869177114&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=refaalesandragmailcom|template=Fastink.xml|refaalesandragmailcom=free3dmodelingsoftwareforroblox.blogspot.com|free3dmodelingsoftwareforroblox.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Ffree3dmodelingsoftwareforroblox.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:81915774&@b3:1663869177&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
158.69.248.123200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1663869177114&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=refaalesandragmailcom|template=Fastink.xml|refaalesandragmailcom=free3dmodelingsoftwareforroblox.blogspot.com|free3dmodelingsoftwareforroblox.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Ffree3dmodelingsoftwareforroblox.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:81915774&@b3:1663869177&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash 2630e381b835dae8174899fa261418b5
ec39f4642befa023bd8a1365d116fc682dffb396
6afd75dc3b2db6b7f20049e0cf595878619054382764824c90fee738dae744ff
GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1663869177114&@k0&@l1&@mRoblox%20Robux%20Generator%202022&@n0roblox-crn.js=refaalesandragmailcom|template=Fastink.xml|refaalesandragmailcom=free3dmodelingsoftwareforroblox.blogspot.com|free3dmodelingsoftwareforroblox.blogspot.com=direct|ref=direct|tags=roblox-crn.js&@ohttps%3A%2F%2Ffree3dmodelingsoftwareforroblox.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:81915774&@b3:1663869177&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:52:57 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 888247c1153f8770b880395734749107
7c27c02029eb49e726a076679be2c793da696e45
515852e0d38cdaf86bce45fa5e0df453d08ca36cf6ecfa0c4b868c2143afe333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 83c28267-4d10-476d-8b11-08b48b046985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6CGtroAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab840-1167c5285b6837d311bfe2a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xo0ilY8z0C3rDISFOM5EixEK7HAelSut4hgNNwGYAVQIfPP8C6pUCg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 04:10:05 GMT
age: 49379
etag: "7c27c02029eb49e726a076679be2c793da696e45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnsdK8oaUuu1ETzgjW0lWYBohGJpdlKHTdskHWCh1zgVkIMwjlQV2R4Lj0OQQ%2F7T0e1mr4SSOx9F90CmCz%2BWIPKu1vbaX1pO%2Fx1JmalsGFR0GFqKhyvphQLoNgipzIcMn7W4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a79fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
store-images.s-microsoft.com/image/apps.1820.66809160632408244.567a3c93-5dc4-425d-b2f7-01b99eb24d67.e9353143-e608-44e7-93f9-5d4c98965a25?mode=scale&q=90&h=720&w=1280&format=jpg
23.38.201.128200 OK 0 B URL HTTP/1.1 store-images.s-microsoft.com/image/apps.1820.66809160632408244.567a3c93-5dc4-425d-b2f7-01b99eb24d67.e9353143-e608-44e7-93f9-5d4c98965a25?mode=scale&q=90&h=720&w=1280&format=jpg
IP 23.38.201.128:0
GET /image/apps.1820.66809160632408244.567a3c93-5dc4-425d-b2f7-01b99eb24d67.e9353143-e608-44e7-93f9-5d4c98965a25?mode=scale&q=90&h=720&w=1280&format=jpg HTTP/1.1
Host: store-images.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=7776000, s-maxage=7776000
Content-Type: image/jpeg
Last-Modified: Tue, 21 Apr 2020 22:44:16 GMT
Accept-Ranges: none
ETag: W/"AEDwBU86LATbIK+qI5Lf7nGvvvPiRdQgMHg4RDdFNjQ1ODU5NDIxOEI"
MS-CV: bs9QVxr5OUakCXTB.0
Access-Control-Expose-Headers: MS-CV
Content-Length: 145628
Date: Thu, 22 Sep 2022 17:52:56 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
play.robuxtip.org/images/bootstrap.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 104.21.78.103:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Idj2iNI4iCdv%2FX2BQlZEh%2FVn7MPw5HyK%2BXv2tlmmRd%2BV7G26EaSe%2FLA5f6fOX1n3nOxvBD3JOUsstBNEXmGylpHXdRxzhk2vJ%2BaYAPHWiYD6SeA35NE0rXgOrUfkwRg1qFkwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a51fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/custom-css.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 104.21.78.103:0
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeKZltk9ab6Sqo3Yp2vOSN3KwDWxND%2BLOnkM8N0v9Ln1qLHoTN0YD4STjVNa3Tf5qvHK6Fwf7afmtZg43UUxakt8lblLYvl7a8aA%2F4LsRgxbfAVI0Y6qXkeaze0pB13H2Qy7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/style.css
IP 104.21.78.103:0
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPRcZUr%2Fa64W2J%2BZhvXR538iqiWK4cnkh6gm8A2TVOjGXtBNKo0otaT1POzgjp0tHB9v24HV%2FxmMA4yJKAw5Mu1sOrKkukTfzZMj7S2SznemSUj8ariobhJ8slpq09ZWz37XrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a5cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/animate.css
IP 104.21.78.103:0
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQqwTgz4ZKAZUDRvZ%2FixTRQuOFm%2F6O1XzjYHfU%2BAneyTrEAHwh%2FnWbVmENpliRfrShmdYsC%2BBBsAGm50cgsU%2FmVTC4Qj%2FE2OaCuflnt2xcVyvMLqDf10OZadAB91VXgyi6XjTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a54fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.countto.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbnB%2BozQA6Xo0xy0dIto3qLT5EdP8slNff92moMdGegO9Cplt1eu0q4fp6CRZwOIgwHOUr73taI4h4k9BrrRyWV5YfV1Qx7t%2F0mLyA%2BruF2xCFw8MrcmK8kQn9v70%2B827iqLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a78fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.78.103:0
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcW2HUEscnMCn0Zqzzb1ubP7Xx7y0llQELOz%2BZWwu0AqfA9Fnt1zrK15ScyxRNPYcXtnsUnPtBeDYqQOYv6mCoPYxT5eFB%2FnxHkogbpTrFRiXCP4xvudE%2FDu9LmPSFb3ToUkUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a4cfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 104.21.78.103:0
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIzctkvsZF%2BpxcxelgNAbKgtM09sUGhVtZ2O1oGigz3yLKIAwvK3mS8G7dQLQc79Eb2I%2BKS%2F8422DYz8%2B23powIFvlMBI7wC6xEQzCxq%2Buh0Jc49SLEi3FWJ4zANSsoXO5zXgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b55a4efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/sweetalert2.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 104.21.78.103:0
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBnAqibTkG2QmOB8HJwuw6vDBPZoh%2BvVRYHc2mAlUt%2BKt%2FM6irZALxHU51mNqNuC3bRufT%2FukG1gqhKXXl2fBr%2FRUzbwITD4QrAo57BP0ijCB565%2F3cF5CwMqxj0gox0q%2B73kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a55fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/form-scripts.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emgLU533PqyMLGPp88xM4BNe7P2Wu10CpxsqAvel%2FPpVtzUfsJVFkRmaCd%2FOm4z5igGDbyKuO2bLcZ9qESLfB91RDISkldCcdtLEc%2BDmf8vzdXgWVkQl5yM8zZNMoVYekU%2Bo4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b58a7dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 37055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=493oOEZDz8wmUROPN%2BDOLlMtf3wtum3xHDleFumMa0d95%2BxeRhkpt2ebwx0bIvJ%2FskFklixYbc5xB0eyOkDDeJZrSMx5DmnABXl3of2Rs%2BxR%2F%2Fpd2qZlhTtHAx0RQIrazvwkmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b50a1afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/magnific-popup.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 104.21.78.103:0
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8d%2FPxpaSajbuZA9JEYh4n3uMFK2GjKs80%2B5xDfO6RFGu25hcpHQcjgp8bmhlfr5wqiZQcL%2BPf23DJGlyqOsSQtVEpncRy%2FVn5kbay4EzXzuvOQXsGgwvwcH9jf7cLvBSu65iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b56a56fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mtevor.com/cluster-v2/roblox-crn.js
172.96.187.226200 OK 0 B URL HTTP/2 mtevor.com/cluster-v2/roblox-crn.js
IP 172.96.187.226:0
GET /cluster-v2/roblox-crn.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free3dmodelingsoftwareforroblox.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 17:52:56 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtY3JuLmpzIiwicmVmYWFsZXNhbmRyYWdtYWlsY29tIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsInJlZmFhbGVzYW5kcmFnbWFpbGNvbSIsImZyZWUzZG1vZGVsaW5nc29mdHdhcmVmb3Jyb2Jsb3guYmxvZ3Nwb3QuY29tIiwiZnJlZTNkbW9kZWxpbmdzb2Z0d2FyZWZvcnJvYmxveC5ibG9nc3BvdC5jb20iLCJkaXJlY3QiLCJyZWYiLCJkaXJlY3QiLCJ0YWdzIiwicm9ibG94LWNybi5qcyJd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:52:57 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 466569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ex%2BC5xen0bJvMjrC924hVVymr02HnfeDYVfft85tdod4iDkJ5QkqZK3GQ%2F2GaHL5fnNczv78CDf8ogZOqmZ4KwgWgi7nS01fgy6j88e7e2IVOsG6zDFbOeY5Yw%2FkBs3%2FpT9%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ece5b57a6dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2