robloxdungeonquestep1.blogspot.kr/
216.58.207.193 185 B URL robloxdungeonquestep1.blogspot.kr/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f153cc1ecb435c6945c228c24937374e
435a7d0c19ec7a99d11249ab5b8366ab1738f7b0
c367ff424e5056f60702cf0c34a59f52e77f9c07554d8f5075853499c79e2bc7
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxdungeonquestep1.blogspot.kr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Location: http://robloxdungeonquestep1.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 17:37:17 GMT
Expires: Sat, 15 Apr 2023 17:37:17 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE
robloxdungeonquestep1.blogspot.com/
216.58.207.193 185 B URL robloxdungeonquestep1.blogspot.com/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 259e1b6e547d43251ca3fc0b41eb598b
38030a2671c62db914998cd967dd1da0d589354d
7b1e950abcb955913ea2ac2c9e250e7c87f1230c37562f9f146beecfcf1f87c9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxdungeonquestep1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://robloxdungeonquestep1.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 15 Apr 2023 17:37:18 GMT
Expires: Sat, 15 Apr 2023 17:37:18 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 46b79db05e8f73d98e627f5fca196625
52c8052b2de7eb56042a3a5dce90a9f4617d0aa0
42ebb62b20df4a8e740ebde9f3da7c9c5781aeb0955e88755b8037ed3379b911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robloxdungeonquestep1.blogspot.com/
216.58.207.193 18 kB URL robloxdungeonquestep1.blogspot.com/
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1071), with CR, LF line terminators
Hash 2f61c35412ee90f170112b307b28eb3b
55b882205b14bb8da4937be86334259bad901d0b
14d053a3448a06ed303373ba81f0c6260bb9f4676b11596bc627f02cb0769fb9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: robloxdungeonquestep1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 15 Apr 2023 17:37:19 GMT
date: Sat, 15 Apr 2023 17:37:19 GMT
cache-control: private, max-age=0
last-modified: Thu, 21 Jan 2021 08:54:49 GMT
etag: W/"03458b670b60e7ddc86a704ec44191811c8a4952ab57fb33be260b83a7b8ca14"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 17819
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 46b79db05e8f73d98e627f5fca196625
52c8052b2de7eb56042a3a5dce90a9f4617d0aa0
42ebb62b20df4a8e740ebde9f3da7c9c5781aeb0955e88755b8037ed3379b911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
robloxdungeonquestep1.blogspot.com/js/cookienotice.js
216.58.207.193 2.0 kB URL robloxdungeonquestep1.blogspot.com/js/cookienotice.js
IP 216.58.207.193:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: robloxdungeonquestep1.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: robloxdungeonquestep1.blogspot.com
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 22 Apr 2023 17:37:17 GMT
cache-control: public, max-age=604800
last-modified: Sat, 15 Apr 2023 14:52:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6033939083a8d33a40f75374ef257b57
c624b9d622d6d63dbc9a7a3860a550bb3280886e
053f4269987de853c36e36e0f5dada4725c3ff616092a41c039eb21337c00f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2554dce603910d54df921c966dcf4534
5b4723c280c6fbf9eb99f5eb4d1b6ce0850b09f5
6af76a4fcf5ef2dcfc2f89e08b927d98ee89cf5afad11a5fe0dfe989e841a7ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9686b79b567ebc654135b814803081e7
7128dbe66cc2d82674292bf8f028f2a1690165bb
a993b81b31430c796fdf5a352329863c8c306c0d21cc372255ffa870c272b78c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
216.58.207.233 7.8 kB URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash f1d1c6947963cb45c723ade544114d08
b5ec31c95a56be9d83a5e1f0dc739f02284e30fe
794458aabbb7c9b3d68e9692c84044988099732239e2c4cc6f4204eb2011b448
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 09:34:24 GMT
expires: Fri, 12 Apr 2024 09:34:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 12 Apr 2023 16:50:21 GMT
content-type: text/css
vary: Accept-Encoding
age: 201775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 31df4f642b2c56e95911bd0c751d47dd
46c716323245a9701ace882a3277eb529f19b952
b6c851254e68dff34b34aedcc6e539d44f6d5ec6d55b7c95da2d2654d4ea8b32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2554dce603910d54df921c966dcf4534
5b4723c280c6fbf9eb99f5eb4d1b6ce0850b09f5
6af76a4fcf5ef2dcfc2f89e08b927d98ee89cf5afad11a5fe0dfe989e841a7ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/mCKELjYHaEU/default.jpg
172.217.21.182 4.0 kB URL i.ytimg.com/vi/mCKELjYHaEU/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash a96fcd24e7b03552e598b572ba02a0aa
d6b04cc9d346095b8578312a6cac52cbc8b241d3
b986fa90cce76442135d427f3e5ff3f8e8eda8b6ca727177d39c6d6d0fae5c88
GET /vi/mCKELjYHaEU/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3999
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/NSb9psSTnjM/default.jpg
172.217.21.182 4.8 kB URL i.ytimg.com/vi/NSb9psSTnjM/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 36183410a54009af030025f5ea0ce37b
d31b41f5ad4cce1d0e95c163220cc6cc0c732a10
e8c314aed8875196a11a33e555c0a6ec0ea01f9205c934f57f4760d6856c1813
GET /vi/NSb9psSTnjM/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 4776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "1465596001"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/zxrrPVmj-kA/default.jpg
172.217.21.182 1.3 kB URL i.ytimg.com/vi/zxrrPVmj-kA/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 3da9495bdd5b51fdc25c5c81df2eacc6
5ddb38ebe1c70482b9d7cd6e61d01f7f55dcb532
87d3032a4c40c9c24a0b1e912bc4f69b66f26ffe667fbf2ee2d954bffdc50497
GET /vi/zxrrPVmj-kA/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 1347
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/g1dX0rd3njg/default.jpg
172.217.21.182 2.4 kB URL i.ytimg.com/vi/g1dX0rd3njg/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash b8db43ecf8c6b9137fb6a633992769b0
884d31cd55b4aaa8b538d61ddfb538dff53f2280
d3db8f5dd88f448a43ca377be3bcfa11d3b3c21c08a8c135b2deb9bfdd218024
GET /vi/g1dX0rd3njg/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 2367
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/Q3B7ltTVUH0/default.jpg
172.217.21.182 1.1 kB URL i.ytimg.com/vi/Q3B7ltTVUH0/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/Q3B7ltTVUH0/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 17:37:47 GMT
cache-control: public, max-age=30
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/jkXU2uc8jDE/default.jpg
172.217.21.182 4.8 kB URL i.ytimg.com/vi/jkXU2uc8jDE/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 8f4756580c68d1be8cf764ddcabdd439
a9c4f44db35b359a98f29484185babe4195554b8
7da23da62f68d5051d60ebcdbbb3ba7feea5ffdbeb612aeb3c58f29f85a536ef
GET /vi/jkXU2uc8jDE/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 4832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
216.58.211.10 33 kB URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 216.58.211.10:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 18:05:12 GMT
expires: Sat, 13 Apr 2024 18:05:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 84727
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/41Jvk0LkIbM/default.jpg
172.217.21.182 2.1 kB URL i.ytimg.com/vi/41Jvk0LkIbM/default.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash a4020376ee1b30ec7deeb3b3c6aa5670
48ce9660395247d768b13b7a6a4d7d80b047bbb3
a29b5140ff75d938de5cc8d5285335208063539055367e7a8f6340fbc82647f0
GET /vi/41Jvk0LkIbM/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 2057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sat, 15 Apr 2023 19:37:17 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1852870454-widgets.js
216.58.207.233 57 kB URL www.blogger.com/static/v1/widgets/1852870454-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash d19b4e5daf1cca65910963a91514ff6d
e4c300bb1b62d4ece1b938cb3ee0f6322ee0a8b9
3d2a90a36164abc85a92ede291287c7135725dae9c5c124b8f3f557f7c12c7d4
GET /static/v1/widgets/1852870454-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 08:03:26 GMT
expires: Sat, 13 Apr 2024 08:03:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 14 Apr 2023 04:55:24 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 120833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174 21 kB URL apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 3161bcab6d00af494c239ab853923a64
3a9c842aa0b2fc894aea7a308a56cc09fce0def3
2b5444c3782c761e5ddb30bd733e9f746f49b3442c5d787b0a7b0c10434fe81f
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Sat, 15 Apr 2023 17:37:19 GMT
expires: Sat, 15 Apr 2023 17:37:19 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a817d6f6a95ec85f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDRbSfjLfs918d9S9nMtEv-uyIYNGVEaV8lLHBBCIfTuGLmt9jeHs4OldLEGfe2aQv0UShUme7uZ27zV7T_7WIpDAU8D0Si6YPftIgyyG1_3=w72-h72-n-k-no-nu
142.250.74.97 5.2 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDRbSfjLfs918d9S9nMtEv-uyIYNGVEaV8lLHBBCIfTuGLmt9jeHs4OldLEGfe2aQv0UShUme7uZ27zV7T_7WIpDAU8D0Si6YPftIgyyG1_3=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 1c9f8a129ca913b6cb7378aebc94b827
5216d565de0ef1104f3a7775a1779400bf28085c
00dfb4091ef0c9ebe58799bd736b64702681c635609e9cef975481671c0f774c
GET /blogger_img_proxy/AByxGDRbSfjLfs918d9S9nMtEv-uyIYNGVEaV8lLHBBCIfTuGLmt9jeHs4OldLEGfe2aQv0UShUme7uZ27zV7T_7WIpDAU8D0Si6YPftIgyyG1_3=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 5230
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sun, 16 Apr 2023 17:37:17 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSHYged_kytd_a44R4blj26a8S-SbZcqOvefhbA0OqdMxYSu8EjtfouqnyopLaJA5AA55OgDQ9vWL-LOj9BQEJ4slWASoyqWFCFDvJ-kEvyyAAZACHhjYvjCv3gtYHUFrxZBD0NE2ioYHC7kzY0kXW-T24LzeMOoQM91k-10iZ19qR-voBXG0t5IOZaU1KJBe8RSdqczwN0OGI4MOfTDHXcyGHTwoFspMXXFzIfwBPMHgvi6_F76cMnRIcBk47DQaS3Qz01QbnYT_HIcJicnE_x-PX3mfeko4fCuzAZpFsAam80hJ1ZaylfvQyH01qfpCrEL6BWGg44ZqBumwfMgAJmwMjSxdWwQIYNq6GZNqfMJLp416977063jwctZtinVBz2kl_am1xHMkeG2fJsxind-ZJ75rO2MKs64ht1dZD4XUXyPGhexgwBLqs2ZJlqiVYE88KTe8nMZOPTOxv5RrGSVm4wfkbJQwgthDw-rB_oWvix6nQkm6mtXkppMUZgUGOK1u3kFmakJL_qI7Ryv8UafXLK8SfJZrqcfJEzcw4Kyr_Jqv3T0y1LAIom3g3GPPJKKStBEqbjIQdxven0gsfiIcKHfM7Ez9BIN-DE8F4FdS6YAJnA9OWYtHwwSKvmgtTuMZRgKNwFq2DW4YP1fT08L6WMngPGJFcYEwgtRubiPL_5BVfcdMHc64VNE3n7jHKCZECEEJLpFdCo0zim6VJa52AzjmYtc8tsB3EpniFnumfclr3FWlk9yX9B7xiUe5UgQS8GcKZ_doBwZ5fKecLSN7cYJMvyaF6Jk-kbG9JRhXKmvCbmH-Fw4kxNNKV9dj1ZmqI6Mxyvm7k-D3Y55KLaGJeOfezXtPNn4M0obWyKAXXwXpe2Nmvbr8aeOXIa8vy5FntcvqNrnf66gH9VVH80Jk8B0jq-54j2ZZiHeV9diV7c7DZiWbS0-INs_LPfCxrdHw=w72-h72-p-k-no-nu
142.250.74.97 897 B URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSHYged_kytd_a44R4blj26a8S-SbZcqOvefhbA0OqdMxYSu8EjtfouqnyopLaJA5AA55OgDQ9vWL-LOj9BQEJ4slWASoyqWFCFDvJ-kEvyyAAZACHhjYvjCv3gtYHUFrxZBD0NE2ioYHC7kzY0kXW-T24LzeMOoQM91k-10iZ19qR-voBXG0t5IOZaU1KJBe8RSdqczwN0OGI4MOfTDHXcyGHTwoFspMXXFzIfwBPMHgvi6_F76cMnRIcBk47DQaS3Qz01QbnYT_HIcJicnE_x-PX3mfeko4fCuzAZpFsAam80hJ1ZaylfvQyH01qfpCrEL6BWGg44ZqBumwfMgAJmwMjSxdWwQIYNq6GZNqfMJLp416977063jwctZtinVBz2kl_am1xHMkeG2fJsxind-ZJ75rO2MKs64ht1dZD4XUXyPGhexgwBLqs2ZJlqiVYE88KTe8nMZOPTOxv5RrGSVm4wfkbJQwgthDw-rB_oWvix6nQkm6mtXkppMUZgUGOK1u3kFmakJL_qI7Ryv8UafXLK8SfJZrqcfJEzcw4Kyr_Jqv3T0y1LAIom3g3GPPJKKStBEqbjIQdxven0gsfiIcKHfM7Ez9BIN-DE8F4FdS6YAJnA9OWYtHwwSKvmgtTuMZRgKNwFq2DW4YP1fT08L6WMngPGJFcYEwgtRubiPL_5BVfcdMHc64VNE3n7jHKCZECEEJLpFdCo0zim6VJa52AzjmYtc8tsB3EpniFnumfclr3FWlk9yX9B7xiUe5UgQS8GcKZ_doBwZ5fKecLSN7cYJMvyaF6Jk-kbG9JRhXKmvCbmH-Fw4kxNNKV9dj1ZmqI6Mxyvm7k-D3Y55KLaGJeOfezXtPNn4M0obWyKAXXwXpe2Nmvbr8aeOXIa8vy5FntcvqNrnf66gH9VVH80Jk8B0jq-54j2ZZiHeV9diV7c7DZiWbS0-INs_LPfCxrdHw=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 66d321b25a4ec1958445d3e72b6ed2a9
22ae303a9310cc2d44da452c85afe08f3e2c3940
96846f6ee7dedec49c13ea84e5e4f473de281b266ef82abb0218a05364030997
GET /blogger_img_proxy/AByxGDSHYged_kytd_a44R4blj26a8S-SbZcqOvefhbA0OqdMxYSu8EjtfouqnyopLaJA5AA55OgDQ9vWL-LOj9BQEJ4slWASoyqWFCFDvJ-kEvyyAAZACHhjYvjCv3gtYHUFrxZBD0NE2ioYHC7kzY0kXW-T24LzeMOoQM91k-10iZ19qR-voBXG0t5IOZaU1KJBe8RSdqczwN0OGI4MOfTDHXcyGHTwoFspMXXFzIfwBPMHgvi6_F76cMnRIcBk47DQaS3Qz01QbnYT_HIcJicnE_x-PX3mfeko4fCuzAZpFsAam80hJ1ZaylfvQyH01qfpCrEL6BWGg44ZqBumwfMgAJmwMjSxdWwQIYNq6GZNqfMJLp416977063jwctZtinVBz2kl_am1xHMkeG2fJsxind-ZJ75rO2MKs64ht1dZD4XUXyPGhexgwBLqs2ZJlqiVYE88KTe8nMZOPTOxv5RrGSVm4wfkbJQwgthDw-rB_oWvix6nQkm6mtXkppMUZgUGOK1u3kFmakJL_qI7Ryv8UafXLK8SfJZrqcfJEzcw4Kyr_Jqv3T0y1LAIom3g3GPPJKKStBEqbjIQdxven0gsfiIcKHfM7Ez9BIN-DE8F4FdS6YAJnA9OWYtHwwSKvmgtTuMZRgKNwFq2DW4YP1fT08L6WMngPGJFcYEwgtRubiPL_5BVfcdMHc64VNE3n7jHKCZECEEJLpFdCo0zim6VJa52AzjmYtc8tsB3EpniFnumfclr3FWlk9yX9B7xiUe5UgQS8GcKZ_doBwZ5fKecLSN7cYJMvyaF6Jk-kbG9JRhXKmvCbmH-Fw4kxNNKV9dj1ZmqI6Mxyvm7k-D3Y55KLaGJeOfezXtPNn4M0obWyKAXXwXpe2Nmvbr8aeOXIa8vy5FntcvqNrnf66gH9VVH80Jk8B0jq-54j2ZZiHeV9diV7c7DZiWbS0-INs_LPfCxrdHw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 897
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:18 GMT
expires: Sun, 16 Apr 2023 17:37:18 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSLF5qiGOMb_B0kGcC9d5Mm-LXygw5YDCpSa8OLskXpounBYqhMyj7jkBldrrNrzR4Hmw3sRelpH-aEK49yLVeD-IiXCmyub3NlX19pBVkjNdya=w72-h72-n-k-no-nu
142.250.74.97 3.9 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSLF5qiGOMb_B0kGcC9d5Mm-LXygw5YDCpSa8OLskXpounBYqhMyj7jkBldrrNrzR4Hmw3sRelpH-aEK49yLVeD-IiXCmyub3NlX19pBVkjNdya=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash ce6ef682fb590f9cf41ac5517743e0d3
6faab373aef384eda31b084331da82533d8f3253
c1b8db6cd43c60153fe71ed06c0be5a37089dc4a95038de363cfef9177444cc1
GET /blogger_img_proxy/AByxGDSLF5qiGOMb_B0kGcC9d5Mm-LXygw5YDCpSa8OLskXpounBYqhMyj7jkBldrrNrzR4Hmw3sRelpH-aEK49yLVeD-IiXCmyub3NlX19pBVkjNdya=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3877
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sun, 16 Apr 2023 17:37:17 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSpBVO2gYvZQhCn75Vb2qc33sWt9C3-B4QbRaoWV3mu1UyK4pqhMl-6QLiB_4iC9XXjRvuKsgZPeWzC8rZMkO31LQtZIXTHCHp5y2RCYysV9n_stxPeQNBqJPLh=w72-h72-pd
142.250.74.97 3.0 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSpBVO2gYvZQhCn75Vb2qc33sWt9C3-B4QbRaoWV3mu1UyK4pqhMl-6QLiB_4iC9XXjRvuKsgZPeWzC8rZMkO31LQtZIXTHCHp5y2RCYysV9n_stxPeQNBqJPLh=w72-h72-pd
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 882420f88e31daeb5310af01193331bc
b54d5d097955223d035d2d04c0798137593bf57b
5765144246e2bcf7df7e20af8a79db433710badf0a1cc5d0e759faa3ef85ec97
GET /blogger_img_proxy/AByxGDSpBVO2gYvZQhCn75Vb2qc33sWt9C3-B4QbRaoWV3mu1UyK4pqhMl-6QLiB_4iC9XXjRvuKsgZPeWzC8rZMkO31LQtZIXTHCHp5y2RCYysV9n_stxPeQNBqJPLh=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3013
x-xss-protection: 0
date: Sat, 15 Apr 2023 17:37:17 GMT
expires: Sun, 16 Apr 2023 17:37:17 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
vary: Origin
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSw6isJgq3BRY4PXA_wfdxTxbCf_JbCfFdgmgkIc0MPGz7vwSRLsiNlSp0rzms1WWIiTD7dA4dakGaxzpO9NJ9R10tt78zjpO_HT2G3vhCLV9k2xz7R0kys5yb_gF89RAjoVOq7HwnI6EdrwemkKYcB0RQ9Kx81qMsaxUjl=w72-h72-p-k-no-nu
142.250.74.97 2.3 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSw6isJgq3BRY4PXA_wfdxTxbCf_JbCfFdgmgkIc0MPGz7vwSRLsiNlSp0rzms1WWIiTD7dA4dakGaxzpO9NJ9R10tt78zjpO_HT2G3vhCLV9k2xz7R0kys5yb_gF89RAjoVOq7HwnI6EdrwemkKYcB0RQ9Kx81qMsaxUjl=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 506468fc9a62963a4e07035036fa2fee
582a95b72944751aa55f761777fd98da03d9a24a
8997f07adc32cafa9329efd7a92d4c53c3d84040f56bb924f4d55b0c0ca10037
GET /blogger_img_proxy/AByxGDSw6isJgq3BRY4PXA_wfdxTxbCf_JbCfFdgmgkIc0MPGz7vwSRLsiNlSp0rzms1WWIiTD7dA4dakGaxzpO9NJ9R10tt78zjpO_HT2G3vhCLV9k2xz7R0kys5yb_gF89RAjoVOq7HwnI6EdrwemkKYcB0RQ9Kx81qMsaxUjl=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 16 Apr 2023 17:37:19 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 2308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDTyDgfEvIYuFC13XiKf1VKt6K0g2HNEl1lwRg2T1C6jeBa6A9oY1953whp2phJf8Nxb6Ii_8ieogLuvDwqkZxkgnSGyfQmQ9uLTexFZFac-ysELHpTfrA=w72-h72-pd
142.250.74.97 950 B URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDTyDgfEvIYuFC13XiKf1VKt6K0g2HNEl1lwRg2T1C6jeBa6A9oY1953whp2phJf8Nxb6Ii_8ieogLuvDwqkZxkgnSGyfQmQ9uLTexFZFac-ysELHpTfrA=w72-h72-pd
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 5fac55fb5f3cc2dc64507c7de50ce79a
f2def4034430b32f3dc8e57454120294c048686f
45fbbf8544b6289635ffed70a7ca7292d6b6e27e81f943e60090247de419b57c
GET /blogger_img_proxy/AByxGDTyDgfEvIYuFC13XiKf1VKt6K0g2HNEl1lwRg2T1C6jeBa6A9oY1953whp2phJf8Nxb6Ii_8ieogLuvDwqkZxkgnSGyfQmQ9uLTexFZFac-ysELHpTfrA=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSnHJhwIRZ7mp-qgNcw1IaREyu2FdD7grNDrTLLC6C6hBd1JhpugSzjz196ykIkW0TxA5wx_R-PPt41HTYV7_-AWGvCTcvWq6u_pyc7ZBr-V0xg=w72-h72-n-k-no-nu
142.250.74.97 897 B URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSnHJhwIRZ7mp-qgNcw1IaREyu2FdD7grNDrTLLC6C6hBd1JhpugSzjz196ykIkW0TxA5wx_R-PPt41HTYV7_-AWGvCTcvWq6u_pyc7ZBr-V0xg=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 38b6247d7fbd9e6dbe2ee1bf761f437b
031fee177fb116ff0b59a7ad1aa3523cb763a894
bb2eaf1cfaa13d7a434ddbe81fe806b290e16f27e27ef3c744073dd730d3e669
GET /blogger_img_proxy/AByxGDSnHJhwIRZ7mp-qgNcw1IaREyu2FdD7grNDrTLLC6C6hBd1JhpugSzjz196ykIkW0TxA5wx_R-PPt41HTYV7_-AWGvCTcvWq6u_pyc7ZBr-V0xg=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/jpeg
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDRJf3mHP58KL1ADDJNNwbJFH4boNc3YZpNIG0H84kjHrZhwFnmJASZjCqGZWH6aIJ443cpyjop_oUMXZy3up-9orr4tYfzAeeW48xwT0JMW7wWZA5DYjs5g=w72-h72-p-k-no-nu
142.250.74.97 1.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDRJf3mHP58KL1ADDJNNwbJFH4boNc3YZpNIG0H84kjHrZhwFnmJASZjCqGZWH6aIJ443cpyjop_oUMXZy3up-9orr4tYfzAeeW48xwT0JMW7wWZA5DYjs5g=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 492d66156dd767e55fb47b9692977f25
9dc2a715286dbd2d1d2cadc03a857d381b1b28a1
453b8567298ce67f209c148996f4335cce7550afca34b5ba671dbabd94e2f5a9
GET /blogger_img_proxy/AByxGDRJf3mHP58KL1ADDJNNwbJFH4boNc3YZpNIG0H84kjHrZhwFnmJASZjCqGZWH6aIJ443cpyjop_oUMXZy3up-9orr4tYfzAeeW48xwT0JMW7wWZA5DYjs5g=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 1721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDSLL_NfP4S9AEw9auXXTd3MXkfSXm65h5uIs0-AJ0T_bzxJTVb2nlkk2YbjknJVAduUmgjDNJWiBKrBd0t7HxFC7uL93uvl9foSL7xvFCQNMbuvwze0fLt7aT3pLBdJKkBr8oCaGUvygUjSBg1ehDLYvtdAGGh2JaPtXdNqWP1pD-wmiHrkXneDSSDQpQ5gx-kFfGD_WqnwjJ1vyA-Ya7jZk-XFXkCRahHCx7sdIEgYma1TcUB2LkfLzg=w72-h72-p-k-no-nu
142.250.74.97 1.9 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDSLL_NfP4S9AEw9auXXTd3MXkfSXm65h5uIs0-AJ0T_bzxJTVb2nlkk2YbjknJVAduUmgjDNJWiBKrBd0t7HxFC7uL93uvl9foSL7xvFCQNMbuvwze0fLt7aT3pLBdJKkBr8oCaGUvygUjSBg1ehDLYvtdAGGh2JaPtXdNqWP1pD-wmiHrkXneDSSDQpQ5gx-kFfGD_WqnwjJ1vyA-Ya7jZk-XFXkCRahHCx7sdIEgYma1TcUB2LkfLzg=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash d68ff1051951eaa57c30f5720f3ba388
8f7013e3f1675b1c5af62a622cf9ed473a26a98a
222a3504016f4335719e44b3b5fccaf5f99f4998b060ac6ce33344e05f153788
GET /blogger_img_proxy/AByxGDSLL_NfP4S9AEw9auXXTd3MXkfSXm65h5uIs0-AJ0T_bzxJTVb2nlkk2YbjknJVAduUmgjDNJWiBKrBd0t7HxFC7uL93uvl9foSL7xvFCQNMbuvwze0fLt7aT3pLBdJKkBr8oCaGUvygUjSBg1ehDLYvtdAGGh2JaPtXdNqWP1pD-wmiHrkXneDSSDQpQ5gx-kFfGD_WqnwjJ1vyA-Ya7jZk-XFXkCRahHCx7sdIEgYma1TcUB2LkfLzg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 1851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AByxGDQzGQsGE_tGmiB-4FyswW9T6l2pGCvjXvqiyiIvvbSpUmjKWePwNGyHhJrpDln58EUS6esA9jInzrQAZV89FJrHGdq6DtgrsyUWza90C_WROqDqetB9ggu0=w72-h72-p-k-no-nu
142.250.74.97 1.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AByxGDQzGQsGE_tGmiB-4FyswW9T6l2pGCvjXvqiyiIvvbSpUmjKWePwNGyHhJrpDln58EUS6esA9jInzrQAZV89FJrHGdq6DtgrsyUWza90C_WROqDqetB9ggu0=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c27b555b9a20d13e74535908b0e1ed66
d0535e60bdefa869d9d7cc3eaed6727656cf0a35
3c57a65b27b9165a60fa457ae1a0042562f9c4ffdff6469a32095e8281602bd8
GET /blogger_img_proxy/AByxGDQzGQsGE_tGmiB-4FyswW9T6l2pGCvjXvqiyiIvvbSpUmjKWePwNGyHhJrpDln58EUS6esA9jInzrQAZV89FJrHGdq6DtgrsyUWza90C_WROqDqetB9ggu0=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 17:37:19 GMT
server: fife
content-length: 1721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gerailagu.com/cluster-v2/roblox-gs.js
172.96.187.226 1.6 kB URL gerailagu.com/cluster-v2/roblox-gs.js
IP 172.96.187.226:0
File type ASCII text, with CRLF, LF line terminators
Hash 4e18a372fe4c46d38b0ec5528324a849
0ba0eada677fda6332eb4fa3a14308d85e3a6cac
2777f678c5c8cb81dc1736a12c40c9a6cbf44b756e5b5abc7516e10bd0dba010
GET /cluster-v2/roblox-gs.js HTTP/1.1
Host: gerailagu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-length: 1613
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Apr 2023 17:37:19 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6033939083a8d33a40f75374ef257b57
c624b9d622d6d63dbc9a7a3860a550bb3280886e
053f4269987de853c36e36e0f5dada4725c3ff616092a41c039eb21337c00f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9686b79b567ebc654135b814803081e7
7128dbe66cc2d82674292bf8f028f2a1690165bb
a993b81b31430c796fdf5a352329863c8c306c0d21cc372255ffa870c272b78c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2554dce603910d54df921c966dcf4534
5b4723c280c6fbf9eb99f5eb4d1b6ce0850b09f5
6af76a4fcf5ef2dcfc2f89e08b927d98ee89cf5afad11a5fe0dfe989e841a7ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 4450867227bc81baa89c9e135f91e537
260e302cf5302fab19b92430bf84dafd1f42264c
d2c192beac9317754b0754287fb8a2373a60a1fc3ace1e55c88d92744b1abcba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ef38c91decc87d52e74191fae8678822
d979abf0931454ed2807174d06c435c8532ea68b
4a1a81a187ddcda8ca7c50fed7f452930726771843181d0dbdf8f3016523e75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nowqo.net/roblox/images/gamebaglogo.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebaglogo.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebaglogo.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F0xqlJbutRojF8KIkQOeFxejsJOlyrshQy2LNau%2FqZ4JjaNm%2BM3Mht5JJMe%2FoY0ug1T3amHVXwbfyrFIsk7zSd7GpbLTzZY1GawZPfZaY2M5zw6m0Ol8q%2BNlu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b828ecb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/ft-1.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/ft-1.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/ft-1.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPntdisTNyu4sfswDgAUkFesaSPPS%2FGkX%2FxsaO7T7rcFMnTbT1DtcjeMifBTgXFWu%2B4FUv6PA0S3o2eeC3OsuwzrcAxzjD%2F8OievIWl3u8lf3fznFaTxYui9HHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b838f8b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/header.png
104.21.25.78200 OK 131 kB URL GET HTTP/3 nowqo.net/roblox/images/header.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (131285 bytes)
Hash 35e93538f31d67876a2cb38bf94279d8
49bf97732e9bffb5371ad60d024901b09d83651b
95c1de9315834de2ff3608a2dc048a6aedc273e665f9b54eb956523a81fc91df
GET /roblox/images/header.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 131285
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkTIJeoKlGDWESfGG05sq01wWqapx%2FH9u3PisAY2TaYRh%2F%2B17MS1tF8EYDZb%2FMzstIeiOHbozXLmwo6sIo8VgPvPT4UYbJd0msY5ZjdaAcXMBtAZaX%2FRdeGhiU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b838fab517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
104.17.24.14200 OK 1.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP 104.17.24.14:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3201), with no line terminators
Hash 8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7423645
expires: Thu, 04 Apr 2024 17:37:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5Sxbq8vDzr2t1zxWNkHJpaRWbTA%2BruyZ3D2I7UxIGBHboACTB5qBvmJlExJjBqJ29LLykIcsdBwaba4X2iy03OxCpbPG%2BwyIsVf%2FJBbXXbukfpmKu4%2BG%2B0MzCzpceWFQqIaujm2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b85f4b87e6db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nowqo.net/roblox/index.html
104.21.25.78200 OK 842 kB URL User Request GET HTTP/2 nowqo.net/roblox/index.html
IP 104.21.25.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size 842 kB (842515 bytes)
Hash 68174f59da2359dec63c1eacd5d58b81
6ec6e7e322ce319c132107cd056955c4d15c0d77
d63181683ef9f30b7f59a08311bf1dfc9680441f14422c19eace3be8b89e4395
Analyzer Verdict Alert fortinet Phishing
GET /roblox/index.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://robloxdungeonquestep1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/html
last-modified: Fri, 07 Apr 2023 06:41:19 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 109867
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0FRZkluSWBcC5f6iXCPpPwDGO9Uh%2FvHp6agMNPCp7kKwENARwoOduhUpA9pcETLbOM3v%2F4jGOexU0jW%2BLREXwJvJydg4kICpKq2G3yDVrL6NfqWRhhkpdF7WbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b70cff0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
104.16.89.20200 OK 18 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.min.js
IP 104.16.89.20:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5C:61:30:2F:8C:51:BF:3D:79:B5:3A:04:9A:91:F0:1C:D9:78:87:40
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (4802)
Hash 746561b9bda08fcb34e46294abb69b5c
313c4f13580817bbace941229a42416ed9405f10
c74ab444c65e6bb54e949d9ef2c827e83162656e0238585a559a47f1b4ad65ba
GET /npm/js-base64@3.7.2/base64.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"1405-lMmxLE0z8/TnsipvbhQg5ckAA8Q"
x-served-by: cache-fra-eddf8230050-FRA, cache-jnb7024-JNB
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 174217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYn2zof1B57JO4a72A0LOQD33MV3tHRPm8qvgMiRVnR8kLXY%2FJi6mE%2F3hTax2nKi3rHdnyKnrxbRM%2B40WXT7Fa%2F1Ct5ZZ4NsY2Odj0KWVWLnmiuwKkKAhPwGoS%2BSu%2BTFBNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b89cf50b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
nowqo.net/roblox/images/jquery-3.2.1.js
104.21.25.78200 OK 42 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-3.2.1.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1237)
Hash 4d2ba2e8756b577e1b3f5d8c880db0ea
d2a6ed0a9b315adfcbd6c834e86eb022ff140c8b
349ef3c2d6ccd958a6da3927ab217fb91ca59bf5933b782fc9507f0a8f6ed59e
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-3.2.1.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=268039
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F319ua6LN1zTfRSnl8eKGsdRfFDzPfzpeTHLz25a0ghwE4TC4E44zou%2FA%2BD2n1T5GQLXX%2Fl%2BHjqFLuywwq%2BzjYRUT5ZZnG1PvYJ2LOn9%2BSBSISvlcdx3eozSL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b838fcb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/sweetalert2.min.css
104.21.25.78200 OK 5.9 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (13988), with no line terminators
Hash 9e43582c274a8547bfa8f010214f706e
1350c37eb081bfee1df06bbc3b32557fc8be6c6f
84988276ed157d710d467ab64aaa6e284c696cc572bb99708ca6e82e22d59f8b
GET /roblox/images/sweetalert2.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08DVHyMBbuCb%2BVBNNU2u%2BcH2VF7IsE8E6xwtWG4T7YXsXZUM6dODbzUCFw2O85MTNGJNzzajqqnQeZ5qep%2FC%2BfjfR0%2FsLGoaJ0I41HOJvO3NuU4ud2I%2FCcy7rwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b818d7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/animate.css
104.21.25.78200 OK 5.9 kB URL GET HTTP/3 nowqo.net/roblox/images/animate.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (53418)
Hash b8561aaf5309e1cf221c79aa3cc831b3
963b2adc019eed62103bd3faf639d1cdc04789eb
a5a476be8e608afcad23e24fd377bb66abe8c337d878a8f2ace19286b698dac0
GET /roblox/images/animate.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=68796
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjWmwFVv4xiJhAbJu3RudV1KbGAMLvi%2BxyUGLyRFnC%2BYkTYlPNgXAHmJnzpjOBQRyaI3rUE90q29XKul%2FNADVU1DoFxrG3ZETFbnkOVN7T6UKca8ciA6gBQxaxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b818d5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-r.png
104.21.25.78200 OK 27 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-r.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 1339ccba9a248e9c3689c2f921283d91
7d393c9a3efa49a81afc9406700e94ae23e4bb95
082da94e7b1e7b7cf6054ecb33edffc2b36578727ef34c8a1ef6bddfaa6cfbbf
GET /roblox/images/pr-r.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 27316
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYJCpq3MhVer9Eg2UbsCMfN7FkKOR2%2B9mtOS9vt3h2PvMQc3ScGyo%2FaGye2L8QAs9VQcsMZFSB4roeAaaashst5cPcyotUra4mIZMfm2RffHQw3uhVtghKOBuhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9dc2db517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/et-line.woff
104.21.25.78200 OK 55 kB URL GET HTTP/3 nowqo.net/roblox/images/et-line.woff
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/et-line.woff HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: font/woff
content-length: 55220
cache-control: public, max-age=31536000
expires: Sun, 16 Apr 2023 07:06:54 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 500419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxGd378Zc7%2F50KC8YyYP3l00JDCFoJwwk7gm1oqBMbVJoF%2BPFxpGzc6%2FoDSg9cKBXihB8l8I0gEJjKtGVCTRkjqfUDH4hj%2FpmVcXlccJY2oDooxmIkCyICvroXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9ec32b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.11.207200 OK 67 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.11.207:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:37:21 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9b0e9cc931c66bf3d677884409621f3d
cdn-cache: HIT
cf-cache-status: HIT
age: 696350
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b85f4baae360b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 798d4dfa1bf269cf25be30e15c0faf27
add23a798eb57d7f581a42d0f9084a3acaa076c3
7b38c793ca44a66a992fb67afcd9dca6a1e53824b5c65cf946f1037118f361ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nowqo.net/roblox/images/sweetalert2.min.js
104.21.25.78200 OK 7.1 kB URL GET HTTP/3 nowqo.net/roblox/images/sweetalert2.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (20305), with no line terminators
Hash dd6926149e225810e5356f504a3a14d0
5425d0905ff314d7711591690cffaf072d902483
30eca6633273188955f77976a7021cc19a05bc11eb040bec548846059fdc4e3f
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sweetalert2.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS%2F466zIABFcePL%2BvvP7QGBlk%2BtnyAU7gGClOkGqvQUwCpdxhh1DdybVoTZE28K3jRIwuF4oQRpYpas4i8yKSLzwYvGLkTPo6Th0nGlXdMQNpZas3ChYrq3PBB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83912b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery-ui.min.js
104.21.25.78200 OK 53 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery-ui.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (563)
Hash 9926c1cfb529947ef86236b9ab53066c
44d30c574306b62e3593f542421a18c3fb781f82
90092d0273b24265ede85ab97f242a59109d9e6291a9c439a281a7f4206d4641
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery-ui.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4XsFpi5yPuEO7CNZnjrcR42NOoqO6ezZzCoYPlzDByQzdqx9X1c0j0Wh3fjk1R6MNvvZzmJwkst%2FeKLp7KRoF49AiJb5mF5aln5lbdpVbhTuhEK%2BU%2BJOmLZi8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83911b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/magnific-popup.css
104.21.25.78200 OK 20 kB URL GET HTTP/3 nowqo.net/roblox/images/magnific-popup.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (6066), with no line terminators
Hash c5235806579b312e539064ec16082daa
65aa5dc68aa2b15f284e898f6506c681fba50fae
1f0639236dcdb9736c20a6be4e5f203189fcc644dc9eb81fc3d4649616fd64d8
GET /roblox/images/magnific-popup.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7946
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ1ZgrcsqjvRSsMxizaJI6b4v0%2BamliqhZhl6ljeEN8flp3OUs%2BaK2OeMopES%2FrS26g7p0qMqBikOFCvlkiPM1Ou7XOPctjRm2eI1XSdB3REFROHn8iH75g3noY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b828d9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/sticky.js
104.21.25.78200 OK 10 kB URL GET HTTP/3 nowqo.net/roblox/images/sticky.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (16920)
Hash b364f79464c6104f5b4a24fc67cce639
ecd7db04d92ffa3077b8a6703682a028fea8210b
cf59d1fab6bc6a6d26567fc9c70d7d45c628db0d88d850a93858f8f68fcbe19f
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/sticky.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=20845
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XOgJ96p3N0kyhLSox2XP3bVoIMVD%2FCEkzRtNf93qawdgDD5wV609vZjURuHXR0D1SUpbzC5sbPAhB506clLeWqlHUqvSfQNkMpekSdmHtcGwI8jHWLjzt2ULcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b8492ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 19:44:14 GMT
expires: Thu, 11 Apr 2024 19:44:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 251587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 06:40:10 GMT
expires: Fri, 12 Apr 2024 06:40:10 GMT
cache-control: public, max-age=31536000
age: 212231
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 798d4dfa1bf269cf25be30e15c0faf27
add23a798eb57d7f581a42d0f9084a3acaa076c3
7b38c793ca44a66a992fb67afcd9dca6a1e53824b5c65cf946f1037118f361ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Apr 2023 17:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nowqo.net/roblox/close.png
104.21.25.78404 Not Found 3.7 kB URL GET HTTP/3 nowqo.net/roblox/close.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c7f292ba9d6a7d54d225bff6d143e5f5
4472e98a423a05ffe3590fd196e0dd2709af0abb
3d6cd8d3014242ae53530e8e713b9cb1be15dc27a32e3366b85859ee711bd702
GET /roblox/close.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Cookie: username1Cookie=Giselda Capon; username2Cookie=Adelia Conti; username3Cookie=Igor; comment1Cookie=WOW. c:; comment2Cookie=amazing job admin… thank you for sharing 600000 Clash Royale Gems :3 the most powerful tool ever! thank you c: this is legit website !; comment3Cookie=WOW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 15 Apr 2023 17:37:21 GMT
content-type: text/html
cache-control: private, max-age=31536000, must-revalidate
pragma: no-cache
cf-cache-status: HIT
age: 724816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzxFHbjtxl9NBayUX3GEAd0u9TBYQtagVW%2FEWeNt9muDNgGBTcRplsa959w9HbdjqS5J5OTzPw8sOTnf705dX6AUq12CvpXA%2F4wcC6AEI4LWFHUCvnNPvsfDBUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4bafde1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL GET HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 15 Apr 2023 17:31:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 643531063
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegular1.10;1ASC;OpenSans-RegularOpen Sans RegularVersion 1.10OpenSans-Regularhttp://ww\012- data
Hash 8c20320e2a77d984348f9e9aa7296b9d
0939a63b6a9982ab64f044dfc3a21dac2bca0499
0be48b762bdf588db02112492dfadcb3a098fad3ac5aa2ccc80568b799462c52
GET /s/opensans/v14/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 17:17:02 GMT
expires: Fri, 12 Apr 2024 17:17:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:46:31 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 174019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open Sans LightRegular1.10;1ASC;OpenSans-LightVersion 1.10OpenSans-Lighthttp://www.apache.org/li\012- data
Hash a69c5fa643b7208c4922909701e399ac
0560e8f641340a70d9c36b3d4106e42ac395f829
0a8b75177ccda56113a7a1bb9214c38276257846f9323226f74831f74ffc721f
GET /s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 19:44:14 GMT
expires: Thu, 11 Apr 2024 19:44:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Jun 2017 16:45:42 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 251587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
216.58.207.227200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
IP 216.58.207.227:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansBold1.10;1ASC;OpenSans-BoldOpen Sans BoldVersion 1.10OpenSans-Boldhttp://www.apache.org\012- data
Hash 5498784000b038638befe230ea392271
efef80115bdabd927501563197827a7ae837a19f
5848ca5f4af491c37907f2e4cb0e240166572edc90615a96d4702f2dce34800b
GET /s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 06:40:10 GMT
expires: Fri, 12 Apr 2024 06:40:10 GMT
cache-control: public, max-age=31536000
age: 212231
last-modified: Wed, 14 Jun 2017 16:46:24 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580325694&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0&@ohttps%3A%2F%2Frobloxdungeonquestep1.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:173707298&@b3:1681580326&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html&@w
149.56.240.27200 OK 52 B URL GET HTTP/1.1 s4.histats.com/stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580325694&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0&@ohttps%3A%2F%2Frobloxdungeonquestep1.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:173707298&@b3:1681580326&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html&@w
IP 149.56.240.27:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerLet's Encrypt
Subjecthistats.com
FingerprintF3:F6:9F:E3:A0:B3:22:C0:B2:93:4E:22:72:B6:D1:DA:40:BA:AE:9B
ValidityWed, 15 Mar 2023 12:20:28 GMT - Tue, 13 Jun 2023 12:20:27 GMT
File type ASCII text, with no line terminators
Hash db058f112b579df6eb9b69300c7aa9cb
71d7f74d604cb62e9728a7f81bb90b1e85fec9df
afda4626031897878331919eae99f050f87978ccdb64a6049aaf34afb872272d
GET /stats/0.php?4275781&@f16&@g1&@h1&@i1&@j1681580325694&@k0&@l1&@mRoblox%20Robux%20Generator%202023&@n0&@ohttps%3A%2F%2Frobloxdungeonquestep1.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:173707298&@b3:1681580326&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnowqo.net%2Froblox%2Findex.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nowqo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Apr 2023 17:37:21 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
nowqo.net/roblox/images/us.png
104.21.25.78200 OK 609 B URL GET HTTP/3 nowqo.net/roblox/images/us.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
GET /roblox/images/us.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Cookie: username1Cookie=Giselda Capon; username2Cookie=Adelia Conti; username3Cookie=Igor; comment1Cookie=WOW. c:; comment2Cookie=amazing job admin… thank you for sharing 600000 Clash Royale Gems :3 the most powerful tool ever! thank you c: this is legit website !; comment3Cookie=WOW; HstCfa4275781=1681580325694; HstCla4275781=1681580325694; HstCmu4275781=1681580325694; HstPn4275781=1; HstPt4275781=1; HstCnv4275781=1; HstCns4275781=1; c_ref_4275781=https%3A%2F%2Frobloxdungeonquestep1.blogspot.com%2F; timePosted11Cookie=216184; timePosted22Cookie=125263; timePosted33Cookie=67852
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:23 GMT
content-type: image/png
content-length: 609
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:24 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724818
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcAqjJ%2BLORBwsUO6QIFP36nzH%2F52sPTM9%2FX0LTME%2FRbZXnFghmh1%2BhK6H7z4i%2FKScBFkK3355wEjResRBBUlFS6DbPRUslkGTgZj3RLqtzKrRsSkFvCN9ffMwGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4ca7f56b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/btn-img.png
104.21.25.78200 OK 2.0 kB URL GET HTTP/3 nowqo.net/roblox/images/btn-img.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b750214f9a0276662f12acbbff0d37ce
65e094e10e2b933ab866a66b5f9b25321b99a0d1
db31dae896b9158c4d1c3f32525e6f63281fe9c671a5dc93236cac960013351b
GET /roblox/images/btn-img.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 1977
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 135537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCUOHyKhHTvjTiympzDGgVuZywHLHV%2BqCI3VaZlKpN0Pwa7zYZ%2B0KGnoJr3VgT12z7Alna%2B3m55FKkivAQjtmyVqN12GiEamCrCoBeSRA1rGTuB64wRDmwOPZLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9dc2ab517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/form-scripts.js
104.21.25.78200 OK 1.0 kB URL GET HTTP/3 nowqo.net/roblox/images/form-scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1061), with no line terminators
Hash 6199605916a54c185314b9c5d3b5e809
5fbe1148fc133ac41089c2fa9e50c32e91ba6541
6c7d18b6f23e412b7e2217aae669caf57c56c3de9e6c0f7099151c752512b139
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/form-scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1469
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3852os9TxFjGi9foNJjqbtEzmTskyEBBc7gE0OMHT5ngOPtqQhpRuLKlfdtRBlJYqjDVARKy3aQO410HS4u34HjMMY2959cvJonJkYEcFvV0x3ACfomeZhm7g4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83917b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/style.css
104.21.25.78200 OK 40 kB URL GET HTTP/3 nowqo.net/roblox/images/style.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (40387), with no line terminators
Hash 3e05a1f487075dc57f03535a3d6693da
6e4cccd476e7d09d261ebdc7563383d40ec3fa99
52079098bd4de80b7be963bc457d10467682b061619c1d5b96ed628f63c4cd9b
GET /roblox/images/style.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50839
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIfQcDELEgryk62CLiLUtBp6Z2zeE2LdVAflB%2F%2FUvlZpUebqC%2FtBfvRgkk2tUG6jWR0CdbfqKqU4AcTItVdQmiwehcPRVlx9Y7Cii0b%2F3x%2BTEF2BTf15TNNOEgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b828deb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/main-bg.jpg
104.21.25.78200 OK 838 kB URL GET HTTP/3 nowqo.net/roblox/images/main-bg.jpg
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type JPEG image data, baseline, precision 8, 2560x1440, components 3\012- data
Size 838 kB (838330 bytes)
Hash ba5d619ee57cf5acc6ebee951a24e01a
a0627942a4e280318a098576257027078cbc40fc
ff5ca3b41fff989a535f80c1119cca50d67fa99c759545a3fc484cc8124cf836
GET /roblox/images/main-bg.jpg HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/jpeg
content-length: 838330
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32IyooFjyj%2FLOGAgtH4crXsTY39EpwRUjavIMbnqomMf0HyhNbdaYWHGMkTmQupIPUon90rybz9vGR2gZal5PIrQzqGYfYlkBgb%2FobCi8Z8D5MVA7%2B9HaxWSqo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b97ba3b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/pr-l.png
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/images/pr-l.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash 6073469203244cc95b8fbe0996b8c405
60c3fe75fa9d7e3ae7f42f9a247d103b9841982a
7509fb455029a48272466bce43b17cf8247f769f9a4b9c51a03eba55924e11f3
GET /roblox/images/pr-l.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 16083
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M5KeqYl0A4AaVSj4OmKp4E2oA9n4ozOsIIkuOBnicuFU7pyEMtY70MVULxCjdIsM2WYvC9DSP3ULfLtNyQld7Afjtx1tnHMI0bNOsh5To9adXLM58H7m%2B%2B%2Fo3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9abedb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/validator.min.js
104.21.25.78200 OK 6.1 kB URL GET HTTP/3 nowqo.net/roblox/images/validator.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (6259), with no line terminators
Hash c542ac1e946658c7739d7c1244dd647f
5b34ad25a6933d25a3bec582821cdf7e598f90c1
e82795588f13566da7127ae782f27664653c7e7b6f9007c6c85f29580259a08d
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/validator.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cR%2BBVIov8XxgPMNyv16p0I8nR0KyZank1%2B4fQW%2FK1DhJk7dFnQjHEhZMFcN9fdV6yw4yU514il8fScax6ZE%2B1kjYsO79%2FV0AR0wO9YoQ%2BMz%2BL%2F2OiXoHat07Y5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b8390db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
104.21.25.78200 OK 701 B URL GET HTTP/3 nowqo.net/roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (701), with no line terminators
Hash 4dd713bb9231c5094e1c8bc8cb94271c
1e261f6ac19b4c601946704ed1ec811f278a0cda
2d49915f54be165095aa54b17aefae8370c8751ad2421caa309e70302f5f8a04
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/css8a7c8a7c8a7c.css?family=Open+Sans:300,400,700 HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=773
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 07:38:09 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVNLEJXgo7Qwpxc2Ivfw9kUSx3nc7b%2FOQiZoWAfkIy%2Fw8N9w9v%2BcfX4XZ7GxYiUSA7IrCvgypjHvQoWDrwkmRS8hWPUE%2F6ILVvqLn%2BwpYfPjj%2FrUPmfA5UWttyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b818cbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/font-awesome.min.css
104.21.25.78200 OK 28 kB URL GET HTTP/3 nowqo.net/roblox/images/font-awesome.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (27546)
Hash a6f297631a1940d525722690710b0f97
60aab26a9c55134097fb9a03594466bf2bb34e4a
8b8fe494229dedb933c6df5dac600a7f6116f989c84241f65c295f44603b4165
GET /roblox/images/font-awesome.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKJHispGFPzZyXZnDTcBcKYyz29FkHzJJ0nh3hTvtgYA6moQTvNMchUERs5bkXp06p1fQdPrjsuDmLA3idsgrB926kSTQC3dHopqy9rQqy2U0vnAy1CBtZoj%2FAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b818d0b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery.countto.js
104.21.25.78200 OK 2.4 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.countto.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (2444), with no line terminators
Hash a6f0589b555439689640128b06aa0939
f80bffb556fc22186d16ce3d39d87e5a1108ba58
33720d2262ad062abab7369d39eb004338e25d64ee85ca4e0ddf0e63b3456943
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.countto.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3761
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 154343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM1HaSFEspWnsaWYPEQGN%2FCFF5Gpq0HlXe2JOade8O0cRtV8pB1kmxXcnYRVizok0PCP3MJD4jqZPqHCmivvU17sTE%2Bg60QbI8Ydx5u0PcEInvW8NgEaCVBzrqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83910b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fr.png
104.21.25.78200 OK 545 B URL GET HTTP/3 nowqo.net/roblox/images/fr.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash c1cf1874c3305e5663547a48f6ad2d8c
0f67f12d76a0543772a3259a3b38935381349e01
79a39793efbf8217efbbc840e1b2041fe995363a5f12f0c01dd4d1462e5eb842
GET /roblox/images/fr.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Cookie: username1Cookie=Giselda Capon; username2Cookie=Adelia Conti; username3Cookie=Igor; comment1Cookie=WOW. c:; comment2Cookie=amazing job admin⦠thank you for sharing 600000 Clash Royale Gems :3 the most powerful tool ever! thank you c: this is legit website !; comment3Cookie=WOW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:21 GMT
content-type: image/png
content-length: 545
cache-control: public, max-age=31536000
expires: Fri, 21 Apr 2023 06:36:05 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 119277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdDaS4h6he%2Bfj52%2FU%2Bnf6x%2BcxLBORrFE83b3MPKfBMJRJm704ONw5Uievv4YQ8pBt6OSRP4dh80OefDB9EkP%2BuOtlOlh6j0Glo3i3OSs4Lkd6%2FV5TvMKCIQohKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4bafde2b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/panel-overlay.png
104.21.25.78200 OK 3.1 kB URL GET HTTP/3 nowqo.net/roblox/images/panel-overlay.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
GET /roblox/images/panel-overlay.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 3116
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 724815
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5FodcQPmSq2gLjDaP0w3dNzqWElvsP%2BRNMSNOBrb1O%2FKJBx8ifd5znASVwe7IxBMFavF12QF0hWxnw%2BUqXJuexTrWcsHwdnwFsI0CNUb%2FXvpi69gp4WRIlcyVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9dc2bb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/bebasneue_bold-webfont.html
104.21.25.78200 OK 15 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_bold-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15216, version 256.256\012- data
Hash 343da8bfb3e5f68623f89728e3ac70d5
1e7b5280d24e99691a8023445a80f1a57deb5437
b4cca3534c900c315be9a8d4ca33bb9de6ae987c7e0f22988f9d43913a942fb5
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_bold-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 500419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWM0HjA3VaIO7GpFC7xhFAu6lYtddwOqdrphK9XWrExQYtnc8N80RCc6o3Xjg0q%2BbDxS2On%2F0bl6aUbyS1%2Be1A7NCNgqtFUOINcJhzonnofmtF3EsDNpzeFFOtg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b9dc2eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fancyselect.js
104.21.25.78200 OK 4.6 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (4603), with no line terminators
Hash 92c244c894555150753073da06e55e31
a0a8a538f3ed30b961ba4ec675703bb194f9504b
058b437a45ec442b638acadd5ac716c0c378a52dba7ff715e16e45e491dd2c8f
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/fancyselect.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6778
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZkjyAtjJPMhmWzWMfYbXYDXYtopCaA00BOhiv7gQw5q1Alt3%2FmPmiDsrOob%2BKOZ7J3X9S6kF9HF7Vsw1YLTuvNNcD%2BttsOQEW4zkDFJNjbPryVMJrKD2AwUQ%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83915b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/jquery.magnific-popup.min.js
104.21.25.78200 OK 21 kB URL GET HTTP/3 nowqo.net/roblox/images/jquery.magnific-popup.min.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (21014)
Hash be3333626c57af03599abcb59b325e09
3824067348f6485d6b07d3a43660804e3731b21a
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/jquery.magnific-popup.min.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbkTDip5cxHddB3Nm0paM9ZU0bYcTKZhsovu71cT7NHGSbtZtOEjh4xPnj1U%2BNkr4Ra8gNPKH%2FzBnfCZvXPER5cYpIYYzk9OUGM3uTfsJuY0j2PFy4SFoaRhiL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b8492cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/main.js
104.21.25.78200 OK 34 kB URL GET HTTP/3 nowqo.net/roblox/images/main.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (24637)
Hash b4a27b956eccd646f3bc2b2b2b6503c5
6df97b44c507a440a3c1dd6873b44fbc95e92fb1
948fe10b1ea0b581c4871ae90f94882ed8945bd19c9ce0352b20ac0467dc145a
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/main.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=38451
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwjMJKkPAucKaDR4qlJzDMBsZTcI0WMqVQzYLG%2BBzWWXM%2FOr83XnwtR6xTEfR4clKe5B1kyCU3AucIHNOcylCFknt1YyS46U8gJ8NQbOenxJHz7%2BwhsVzF7JVBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b8492eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/fancyselect.css
104.21.25.78200 OK 3.6 kB URL GET HTTP/3 nowqo.net/roblox/images/fancyselect.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (3597), with no line terminators
Hash b86846846243a51557217cb783b39128
0199ad38dc1de1aeac470288bd1b8ecff464fd5d
a7b61a6c6412f3bacecc0bb6da9d0f6ff60ebb115c66458bd4031518d2cf01e3
GET /roblox/images/fancyselect.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=4253
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsZ60Jri7hJFObJBkF%2F4zvtzXt3Fmhpv%2FGryETEM5R5%2B%2Fc0V1ifF46k%2Fi16gpTn2db4rhikU0Wl0Zyz4gR46Du%2Bo1odI%2FAD8nb24MoUbz%2FlbGQaCqRvPfOEhEq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b828dab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/com.js
104.21.25.78200 OK 15 kB URL GET HTTP/3 nowqo.net/roblox/images/com.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/com.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=17963
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii9KcG16dlGy1IFi0wm%2B%2FiQOSx79uGNWi4%2B7ylFuUcVtLnFcEkKs4CllSqOa1empBjNySPwbwyG8PxCYmkj1X66Ed%2FDkNLB9XUxtGtRgQ3PlRTn0jY1zae2CGkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b83916b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/scripts.js
104.21.25.78200 OK 196 B URL GET HTTP/3 nowqo.net/roblox/images/scripts.js
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with no line terminators
Hash 30110b3852b1800156f09776b7f8abc3
b3016d5bcc5d32713d4841b7430e8a36a08f4d82
c7b5716b450a19a471d68d99302a1aefc97409ad09b5248b7493052fb515f9ef
Analyzer Verdict Alert fortinet Phishing
GET /roblox/images/scripts.js HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=225
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch4G6HK7c%2BdSlREZ%2FbwE%2FJxcH%2FNFcxNsd6uGboj0B2xoI%2FNJx0b7C1teLeXhi6LMgwSVupjZRYSepHU5VSKhCqn4huIFhYa9f%2F50430DlDDY3EeQj6pxEx94aHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b8492db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/button-dot.png
104.21.25.78200 OK 672 B URL GET HTTP/3 nowqo.net/roblox/images/button-dot.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
GET /roblox/images/button-dot.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: image/png
content-length: 672
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:19 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 154343
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC0rdRjTci59rkbnUUWfzLSkMFAsv%2F4798MIxF8hxQyuThvlVP6pSMMZNFaM1tLj8wq3WlgDdJIyJSK7BLze3RxPMnGTpq3NGK4BZf9LE089cDqj59YJ5lnsHB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4b9dc2cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/bootstrap.min.css
104.21.25.78200 OK 121 kB URL GET HTTP/3 nowqo.net/roblox/images/bootstrap.min.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (65371)
Size 121 kB (121232 bytes)
Hash 8b87a8e987b9a45b9e0da2e5f39983cb
bdbf574851f685ad05a4a822833cb9a5ea0fdd6b
fca4c4db5947606896e8672940b609fae48de99c683c0a7128a94c24a6888fb3
GET /roblox/images/bootstrap.min.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3r%2F2y2hBAAmGEmZO2syLU5B98ASp1N9YEoLBcVAfXId6gLm0ObPzEYem%2BnVkwQG7Ra%2BerSVr%2BUKDcwTGh0eoxztReTuB5BDLQ8dgEwY%2B3f%2BboPNeQtkDGli0vA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b818d4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/bebasneue_regular-webfont.html
104.21.25.78200 OK 16 kB URL GET HTTP/3 nowqo.net/roblox/bebasneue_regular-webfont.html
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 15948, version 15811.-24832\012- data
Hash e40e33db088776dcc998d8e79263d860
ae07a83cee583252d5a2bc27b3e5efed83f8dfe9
80fe1f0f417a2e7373882d874e71bc40385c74e453bfb9e2cb8b14e2b70d4842
Analyzer Verdict Alert fortinet Phishing
GET /roblox/bebasneue_regular-webfont.html HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/images/style.css
Cookie: username1Cookie=Giselda Capon; username2Cookie=Adelia Conti; username3Cookie=Igor; comment1Cookie=WOW. c:; comment2Cookie=amazing job admin⦠thank you for sharing 600000 Clash Royale Gems :3 the most powerful tool ever! thank you c: this is legit website !; comment3Cookie=WOW
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:21 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 500420
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n21WO7AFMfmJ0LzYOFW9rRjd%2BhRewrQPLO7vnLUd6rXVz9tytbGA7EX85qCzZw5vumZQaT8sB%2Fq8ci2aqBqxnXNnXlSYCcgDE5MwEB9ZNlhJt1m0EggH58cOgf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4bb0de5b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/custom-css.css
104.21.25.78200 OK 1.6 kB URL GET HTTP/3 nowqo.net/roblox/images/custom-css.css
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type ASCII text, with very long lines (1606), with no line terminators
Hash d34740a6a9be71e4be3a3f85bd9ecf8c
7554eff0bb6aba275be019a2bb94b9e7f22890b7
00f0b781fe8a57a9f9844786f6570ce1aad98d4e14ec99fed38d8274f23a4a87
GET /roblox/images/custom-css.css HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1790
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:18 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 724815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BnFytYFLRAnNUcaIzf90GcyjFfR4H%2F2MJu8wc%2Fq7Y0Z43QF7%2FXQgJ7yBzz8Tu3%2F4T8SfS8Bu7EiNQM9YvRDkOKTy9SmP3BsgvTfAYi715OwWWDEoc%2FBtXlh%2BRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b85f4b828dfb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nowqo.net/roblox/images/gamebag-favico.png
104.21.25.78200 OK 3.3 kB URL GET HTTP/3 nowqo.net/roblox/images/gamebag-favico.png
IP 104.21.25.78:443
Requested by https://nowqo.net/roblox/index.html
Certificate IssuerGoogle Trust Services LLC
Subject*.nowqo.net
Fingerprint4D:F9:79:11:BB:71:F0:57:06:92:43:6D:46:F2:D5:42:7E:73:1B:4E
ValidityTue, 04 Apr 2023 14:41:31 GMT - Mon, 03 Jul 2023 14:41:30 GMT
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash e84f0caa809a15b2aaa9cb93bbe6669a
22a330ad580aaa6b2232307a87b981adc7fbf38f
1f98c982fd0c9b5e6af138a4cb160f509bda9fcc7fa0a9463fa6cf11513c151f
GET /roblox/images/gamebag-favico.png HTTP/1.1
Host: nowqo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: nowqo.net
Connection: keep-alive
Referer: https://nowqo.net/roblox/index.html
Cookie: username1Cookie=Giselda Capon; username2Cookie=Adelia Conti; username3Cookie=Igor; comment1Cookie=WOW. c:; comment2Cookie=amazing job admin⦠thank you for sharing 600000 Clash Royale Gems :3 the most powerful tool ever! thank you c: this is legit website !; comment3Cookie=WOW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 15 Apr 2023 17:37:21 GMT
content-type: image/png
content-length: 3340
cache-control: public, max-age=31536000
expires: Fri, 14 Apr 2023 06:32:25 GMT
last-modified: Tue, 08 Oct 2019 06:00:24 GMT
cf-cache-status: HIT
age: 520021
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3GdJHGBwOPJKcc5C6WmYPTnMlrgAHdIMBvCyIYWCRzVgaJDGTbUzEK0iOL1KLPF1yd%2F1o21yENSswYH6kVDiJR9%2Fo0EYblUyLFRF9ZZ9ALSugZBHa58VXwIu8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b85f4bb9ecdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400