bluemoonfe2.blogspot.com.co/
142.250.74.161302 Moved Temporarily 180 B URL HTTP/1.1 bluemoonfe2.blogspot.com.co/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 02dd9324fc7c664a6287c12a2df7d2a3
6ff041971bf845d4dc87737d9d0a11e4f80b164c
28b1315a55f7183b21727b5feadc51ef421b15e51ab42bfb4988e3ee94356c6d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bluemoonfe2.blogspot.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://bluemoonfe2.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 23 Sep 2022 04:51:48 GMT
Expires: Fri, 23 Sep 2022 04:51:48 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 180
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12146
Expires: Fri, 23 Sep 2022 08:14:14 GMT
Date: Fri, 23 Sep 2022 04:51:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 04:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v1uJs9o_SvxrsO24pY-gI8TU4VJiRl-rO5dHIj_czAEM1ygE6YYnew==
Age: 2261
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WNsTWTIWgcPY4EL7qxcNqHqhjMkxn2vfUC3EJvFDf9R6CfgoTOwjHw==
age: 994
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 04:51:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 04:03:22 GMT
Expires: Fri, 23 Sep 2022 04:23:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GTt0RVVT4t3YVuqiXvUeebBgj8OudBsosdmEULGXiCRN6xmYbyynrQ==
Age: 2906
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Last-Modified: Fri, 23 Sep 2022 03:47:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
bluemoonfe2.blogspot.com/
142.250.74.161301 Moved Permanently 179 B URL HTTP/1.1 bluemoonfe2.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash eaec8f1a66bb57725f85ccbfe8f9814b
25b7a8a097a5c98862925d19b08e405a4176458f
84c1f5e21e6ae682d11aa9b6bf02f472c3e2b0161d2e6feb70b007ed078d8de8
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bluemoonfe2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://bluemoonfe2.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 23 Sep 2022 04:51:49 GMT
Expires: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 179
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 26Oydh6syErMH0/JHEU+Kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1/z2k2gVanZj11Kl4jBHNltlIeo=
bluemoonfe2.blogspot.com/
142.250.74.161200 OK 16 kB URL HTTP/2 bluemoonfe2.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14233)
Hash c3ee7dac9ed21e76202283d8a3a6934f
505d450ee386b2532caa74fdf57e1b6f0ca7c7cc
a371f1b43cf12c371a912a2c746cf8fba56a9f75531298e27c4bc651f2f32fdb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bluemoonfe2.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 23 Sep 2022 04:51:49 GMT
date: Fri, 23 Sep 2022 04:51:49 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 04:04:09 GMT
etag: W/"4e9dd1472c9f37fa67a21c812d34f90fa71c624b0a3488b82b560a0447ffd2fc"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16543
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 017b35db8b7a44fb09d592e4f01e6221
52b62eda95cb2dc0fd4bb767f336dbeb0755071d
cf55ac8ca259aaa5113a2eb7bfdedc82cee487381dfe970f258503b55a996ffe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 019f7c4c2ce85bb927188cbdb5d73421
045626d138e9268bda2e766df82b8b4e4b81a86e
bd18100a186383ab79cba8b3550e5ce2f8cbb1f2c4612dd813dd6dea6b44c197
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/GDDEl7lKYoc/maxresdefault.jpg
142.250.74.118200 OK 128 kB URL HTTP/2 i.ytimg.com/vi/GDDEl7lKYoc/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 128 kB (128019 bytes)
Hash df1b52b736bfc5f007cc6d514068cb4f
57aa485b85684da3795589814ae87815a86c5dab
a7bb371ab30a1de308e27a440ad962a1063e85684b9cd709a465614c33804fb6
GET /vi/GDDEl7lKYoc/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 128019
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 04:51:49 GMT
expires: Fri, 23 Sep 2022 06:51:49 GMT
cache-control: public, max-age=7200
etag: "1592859925"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 41d3f1f320907412a924512928e18392
31d4df47177dc8fe0a5c70fe749869b6da5e1f0a
534de84503ef5fd9c3c8b45b9fbcd56a892b38608fc8d980eb0d3ffe288d8ae2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4709
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Last-Modified: Fri, 23 Sep 2022 03:33:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
i.ytimg.com/vi/d8hI-fpxN0Q/maxresdefault.jpg
142.250.74.118200 OK 128 kB URL HTTP/2 i.ytimg.com/vi/d8hI-fpxN0Q/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 128 kB (128152 bytes)
Hash 45f2c1a41dc3e3473ec7e3b52448b2be
b48cb2a66a28d4877322e773a36d909ad99b4edc
313435afc40b79c7891e5a8a26b6319974860884538c0211473c3c9f04d58db7
GET /vi/d8hI-fpxN0Q/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 128152
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 04:51:49 GMT
expires: Fri, 23 Sep 2022 06:51:49 GMT
cache-control: public, max-age=7200
etag: "1518040260"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 181816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2vvyL7NwCBiMYR_ClKTnXlCT7-SNJHTJnFu1CiSqc4cvo3wMShas-sHFg_nLyXyE_Cee3nktYdcObavm8GifihhTJgs-cB5ORIL-vCN3qoAHDKXjxXUche4Ugmln6Wl6L5zRttRBk4aAzty3RJb7X5O3aahltCKkn3WN3tNeJta2mg7ZMEU47pFnaG10dG=s0-d
142.250.74.33200 OK 71 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2vvyL7NwCBiMYR_ClKTnXlCT7-SNJHTJnFu1CiSqc4cvo3wMShas-sHFg_nLyXyE_Cee3nktYdcObavm8GifihhTJgs-cB5ORIL-vCN3qoAHDKXjxXUche4Ugmln6Wl6L5zRttRBk4aAzty3RJb7X5O3aahltCKkn3WN3tNeJta2mg7ZMEU47pFnaG10dG=s0-d
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 392x696, components 3\012- data
Hash eacbee6f8aed2838319c297a716e6b9e
82fe016e78e68097e04e7afb49added831c2babf
7b3f1b62c164ae9d0a63cbf53a6da094e69629c3253b080c604b7710934ee17d
GET /blogger_img_proxy/ANbyha2vvyL7NwCBiMYR_ClKTnXlCT7-SNJHTJnFu1CiSqc4cvo3wMShas-sHFg_nLyXyE_Cee3nktYdcObavm8GifihhTJgs-cB5ORIL-vCN3qoAHDKXjxXUche4Ugmln6Wl6L5zRttRBk4aAzty3RJb7X5O3aahltCKkn3WN3tNeJta2mg7ZMEU47pFnaG10dG=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 24 Sep 2022 04:51:49 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 04:51:49 GMT
server: fife
content-length: 70981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vignette.wikia.nocookie.net/thefutureofeuropes/images/b/bb/MSCXLI.png/revision/latest/scale-to-width-down/340?cb=20190204213757
74.120.188.194200 OK 13 kB URL HTTP/2 vignette.wikia.nocookie.net/thefutureofeuropes/images/b/bb/MSCXLI.png/revision/latest/scale-to-width-down/340?cb=20190204213757
IP 74.120.188.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 343dc20309f6adb32d5e93b5d2db4279
4f63fe263700adeea8afb36fa869c52b92e0e128
832fcf84f70f7aba69c0145e9d64cffe017b4d68c8ff8a99d1eac0f945f46f58
GET /thefutureofeuropes/images/b/bb/MSCXLI.png/revision/latest/scale-to-width-down/340?cb=20190204213757 HTTP/1.1
Host: vignette.wikia.nocookie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 23:20:06 GMT
surrogate-key: e307cff65b4a5c1c306ee0e71786f8899aebdcaa wiki-thefutureofeuropes thumblr scale-to-width-down
content-disposition: inline; filename="MSCXLI.webp"; filename*=UTF-8''MSCXLI.webp
content-type: image/webp
etag: CKTJ4N6p+fYCEAE=
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
cache-control: public, max-age=31536000
content-length: 13296
x-envoy-upstream-service-time: 132
server: envoy
timing-allow-origin: *
accept-ranges: bytes
x-cacheable: YES - FORCED
age: 365503
vary: Accept
x-cache: ORIGIN, HIT, MISS
x-served-by: thumblr-576798996c-bsq8f, wk-cdn-f6, wk-cdn-f5
x-cache-hits: ORIGIN, 16, 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 017b35db8b7a44fb09d592e4f01e6221
52b62eda95cb2dc0fd4bb767f336dbeb0755071d
cf55ac8ca259aaa5113a2eb7bfdedc82cee487381dfe970f258503b55a996ffe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 019f7c4c2ce85bb927188cbdb5d73421
045626d138e9268bda2e766df82b8b4e4b81a86e
bd18100a186383ab79cba8b3550e5ce2f8cbb1f2c4612dd813dd6dea6b44c197
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mtevor.com/cluster-v2/roblox-abx.js
172.96.187.226200 OK 3.8 kB URL HTTP/2 mtevor.com/cluster-v2/roblox-abx.js
IP 172.96.187.226:0
File type ASCII text, with very long lines (4802), with CRLF line terminators
Hash 75fb8ae6e3f07fa6bd9fbecf573df975
a07da30c6eb84c1dfc2c0fe3ceaabd268cad4cf9
8552939da1d8e38c41040d60aa4bf276ae9444d75b55291da78c585ff6794b67
GET /cluster-v2/roblox-abx.js HTTP/1.1
Host: mtevor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-length: 3796
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 04:51:50 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 59e1b3205a191e4a17eed940f697b68c
120ed30d036009459ebdae63f0310c3c202f902f
562c76b26e84c72eac17ae60efd4156e35d003d1375605d3b4e6361b9d7cd7c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5450
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:50 GMT
Last-Modified: Fri, 23 Sep 2022 03:21:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1EpVtZKsCXY
IP 142.250.74.3:0
Hash 31783719c018d63ac942fd965cd94f4a
5ca4a26e97e431360c70e569c5aec13b062cd16f
65a83a25835a9ce7f4a5e5fadfedede25f027a7cc263db8d1746ee9a255df192
POST /s/gts1p5/1EpVtZKsCXY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/gamebaglogo.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/gamebaglogo.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/gamebaglogo.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQr3a%2F4%2BXLRCjLd83oscoh7%2B4hbb98sWdpyRNCenSlC958KUR%2Bv05HiaWamAC1qqxjuo3i6GkzJr2KD5Ds6qJdLbxd0reFd68B85eVetOZIIO1mm9ATDv410%2BM5PFtcU7mg2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f361c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/header.png
104.21.78.103200 OK 131 kB URL HTTP/2 play.robuxtip.org/images/header.png
IP 104.21.78.103:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /images/header.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: image/png
content-length: 131285
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-200d5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEEiqRfSiy0k9QMUMBtaLyU6y1ArCs8jGxpL48ovYBswIM4PdJx2dhcFPYaaat9lGeOaAF5ESdDxDaqHCjPhSFphqCcgwznIpCgK61%2BLHYypOTAVFixqFN95kcnXgGl0E3oR0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f371c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/ft-1.png
104.21.78.103200 OK 3.3 kB URL HTTP/2 play.robuxtip.org/images/ft-1.png
IP 104.21.78.103:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /images/ft-1.png HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: image/png
content-length: 3340
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: "5d9ca488-d0c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDaZ9k%2BJ7ludHdS0bid5OO8o4wtkotAtdZnQ%2BXFNHohSI8Gs%2FNQaxK7loN0cKRa1r4S7NsovRoJeK4NocTSI0yVhHRAsGHV3hPw9%2FrZyljqiaoSLFeNumNrPCLMSFUToxef0NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f391c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9350080
expires: Wed, 13 Sep 2023 04:51:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2B6xBngAAj%2F92rXyVSWZ9xn%2Fxp%2BeT5v63Nd%2FLFoTSIckAARxghukf5Rq4Y%2B%2BzQbd%2F9eyZLxWJLvTfliaHMc%2FJGyaCQFxaIkGIs%2BmOzhtcSMVe2cSmE6juFezH1qqCd8nzMplYqQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f0aae08941b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
151.101.85.229200 OK 2.1 kB URL HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (4802)
Hash 18914b05d782cca37716837edf14fa8a
c563d127cf718dd86389fdd007b4c51b6bb58dc3
4bded663a5f9ccaa1eb7c1692c1c7df756a7d0e037d19466979fb90c56fbefdf
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 04:51:50 GMT
age: 5101489
x-served-by: cache-fra19165-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2068
X-Firefox-Spdy: h2
play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
104.21.78.103200 OK 4.4 kB URL HTTP/2 play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
IP 104.21.78.103:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash c50b77a5488e087dbd54b6737f63b6ea
e8127d6c0024fc98cf05225e7aa0ec7b3a1b1de7
c3e1521e62c1e84aea69591f01768d3b607e17770d88ee9551ac36b00a6c6c53
Analyzer Verdict Alert fortinet Phishing
GET /index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bluemoonfe2.blogspot.com/
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/html
last-modified: Mon, 27 Jun 2022 12:44:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36966
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX3F8FQlpM%2F26zCyadC8s37M8V9wYtdQcM4jbUZD%2Fi6T07BZ6hLbcd8e4PDkz0GryjuKOrWS0fgVV%2Frzl44gx0lWj6ltEtpWxBL09Vn1iDBSVfzTmjdq9qx29lHwDa%2FQItJtBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aadffefb1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e57ba31019cf1b5c17c5461759f6dfcb
99375eac4e841a2c7090cce1396d27fee26242e6
7c95645de144ee2cfe373ee31bbca9e9591de89fb873e19087eb6f8f33519250
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 04:51:50 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DC89D180E3734F1D79C5D18C622BFE95EDF03072"
Expires: Fri, 23 Sep 2022 16:00:00 GMT
Last-Modified: Fri, 23 Sep 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 147
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0aae0da92b521-OSL
play.robuxtip.org/images/sticky.js
104.21.78.103200 OK 848 kB URL HTTP/2 play.robuxtip.org/images/sticky.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (16920)
Size 848 kB (847936 bytes)
Hash e5b414fdc0aa4f98119417174b8717b5
2548a9667697f804f90efeb9b65ccb9e406bf565
ab72fffbc5050479649369d440cc0e09b8a5f65b598b1d175121ae4125462661
Analyzer Verdict Alert fortinet Phishing
GET /images/sticky.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
etag: W/"5d9ca488-516d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YayTLGwvMM07QO0wXPoa7Pa9Dq6KCkOVGOtA0I2KUjXhAQxNSqiun1UgAMfI1pwf924HH2xT5vWzOcPD3YsOLWt8I9%2FwMH0FXrcH3t9KMjVIb5yGHOzfctucTGZJI7F3SBdzpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f4d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.css
104.21.78.103200 OK 56 kB URL HTTP/2 play.robuxtip.org/images/fancyselect.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (3595), with no line terminators
Hash 9d4964dff8863b1f0bba578c1cb3df1a
1ebe3aae38fd61b0c50194b0ecb15a5400d6c9a4
d7273181bc049bf471b1e99ed08019dd1f04de5371e3a33026f44b457b816ea6
GET /images/fancyselect.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
etag: W/"5d9ca488-109d"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITmm96UyWf4Rm9gTUPVlOlkfUpggHmyScn2kqTZJ8d6uSKMzTjhBxMoObkGLfRKX13oxR8Q459Vjnzse1MxurU4nTvR%2FaoSy0zfRYqpKrUkNzdpu1CHBeIFBWB4lu4nkyi6TNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f321c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:50 GMT
Last-Modified: Fri, 23 Sep 2022 04:20:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.robuxtip.org/images/sweetalert2.min.js
104.21.78.103200 OK 7.1 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (20305), with no line terminators
Hash 80f160a08a16db23834697a0e45a4f3b
181b9f55a0a274282ea38f0d8a55c8b51ebe51ed
75cd088e82b2bc022051a18f0fedf1b323a5ad3080d5bb46e03576dac25062dd
Analyzer Verdict Alert fortinet Phishing
GET /images/sweetalert2.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-4f51"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKDwqg%2Bq5mcL602xEdzU84utqVgL5YZSen9I8HTjUcrm0PsxVU0UKP26dP%2FJxyUhFR7N9bjkFOAepL2iiY01QBBDCaC7%2Bst%2BIpbttuovXeYZQS%2B7KH%2FPoQg0yjIa685%2B8G6S6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f461c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 07:07:48 GMT
expires: Thu, 21 Sep 2023 07:07:48 GMT
cache-control: public, max-age=31536000
age: 164642
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.robuxtip.org/images/main.js
104.21.78.103200 OK 82 kB URL HTTP/2 play.robuxtip.org/images/main.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (24637)
Hash 09fe5090ee17473d8de93bdcc0119c5e
d6ef3faefc554117bb872f8872399b72f3d43c02
884e686b1e4fb0b0f1a057152d5a186984b504c94b6c60aec6d262bc6c06b3cf
Analyzer Verdict Alert fortinet Phishing
GET /images/main.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
etag: W/"5d9ca488-9633"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9290x0RfKz4LvPao%2F65KJwnP9Hf6l7WLkS%2BJueUYAkZPaZ2Cm%2FNQ6i2x3WOirZyq7Xd3o1TlDpQWMag4t7vV9GGhLbEQ1A%2BuacpaiFunvkTQ1ZR%2BxM2FQvQ%2BixEbtlCMoNPhFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f4e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/style.css
104.21.78.103200 OK 8.0 kB URL HTTP/2 play.robuxtip.org/images/style.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (40387), with no line terminators
Hash 1a81f82ac924f903401f42e5213b1f6f
a844f1b985333ee076d71f593b64706dce5334d1
efe774b32d51330e080a206ff9614589e8a11ff5f9ba25b7c4b704f3904f06c5
GET /images/style.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
etag: W/"5d9ca488-c697"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Unx5tNwF8024v9MW%2BF5TL52OC7Z1IwZN4GRCLUncnsNtennlNJR%2Bao%2BGZ7Mn%2FsNF42VGUTYoBkgadF22bu4fD9g2nzW%2FYH9rva54SP88uYl7LqgRG7m%2BzFtuc%2FvYRTPZKX93Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f331c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:43:27 GMT
expires: Thu, 21 Sep 2023 11:43:27 GMT
cache-control: public, max-age=31536000
age: 148103
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.robuxtip.org
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 11:58:11 GMT
expires: Thu, 21 Sep 2023 11:58:11 GMT
cache-control: public, max-age=31536000
age: 147219
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
play.robuxtip.org/images/custom-css.css
104.21.78.103200 OK 11 kB URL HTTP/2 play.robuxtip.org/images/custom-css.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (1606), with no line terminators
Hash c09c39d94a03cc36714626df7017ca0c
178e86f101381990d1e1157e4812f25e47bcf851
a828cb9255024db90c38f134a88afa74b280e29502b53eb4a6b635647ed73894
GET /images/custom-css.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
etag: W/"5d9ca488-6fe"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUobzW4rlIC8dZWfDLMGJrhmzNb5cf2R0iYqIfb8nslcl8gT53XMvPr%2Bu50dobKRmI96t1H%2B2vaAdOPRz4HH%2FDR8X8F2hLrlzoz5c3tSFI68B16wFQpaSjXKDrx2zMPV1livJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f341c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2644bb64610b60b23b7dff21736f7b4d
e95d1909750d36a9e426c170778985310cbfc4e4
e668fe1815310914cee8c5853fbcb3d0e48f6f0f8c2d07f7463e627f97153212
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5533
x-amzn-requestid: af64386b-45ae-47bb-a6fd-f80e306495df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkMGVEIAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e1a-7e417f28422324ed2ddc85da;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fyCuR7eISu5Of0AcZBH5FOtHKRe-Nepnt52kqZtQm0tj1L7lAtGc8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:45:46 GMT
age: 3964
etag: "e95d1909750d36a9e426c170778985310cbfc4e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 04:51:50 GMT
Last-Modified: Fri, 23 Sep 2022 04:20:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
play.robuxtip.org/images/sweetalert2.min.css
104.21.78.103200 OK 13 kB URL HTTP/2 play.robuxtip.org/images/sweetalert2.min.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (13988), with no line terminators
Hash 56a623d2e62ea73255cb10039ca9fdd2
9739c1bbe6e2129408e369e80f4305a43474b805
7841a382124c56a07eb46274a1670248fec41934cbf43b858b38ab71b9a118c7
GET /images/sweetalert2.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-36a4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtnGIb8Dhh8U7PJv0EhMZ4ZbdneLZqXXvtmnHbAaNdk6jJb%2BbEjfp66G8ahC61zSKpffjA8nK%2B4M1UZmZ7ZJ9CiviLGSowdei5MzBehW2xk5mSx1nPTzh5394I1JKpy%2Fof0hag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f2e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc638445c-ca62-4366-ae6c-013d448cb1b2.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc638445c-ca62-4366-ae6c-013d448cb1b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98ac8db095e393fc3c6c19d331f75848
70d8758a0eb4bcad5c1973a2cce14e5dbd194f9c
bd56f4a74b8b4c538edb665ab3066c3e8c0445f9d37f2eed8022e8be2034d67a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc638445c-ca62-4366-ae6c-013d448cb1b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9082
x-amzn-requestid: a65fdf4b-7cff-4e93-bdd6-5d5b8cee92ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfWGrF_BIAMFxXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322d090-141af6ee47817f451ba481b1;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tf1nRx-_7X7yt5g61AHzoFFbru5BJj3POepcsMYhO4HzkjSPDd6vew==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:32 GMT
age: 24258
etag: "70d8758a0eb4bcad5c1973a2cce14e5dbd194f9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.countto.js
104.21.78.103200 OK 6.8 kB URL HTTP/2 play.robuxtip.org/images/jquery.countto.js
IP 104.21.78.103:0
File type ASCII text, with very long lines (1043)
Hash 23270b239f71035f4e6b5477394fde8b
80e4934fd9de2bbf4c6f9fe08c615b3a8bcdb220
186df3b1119d129ed7785a66155c9bf568e8400e2c7d0a155bee7098b2f07663
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.countto.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
etag: W/"5d9ca488-eb1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtQiPGA94HXKu%2BwTp4EIi13sfXys2rYOAVcJyioIB65FCzGylvcGV%2BkhtKo7le1hdijmTtmftgDRWzN6cpAA6HjkL6Qlyw2gYV7XKVNLHIwcjM4UncZ28YxqBj1Tbww6%2BkCJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f441c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 25408
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/animate.css
104.21.78.103200 OK 4.4 kB URL HTTP/2 play.robuxtip.org/images/animate.css
IP 104.21.78.103:0
File type ASCII text, with very long lines (53418)
Hash 936ad17825734a850746963b6d094033
440fa995f8ecbf6186d838dbc55c85f3c21d8381
5a35daf4a3931798f7e0baf24b940bf3acce8af406eef0d48ffe787e11234122
GET /images/animate.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
etag: W/"5d9ca488-10cbc"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu60MvMdK%2FoRNRYzJ%2B1EK52xqD3oRg9Scsa5J5307Pm6R%2FBwVaWS1SL30PYss89R2nq24TZTfUhiew%2BfxQ832Xl2DKOHQzFPb%2F98%2F1%2BygOv05qM%2FpFVt06dsTjFJVnzKV6v2zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f2d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 337bc17ad3f42a6fc2fb0b6ea8d66bb8
f1f1ca2528ade1334727ed3f212ad8e16ff5dd79
51712ea54a8a2ee6abc9f0abb941624add01797762f95a83ee8701804628f8da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51712EA54A8A2EE6ABC9F0ABB941624ADD01797762F95A83EE8701804628F8DA"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4987
Expires: Fri, 23 Sep 2022 06:14:57 GMT
Date: Fri, 23 Sep 2022 04:51:50 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:47:12 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 990516552
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i2&@j1663908710291&@k7016527&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-abx.js=hildameti|template=Fastink.xml|hildameti=bluemoonfe2.blogspot.com|bluemoonfe2.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fbluemoonfe2.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-109709749&@b3:1663908710&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0&@w
158.69.248.123200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i2&@j1663908710291&@k7016527&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-abx.js=hildameti|template=Fastink.xml|hildameti=bluemoonfe2.blogspot.com|bluemoonfe2.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fbluemoonfe2.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-109709749&@b3:1663908710&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0&@w
IP 158.69.248.123:0
File type ASCII text, with no line terminators
Hash c4e4aac4fe90a490659c99eb5bf197d1
c818336828d21fabd8d6b6c1aa1772b2cdaa564f
d2b5131794f92879d3e051a3fea4a2ce7913671ad77d47d99df218aec0631eba
GET /stats/0.php?4275781&@f16&@g1&@h1&@i2&@j1663908710291&@k7016527&@l2&@mRoblox%20Robux%20Generator%202022&@n0roblox-abx.js=hildameti|template=Fastink.xml|hildameti=bluemoonfe2.blogspot.com|bluemoonfe2.blogspot.com=direct|ref=direct|tags=roblox-abx.js&@ohttps%3A%2F%2Fbluemoonfe2.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-109709749&@b3:1663908710&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplay.robuxtip.org%2Findex.html%3Ftrack%3DWyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 04:51:51 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b577444b5b0cf15747fe28a9d7f22d53
e6097275af3204124c48aa0d876eba0d18b26e7e
0f57e130b23b87fa4e1f9c2a2beff54f1ca73d87a244442558209e378befef11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 6f7b073e-f199-4bfa-8f9c-6688dbfba15a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn7p7GyRIAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263fd8-566d8b3c1c25e3fa36259812;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:44:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: n4w6--Eta_zedQ8EOarLoCGZavQpadMCZnXlhGmQf4vgHZxyBKtRgw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 24006
etag: "e6097275af3204124c48aa0d876eba0d18b26e7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play.robuxtip.org/images/bootstrap.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/bootstrap.min.css
IP 104.21.78.103:0
GET /images/bootstrap.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-1d990"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwZnj9rPADkCXJNSeyMPfs85x3XHa8ESSw66oQ2A3VAojLSXNdoNtHcNWcUdsSO7zKRSayk1Ky2TSQ7PVE5BC4OEmHyjhN5wyzEx4qaVYTtiius9KJlzuZpq07LxwpIcEaUZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f2a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/magnific-popup.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/magnific-popup.css
IP 104.21.78.103:0
GET /images/magnific-popup.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
etag: W/"5d9ca488-1f0a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NG0n9A201%2BvzZcxAsFusrUV1VUkmsVjPnYIOVBtruf1MlnuDlCFQ3DRsZqDlB49x%2FRt5JKXQ4vleWMRJVrQeHX4v9Qi8PCYIbLK955x7fY24a1BExKCJpCqcgpUlJqyI%2BeWa0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f311c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-3.2.1.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-3.2.1.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-3.2.1.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
etag: W/"5d9ca488-41707"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARcZGvQ7Vo%2B7AuMRav5puB4favSuB1Du%2FOTNF68yPcWn3h4O%2FimsSLcVFk%2BP3wW%2BFisog97zYSIU8XpQyUGuLFRAl9CeAR8aVVNpVOPgAmyr5%2BDAhpd1EMd1P8rzjfrX59bTqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f3a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/com.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/com.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/com.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
etag: W/"5d9ca488-462b"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sNYPsvhyFjs7yLodsnxBIiK1OPi1mKeijEHQ5I65I5arn5m%2FkQLhtu9a%2FwHO0Vf5ABDw%2FH6wBSXXgzZ4LePppyb6aRR5ilwOjkdjLHcgkZQEz74sg4ksH%2Fl0HRAQthW1Ixhzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f481c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/form-scripts.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/form-scripts.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/form-scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
etag: W/"5d9ca488-5bd"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PttgQ9sWtlq%2F8JAnoBln3sWq9eaXW72PZAo45vPMBK8q0O1TzFCA99WOsRah53cI4ZisXKtyoLibKjT4iaOy9fJP1NNryor9vS3DPjgpDjPBH2u3gT6mB9yd3AuIZ90TCEwPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f4a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery.magnific-popup.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery.magnific-popup.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery.magnific-popup.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-5297"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG8yemd%2FpVkD68rLbpeqM4wr%2B%2BUHhyEx3zmwB5Azb4xWaNNRobGwlDq2MbwjE0I0c%2FYnxsYhW%2BBavH3BaOrR8TcNqG9EXuJTrY4VhFVDd4usjkAEI%2FGyJt0Ouhjt90X8mS9G6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f4b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.78.103:0
GET /images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
etag: W/"5d9ca488-305"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk5JTqZI5JAoNP3lKys1YHlU2Pl3SoJ9UN8PXp7065naoQkv47h%2B%2F%2F1P2O0O0t9%2BWJb1GVHUMd8Dt8hujE4tm9Bc1%2FpRXpeZZ3R1yBWfl24SJQNoMzmvxNP1Ow1PfxjqFER3OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f241c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/jquery-ui.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/jquery-ui.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/jquery-ui.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-30da8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x94L8q5RtfLGmS%2FhYSxL5G16soSv4LTM30NX%2FYEhzO66seUnEWg6InjZEcAHxm1rbi5DsX4EQglaRUKLYvHWdCPzG2nM54l7h7RyFEUX1tF1liWt3gHu9dchf50%2FAWi7fmMd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f3c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/scripts.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/scripts.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/scripts.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
etag: W/"5d9ca488-e1"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 19702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSAjmlFmTWnRdRa4R9EoK9QEy%2Faji5KGa80Muf%2Fc2A4f5TDWsqllxyVx5tHnw9W9Yg6ZJnHRkhqAKovS3jyDm8aGkTdKtdK17%2BtY6YTJRC0VlDhKlmZ4W2PtvOJPKC6%2F5MXJvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f4f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/font-awesome.min.css
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/font-awesome.min.css
IP 104.21.78.103:0
GET /images/font-awesome.min.css HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-6c3d"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eezBP%2FWCbhXM6H33QSONR713AWfkTAPqm2o8dL99FneZ3ZsAkn5nFkuYoVroHAwcWcFfaacZCQqIO6%2F%2BLRif4%2BTBP80I7CbrQDii2ESSKi9Jmi%2FtkjbWVamLYvOct8J3g3EYeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae05f271c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/fancyselect.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/fancyselect.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/fancyselect.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
etag: W/"5d9ca488-1a7a"
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdKkEs0AeZe7UHWJwoxO22tWTfh2rN44YLPVlWxMBbm2SaC%2ByM34k3LSCQIWEoXxOoe6yBHaxPL8VKw6vwxMgGv4iFDCwVInSQCEVbOReikOI7KECaw9yI7CZmJUfKll0ZATvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae06f3d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
play.robuxtip.org/images/validator.min.js
104.21.78.103200 OK 0 B URL HTTP/2 play.robuxtip.org/images/validator.min.js
IP 104.21.78.103:0
Analyzer Verdict Alert fortinet Phishing
GET /images/validator.min.js HTTP/1.1
Host: play.robuxtip.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.robuxtip.org/index.html?track=WyJyb2Jsb3gtYWJ4LmpzIiwiaGlsZGFtZXRpIiwidGVtcGxhdGUiLCJGYXN0aW5rLnhtbCIsImhpbGRhbWV0aSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImJsdWVtb29uZmUyLmJsb2dzcG90LmNvbSIsImRpcmVjdCIsInJlZiIsImRpcmVjdCIsInRhZ3MiLCJyb2Jsb3gtYWJ4LmpzIl0
Cookie: HstCfa4275781=1663901693764; HstCla4275781=1663901693764; HstCmu4275781=1663901693764; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Fmydropletsrobloxwiki.blogspot.com%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 04:51:50 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2019 15:00:24 GMT
etag: W/"5d9ca488-17a7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 506102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FNtSYc3X96p6hdscOzvExGdzqB%2FhvypIy7qxAd6VebPTCZeRw%2Ftt1s9Un%2F9j61%2FcM7ziyIh%2FmCseB%2FqIIeyRcVxcd3L%2FoMAGB0E1N2OzNl34WwyLVS55nv2Mfv%2BJPkFup2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f0aae07f471c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2