www.googletagmanager.com/gtag/js?id=AW-1065449093
200 OK 75 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1065449093
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT
File type ASCII text, with very long lines (4179)
Hash e270c778b57abab2ad97e5ec34a7706c
1fb1a8750bb0f12d2a3a77797e97d6a1b3ecafc6
1fe574ee0c4dce5f86f791fd89008fdf568dc0621d6d1ebf9a368ecb5516fdd5
GET /gtag/js?id=AW-1065449093 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Nov 2023 17:51:16 GMT
expires: Wed, 01 Nov 2023 17:51:16 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Nov 2023 17:17:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
roblox.fm/privateJs/ProfileStatistics.js
200 OK 3.0 kB URL GET HTTP/3 roblox.fm/privateJs/ProfileStatistics.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (4703), with CRLF line terminators
Hash 2616d6f02432e40a20986d0ee5bcccf7
9343da3d6b1399453b5f8d3540479c3c0adcaddd
91d9ce27543a1b31c50cc3bb3d3e3eb46491f8d97d716ec95d8e95bdc3b4e408
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/ProfileStatistics.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e6-1351"
last-modified: Fri, 20 Oct 2023 17:12:06 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 5710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BVvCJlZ5j4UlrC6AXj7ihsBa%2BzyByjM4XT4Ou%2Bl7eF2Nk00H2zm0T%2Fq4l0taJeae6NaM6wlDO8nuXnPr1iO41I%2FyJUIH6df9573pxI%2B8Jb%2Bt%2BM4cjueHwNVasg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc188b3c5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/57d1b7776de993a3bf8ace38e6efd8f8ce5b9a294362c029990f0cf131548531.js
200 OK 804 B URL GET HTTP/2 js.rbxcdn.com/57d1b7776de993a3bf8ace38e6efd8f8ce5b9a294362c029990f0cf131548531.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (555), with CRLF line terminators
Hash f2614bff7a65f7ebf8798493bed698d7
2fe435c824fc6d7ce227082904edb06f84a2277d
f02997b17a11bd547e9b27e00849d785a450504166558f5edc89c593f966fd1c
GET /57d1b7776de993a3bf8ace38e6efd8f8ce5b9a294362c029990f0cf131548531.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 804
x-amz-id-2: DV1+YZl2/rZTaBRMgvuafYmHtbqzF7M+RwfBZEpj7c+7F4+h3WxYuRHBCq+RCUk6G5T1leWmsqc=
x-amz-request-id: 9P5SA74XDCJ3E832
last-modified: Thu, 21 Apr 2022 00:10:49 GMT
etag: "f2614bff7a65f7ebf8798493bed698d7"
cache-control: public, max-age=31536000
x-amz-version-id: 2_k2oWPLRmyzBJRHt61Qz5q1xhheaVZb
x-cf3: H
cf4age: 582023
x-cf-tsc: 1698289433
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: d937dff4e485d7354fb8bbaf2a3bea94
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/85ed22a4ebb30dc7d2430167dc9ee0a29803bb069c9a47ae76ae20f1b756dc5e.js
200 OK 649 B URL GET HTTP/2 js.rbxcdn.com/85ed22a4ebb30dc7d2430167dc9ee0a29803bb069c9a47ae76ae20f1b756dc5e.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (406), with CRLF line terminators
Hash 785f137b4e475979e09c1023ab6e2740
b9c37af74ea14360e273fbf2fbb9bd6de1291e3c
cfe619153c93f6b8247db16ebd3f9dd6f3c803f7669dd986f63f3f9c7ee2f47f
GET /85ed22a4ebb30dc7d2430167dc9ee0a29803bb069c9a47ae76ae20f1b756dc5e.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 649
x-amz-id-2: kdTsiyNSpLekyutK3QMzR8AbXNOVVtNUg4qsgDTbh9Va0O2P1qMV8VjmbAgn9rn6WYJfvz2DVQg=
x-amz-request-id: AE4A5NCDF90XZEBA
last-modified: Wed, 12 May 2021 03:21:57 GMT
etag: "785f137b4e475979e09c1023ab6e2740"
cache-control: public, max-age=31536000
x-amz-version-id: CTcLNqOVD6jSZfOlZkOozgD3bwpz7MVD
x-cf3: H
cf4age: 878343
x-cf-tsc: 1698236946
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 79c00bc91f34e56369d4df431d9e3bb5
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/9ca5f98bde05bf7b6909fff04495bf29745b2a47696a1ae7b9acaf370bd97783.js
628 B URL js.rbxcdn.com/9ca5f98bde05bf7b6909fff04495bf29745b2a47696a1ae7b9acaf370bd97783.js
IP
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (399), with CRLF line terminators
Hash cee42188688fd33e91fe4dc343816738
a46a4daf4fe352315ceb904f527d5375b8aa74e2
9850a415a2fa09ea5b5883609c2c5cdebd0bf9bbb6429fb2a70aba0c493bf1fd
GET /9ca5f98bde05bf7b6909fff04495bf29745b2a47696a1ae7b9acaf370bd97783.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 628
x-amz-id-2: aGvyyeyA+/ZjRpr4hJ2W/yoPAbs9Tcg61G1FK1FfDZ+PtMEVSRU1uImhRtktJ+49ey+BLdOz8Tg=
x-amz-request-id: JAFXAZNA842GQ7B7
last-modified: Wed, 12 May 2021 03:21:56 GMT
etag: "cee42188688fd33e91fe4dc343816738"
cache-control: public, max-age=31536000
x-amz-version-id: UqjfhVvmo29vyLZrf_x7BlkiN43EpcFA
x-cf3: H
cf4age: 335715
x-cf-tsc: 1697694330
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: d742acd5c59ce5d4681334b945df6ba5
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/a5d76f662cc98d13a65d323097497aa93948409caf12b33464400259111e8082.js
200 OK 593 B URL GET HTTP/2 js.rbxcdn.com/a5d76f662cc98d13a65d323097497aa93948409caf12b33464400259111e8082.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (356), with CRLF line terminators
Hash 1cad216092c713c673a35eff63525729
85d77ed432bedc7dd43cc3cb731e44d184485db6
0eafa8e28cb8d98e89200051d1a7859746ba876b2858b6a99407f6472a39ddfd
GET /a5d76f662cc98d13a65d323097497aa93948409caf12b33464400259111e8082.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 593
x-amz-id-2: 4oZRsRS/a8iuets9c8345EqF7jvcNJJHG20lfhh9JjNh9upbIaKQWrMQF+WHXMPxOhJMH/xNVr8=
x-amz-request-id: YN6EQQJXYZKJEABG
last-modified: Thu, 11 Aug 2022 00:10:37 GMT
etag: "1cad216092c713c673a35eff63525729"
cache-control: public, max-age=31536000
x-amz-version-id: 37omD24ik8GTRY4gZ3j29HXXOTsiYouJ
x-cf3: H
cf4age: 724707
x-cf-tsc: 1698083309
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 20f8020ffb7e51104fbbd78792fdc4e5
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/385a62cb16e1c8524da81c17728733d79e3ad9ccbc342d982fe79352f8785dba.js
200 OK 783 B URL GET HTTP/2 js.rbxcdn.com/385a62cb16e1c8524da81c17728733d79e3ad9ccbc342d982fe79352f8785dba.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash d239cf79fdfe81835a0c080aee6fb6fb
17fab64ef2596fb37e6eedf00c60d406bbd5e689
f161c01df48857b9f17ba71eaa4346bb7a050f3ce207c71c6070fb194ad33c47
GET /385a62cb16e1c8524da81c17728733d79e3ad9ccbc342d982fe79352f8785dba.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 783
x-amz-id-2: CuxwxLhfXEWD3bV7KuWwgtbuD8ndri05DloVcI/pF4aFIot/sz5UqEw4W9r5TndbtwbiKXt733Q=
x-amz-request-id: Y78VBGKDW7BNA75J
last-modified: Thu, 21 Apr 2022 00:10:49 GMT
etag: "d239cf79fdfe81835a0c080aee6fb6fb"
cache-control: public, max-age=31536000
x-amz-version-id: koUf9rxclE.kXI_CXXKKe5ipsP7w0hLp
x-cf3: H
cf4age: 6179
x-cf-tsc: 1685589064
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5dc3d8b4a8971bbccdc615fa0ec61952
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/8849783a45e85b04232d3a71e9efc2ce8a5d4e0e072bb37740fe2f5acd0ef50a.js
200 OK 614 B URL GET HTTP/2 js.rbxcdn.com/8849783a45e85b04232d3a71e9efc2ce8a5d4e0e072bb37740fe2f5acd0ef50a.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (363), with CRLF line terminators
Hash c3e2b605634d1db5428955d023d35a3a
7fb343d714a8776ebcb259eae7d4d4a607cbbdf3
6d720174fd22919e031fb9800c7db5d83a0dfbbca2323aa5d9dc2da25fb68c6c
GET /8849783a45e85b04232d3a71e9efc2ce8a5d4e0e072bb37740fe2f5acd0ef50a.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 614
x-amz-id-2: rxhBOpGozndPIwZYig5ifU08oimfo0cfg8i0O1OA735CXfbl5/6xnpmNBWCmQjcrEyJ/NhCSJ7Q=
x-amz-request-id: AAAG8D553ZGX9SJ8
last-modified: Thu, 11 Aug 2022 00:10:37 GMT
etag: "c3e2b605634d1db5428955d023d35a3a"
cache-control: public, max-age=31536000
x-amz-version-id: FRUVY5IROG66FaFtCdaWb_wHf73CBF5J
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5950ec6c63b5a241fe82c7f442393f36
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/f173dcac2f8b211cb232d5295be7540816f52e299ec7086b07f27ddf9ce0a2c9.js
200 OK 711 B URL GET HTTP/2 js.rbxcdn.com/f173dcac2f8b211cb232d5295be7540816f52e299ec7086b07f27ddf9ce0a2c9.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash a40a77cc5b857924ebec5b7a960e5395
e1c832ba08cf28dfc8750eb5d9a42ec784c8c240
d311ee0c873743e4320a4029d1dd783e1ff166240e03577ead69a6ab197b7ce0
GET /f173dcac2f8b211cb232d5295be7540816f52e299ec7086b07f27ddf9ce0a2c9.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 711
x-amz-id-2: CirCVjI1QUDwyk9SSRem8kEpwkGGQ1ytVp/BaVlYWuBM4kIDNm5DCrHcxrBrBqqgM3eaafQO0lY=
x-amz-request-id: YJ7MK192RGSXB2K5
last-modified: Tue, 20 Sep 2022 20:10:21 GMT
etag: "a40a77cc5b857924ebec5b7a960e5395"
cache-control: public, max-age=31536000
x-amz-version-id: 1PT6DrSW9fTve6iC3NdRdUYT5ycUWa.C
x-cf3: H
cf4age: 724699
x-cf-tsc: 1698083310
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: aea7f6203d893fac432abfc4fc860d27
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/98b97c4779bb10baadfc8a5a1ae049bba5dd9409be06896754f1446ab2048a60.js
200 OK 690 B URL GET HTTP/2 js.rbxcdn.com/98b97c4779bb10baadfc8a5a1ae049bba5dd9409be06896754f1446ab2048a60.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (457), with CRLF line terminators
Hash f1f6dde59f69afd0b7d7463189e7f986
1d03219cd324f2d9bddc8e13c92adc203c87bc5a
40d0866e7504a2a870ddc618b2423bbb650533e68278ffda371d6ad6d62f8986
GET /98b97c4779bb10baadfc8a5a1ae049bba5dd9409be06896754f1446ab2048a60.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 690
x-amz-id-2: C/U5xyyLAR2eMruThHkfExjx+exncZAtfCxz/Mgb5RPw9WZgHvDu3LVdxzJdIjd088Lj/JcBXZo=
x-amz-request-id: AD2WE57E6PC18RVZ
last-modified: Tue, 20 Sep 2022 20:10:22 GMT
etag: "f1f6dde59f69afd0b7d7463189e7f986"
cache-control: public, max-age=31536000
x-amz-version-id: .A_bkJeUlpkbOkSggMVbkJEz6N0MLJY5
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358637
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 15d99c5cfaebf12383ee560519185e9e
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
accept-ranges: bytes
X-Firefox-Spdy: h2
css.rbxcdn.com/2c2a709240897ce382b7ff55be4347cd0994ab1e2d6ed3b56649e54b0e97e13a.css
200 OK 639 B URL GET HTTP/1.1 css.rbxcdn.com/2c2a709240897ce382b7ff55be4347cd0994ab1e2d6ed3b56649e54b0e97e13a.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (2403), with no line terminators
Hash e8f199f0cef481db4a12c2e1a3ef3fe3
fa8533d7f01329a48afd6ed03b5eaf5558812a69
de4d5f622b0d168175e83197607d670c2ce8e1f4f2653009a97bd55d6bc3b11a
GET /2c2a709240897ce382b7ff55be4347cd0994ab1e2d6ed3b56649e54b0e97e13a.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 639
Content-Type: text/css
Last-Modified: Tue, 17 Aug 2021 18:53:19 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "e8f199f0cef481db4a12c2e1a3ef3fe3"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds231.sk1.shn,1698861076.cds231.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/9517d686dc47015c200496d77e2b18146ee37652d18e25ecf9e1ed230310ea13.css
200 OK 313 B URL GET HTTP/1.1 css.rbxcdn.com/9517d686dc47015c200496d77e2b18146ee37652d18e25ecf9e1ed230310ea13.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (724), with no line terminators
Hash 676840de2a10ffe36c98ee39c4d817c6
2d0854ac18fefe979f5b0d15f621252661855111
dbe1dc81a20a17c44551dc145ab6f6ad991d07eee6354aa5b91814350944322e
GET /9517d686dc47015c200496d77e2b18146ee37652d18e25ecf9e1ed230310ea13.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 313
Content-Type: text/css
Last-Modified: Fri, 02 Oct 2020 16:51:49 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "676840de2a10ffe36c98ee39c4d817c6"
X-HW: 1698861075.dop216.sk1.t,1698861076.cds213.sk1.shn,1698861076.cds213.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
js.rbxcdn.com/1057677ca91f349db02f7b279cdfbf25bec8098a13c7870317f7ad4cd4779a97.js
200 OK 722 B URL GET HTTP/2 js.rbxcdn.com/1057677ca91f349db02f7b279cdfbf25bec8098a13c7870317f7ad4cd4779a97.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (473), with CRLF line terminators
Hash 250714e191e226cfb87558ff95b08d6f
d23414e3e7752e75d5863ddc1dab9f7568da257c
e5ebf4da85d91400418142c4897fda22e927c895bbac921aa377f51fcca2deaa
GET /1057677ca91f349db02f7b279cdfbf25bec8098a13c7870317f7ad4cd4779a97.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 722
x-amz-id-2: eHSxJoHtq3RdTsYr2TFKaI+MQ7jsxo8uK2M9uIopEAE3H2rQkG8BLt4gJ46TpCPgPbqBUstVOAc=
x-amz-request-id: H1EDYDPXMGMTJYV8
last-modified: Mon, 28 Mar 2022 20:10:58 GMT
etag: "250714e191e226cfb87558ff95b08d6f"
cache-control: public, max-age=31536000
x-amz-version-id: 2zrhffyPnYaRAASyPlciuv0QKWZeBwTM
x-cf3: M
cf4age: 0
x-cf-tsc: 1692001726
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5cdaee964aa6b18b62fb2244f693926c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/3241cdd45931acc3efce4b49df4fe9583ed09d79994cc782364a84c4e851af5c.js
200 OK 701 B URL GET HTTP/2 js.rbxcdn.com/3241cdd45931acc3efce4b49df4fe9583ed09d79994cc782364a84c4e851af5c.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (466), with CRLF line terminators
Hash b4c3102da5845245f0724045bd201d0e
6ce7be31efd2e0203230c7b7d0fd1ea7523cd0f4
6caeee0448108a8695baf3e5282eb64b6d1927a32b1600e89d9d96ee0b99fb9a
GET /3241cdd45931acc3efce4b49df4fe9583ed09d79994cc782364a84c4e851af5c.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 701
x-amz-id-2: CsMa6Ynqy/K8oZA5k3Y3rA2jDCIu4UypusjOTu8UxIxuYgHZWdoYhEG5pz3i/iY+pHVyGsrSXZg=
x-amz-request-id: Y68JMR6SS09HXAE0
last-modified: Mon, 28 Mar 2022 20:10:57 GMT
etag: "b4c3102da5845245f0724045bd201d0e"
cache-control: public, max-age=31536000
x-amz-version-id: qhNH6vqu5UOuINUlYLAIJunIUm.FrsK7
x-cf3: H
cf4age: 668
x-cf-tsc: 1692020237
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 30a7e69c49366e4f8e49df2f896c1371
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/4963a609b0bb2465ffa6a7ad10bcff85662879d2f342f0cb1a2485320dd81eb5.js
200 OK 515 B URL GET HTTP/2 js.rbxcdn.com/4963a609b0bb2465ffa6a7ad10bcff85662879d2f342f0cb1a2485320dd81eb5.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with CRLF line terminators
Hash b7a9c8582e5d3c40de0b72014e68dd3e
5a22d54c69fa0a9f40ea5670a1e9f06b92317ac4
4dee6dd624201660b3822dde54e7bcfc25bef6fbeac90cdd81e466bc9ecd3b99
GET /4963a609b0bb2465ffa6a7ad10bcff85662879d2f342f0cb1a2485320dd81eb5.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 515
x-amz-id-2: yIHQEgqGGxHBVVDsyYK6hbw/8dZjTBHhkNbZ3UoqZaUhR+aUYKfjkZH/hHv1JUGms0VlO4pcpqk=
x-amz-request-id: AD2K2YYB9ME6ANV6
last-modified: Thu, 17 Mar 2022 20:10:53 GMT
etag: "b7a9c8582e5d3c40de0b72014e68dd3e"
cache-control: public, max-age=31536000
x-amz-version-id: RpWrZmjtviaVylssU2PEWr84uh_znRkx
x-cf3: H
cf4age: 326412
x-cf-tsc: 1697685049
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 42ef43ff9420b2b93c1300316d70539f
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
301 Moved Permanently 777 B URL User Request GET HTTP/2 IP
ASN #29522 Cyber_Folks S.A.
Certificate IssuerLet's Encrypt
Subjectbitly.ws
Fingerprint73:96:47:BB:4E:4A:1E:9B:CB:94:40:29:1C:9F:F0:E6:75:D2:E6:3B
ValidityTue, 22 Aug 2023 15:22:46 GMT - Mon, 20 Nov 2023 15:22:45 GMT
Hash 3dd9c21bc7640abe9d694d8c7e1bc284
7f5a9fd0306d3e295cdad2e6d492a882ef5e79e2
90842fb05e38963c22d3cdf2fadbe9607c93da33af19a8f00ac414b69accad53
GET /?redirect=Z99n HTTP/1.1
Host: bitly.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 01 Nov 2023 17:51:14 GMT
server: Apache
x-powered-by: PHP/5.5.38
location: https://roblox.fm/users/2633435479/profile
cache-control: max-age=0
expires: Wed, 01 Nov 2023 17:51:14 GMT
content-type: text/html
X-Firefox-Spdy: h2
css.rbxcdn.com/32c815a1608d7102619bf8568a37672d932127625ecf4c6c8fba93a3cdba688a.css
200 OK 91 kB URL GET HTTP/1.1 css.rbxcdn.com/32c815a1608d7102619bf8568a37672d932127625ecf4c6c8fba93a3cdba688a.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 988291a61d8f3be4e2deb11c934bc4dd
a22524be0b7babff1d7f7d0a42d7625a3a25ced5
1967158d24cb47c61ef1b1713257f1992da6bcd919f8fe564c6f5048f3ca230d
GET /32c815a1608d7102619bf8568a37672d932127625ecf4c6c8fba93a3cdba688a.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 91340
Content-Type: text/css
Last-Modified: Wed, 07 Sep 2022 02:50:24 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "988291a61d8f3be4e2deb11c934bc4dd"
X-HW: 1698861075.dop227.sk1.t,1698861076.cds253.sk1.shn,1698861076.dop227.sk1.t,1698861076.cds244.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/08def520152a575438e73a81aa9a310c2415c327df7b624a24aa6e794d24dba3.css
271 B URL css.rbxcdn.com/08def520152a575438e73a81aa9a310c2415c327df7b624a24aa6e794d24dba3.css
IP
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (483), with no line terminators
Hash 23e12161d0fe06e8be36968b15bd225b
3ac9909b4f8227a29981a008cd2809216ca04fe7
7f20f213d19cf5d49883b2ac02c45b3738a0696e9f72a395710ef4b93e395ded
GET /08def520152a575438e73a81aa9a310c2415c327df7b624a24aa6e794d24dba3.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 271
Content-Type: text/css
Last-Modified: Sat, 05 Dec 2020 01:43:26 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "23e12161d0fe06e8be36968b15bd225b"
X-HW: 1698861075.dop216.sk1.t,1698861076.cds213.sk1.shn,1698861076.dop216.sk1.t,1698861076.cds249.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
js.rbxcdn.com/c239c2a4cca7b50a6b45a6c32ee7ddfaa0bba7011c733c6db5aad0f6a7927d54.js
494 B URL js.rbxcdn.com/c239c2a4cca7b50a6b45a6c32ee7ddfaa0bba7011c733c6db5aad0f6a7927d54.js
IP
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with CRLF line terminators
Hash cbb2842bff660de3c19eef91328b6d14
a30f18b61015c15a1ae1a93e353be2f601a6447d
ebf9b940e1ff98a2c77cf8f53ccff5aa8c9cd4d532ef8625e37e0b5eeafd28e1
GET /c239c2a4cca7b50a6b45a6c32ee7ddfaa0bba7011c733c6db5aad0f6a7927d54.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 494
x-amz-id-2: prNwBONx59Uku5rNCIt67p0KuDX4CdNzVo9hjraKE7o1USuXgkV/Ov/xBTbdanIp9Z6yzXbXJVc=
x-amz-request-id: AD2VY70CCEZYA5P9
last-modified: Thu, 17 Mar 2022 20:10:53 GMT
etag: "cbb2842bff660de3c19eef91328b6d14"
cache-control: public, max-age=31536000
x-amz-version-id: TmyfCLoGrJpCA6V6prCQd823R7lH7bF9
x-cf3: H
cf4age: 326412
x-cf-tsc: 1697685049
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 2e867ce8d6d1be1f0e02d6d7c512715f
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/f7bc7a4de3c8aa28326ed2c129b1cc9bc68a3950f0fe706cd4a05a8f2def0043.js
200 OK 393 B URL GET HTTP/2 js.rbxcdn.com/f7bc7a4de3c8aa28326ed2c129b1cc9bc68a3950f0fe706cd4a05a8f2def0043.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with CRLF line terminators
Hash 68b30396f1a59cf3a8c8529837080187
eb49a11e76dee6b6c112c31e1e851ce964e8159b
33ddfc789b4a70eb72e8250ee6aeb2718dcea7eaf500768ca376e08701e92761
GET /f7bc7a4de3c8aa28326ed2c129b1cc9bc68a3950f0fe706cd4a05a8f2def0043.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 393
x-amz-id-2: VsPZhWagCpArgiG838PVF4xmsboqm5S/Sm7bHHS1XS5How2YZn93EkJ6OGwyL2JxCD3ubYzf7jw=
x-amz-request-id: 1ZEPG0MWVZHYV7D0
last-modified: Fri, 06 Nov 2020 00:23:16 GMT
etag: "68b30396f1a59cf3a8c8529837080187"
cache-control: public, max-age=31536000
x-amz-version-id: O6W71BTUyIHqzUO8v4PM9iQpBqRGxtjK
x-cf3: H
cf4age: 540646
x-cf-tsc: 1697899258
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 86c53ef8e6c61ffe2eac4202b774da12
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
js.rbxcdn.com/4ea99ba2ef9d519b636c937a4db0c28c6a0ff76b9cef296d553f250016b92613.js
200 OK 372 B URL GET HTTP/2 js.rbxcdn.com/4ea99ba2ef9d519b636c937a4db0c28c6a0ff76b9cef296d553f250016b92613.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with CRLF line terminators
Hash ea059889f5fec18cdd9c4d82ddcb78e7
964e7c017cc5aa6a5d7230d6f68a8c3117282ef8
a11c72e0c8a8e8ecc9eeac5eec5592919514587a347164225f6d4b5e344e367d
GET /4ea99ba2ef9d519b636c937a4db0c28c6a0ff76b9cef296d553f250016b92613.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
content-length: 372
x-amz-id-2: WwIMtuXrhqgD0zwcXtShRsi1Z+p/C8btJU/sMhyih8DofqZcF/5iTlZ37loQEYaqLpcfcNHABYo=
x-amz-request-id: 5RVGGPE1HJQX3FXE
last-modified: Fri, 06 Nov 2020 00:23:16 GMT
etag: "ea059889f5fec18cdd9c4d82ddcb78e7"
cache-control: public, max-age=31536000
x-amz-version-id: eLYbk_fSmz5yozpRePo9.H8u3EOncczQ
x-cf3: H
cf4age: 348772
x-cf-tsc: 1697707410
cf4ttl: 31536000.000
x-cf2: H
accept-ranges: bytes
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 202d7e9f0cf04a555586a5c2e4dbde44
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
X-Firefox-Spdy: h2
css.rbxcdn.com/cc0e1d21820c2614cbf118f5fbc90c66cce1f5440919479d223e2ddd2a0fc4e8.css
200 OK 1.3 kB URL GET HTTP/1.1 css.rbxcdn.com/cc0e1d21820c2614cbf118f5fbc90c66cce1f5440919479d223e2ddd2a0fc4e8.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (5826), with no line terminators
Hash f05d18ea85a3311ad160747b788268b2
9dd2f92e497e0bdd9da19c01a4ccdc424e6bfa94
d82f3151913495796611f1c2205b7400da45fbb2c1b7ac6c38d6f507eb2757ba
GET /cc0e1d21820c2614cbf118f5fbc90c66cce1f5440919479d223e2ddd2a0fc4e8.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1340
Content-Type: text/css
Last-Modified: Wed, 06 Apr 2022 06:31:01 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "f05d18ea85a3311ad160747b788268b2"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds231.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds257.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/5b78f24a5404361865e0b4270f7a5f530983e00cb93db4587fd8204050dc3cc7.css
200 OK 1.1 kB URL GET HTTP/1.1 css.rbxcdn.com/5b78f24a5404361865e0b4270f7a5f530983e00cb93db4587fd8204050dc3cc7.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (4850), with no line terminators
Hash a8d54469a5a6bcdf35573e33d6fcb5b9
5fbfe1d5b9d20e950d606d2d311fcef67755063c
5ab12999f4b9a14ea6ce28e6fd88c515434990ed960314868503be20193b26d9
GET /5b78f24a5404361865e0b4270f7a5f530983e00cb93db4587fd8204050dc3cc7.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1064
Content-Type: text/css
Last-Modified: Wed, 07 Apr 2021 16:40:36 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "a8d54469a5a6bcdf35573e33d6fcb5b9"
X-HW: 1698861075.dop227.sk1.t,1698861076.cds253.sk1.shn,1698861076.dop227.sk1.t,1698861076.cds225.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/2bf6203effb94dc7909c75c6e890108aa5379f32d538d88eb1533a78cacf322d.css
200 OK 127 B URL GET HTTP/1.1 css.rbxcdn.com/2bf6203effb94dc7909c75c6e890108aa5379f32d538d88eb1533a78cacf322d.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with no line terminators
Hash 8baa04421e0d5c6fa9d0fae04603e548
184679c533453ad3894fba9a12671e3fec7a5a00
cbe967b1d65be1f728b2b0acd7612cfcf8923cf2be958f1061a16fc48a514dee
GET /2bf6203effb94dc7909c75c6e890108aa5379f32d538d88eb1533a78cacf322d.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 127
Content-Type: text/css
Last-Modified: Thu, 13 Jan 2022 00:43:26 GMT
Accept-Ranges: bytes
ETag: "8baa04421e0d5c6fa9d0fae04603e548"
Cache-Control: public, max-age=31536000
X-HW: 1698861075.dop216.sk1.t,1698861076.cds213.sk1.shn,1698861076.dop216.sk1.t,1698861076.cds218.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/a261c14cb6895b82359002686abc19ff0038d71649f550f7255e2831cbd870dd.css
200 OK 1.6 kB URL GET HTTP/1.1 css.rbxcdn.com/a261c14cb6895b82359002686abc19ff0038d71649f550f7255e2831cbd870dd.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (6236), with no line terminators
Hash a265234fb90736114982896e10d81a21
18b9cc1561173f49665438b34c3db3080860c0aa
bea242d532be686b6742169b79c342ef343ae1fd81d51a43ce452eb755385a4b
GET /a261c14cb6895b82359002686abc19ff0038d71649f550f7255e2831cbd870dd.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1559
Content-Type: text/css
Last-Modified: Wed, 24 Aug 2022 17:02:03 GMT
Accept-Ranges: bytes
ETag: "a265234fb90736114982896e10d81a21"
Cache-Control: public, max-age=31536000
X-HW: 1698861075.dop230.sk1.t,1698861076.cds222.sk1.shn,1698861076.dop230.sk1.t,1698861076.cds218.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/da45920fef8b22d35ee6cce0702d290241252fbfd99695e2abc0934d20de0974.css
200 OK 218 B URL GET HTTP/1.1 css.rbxcdn.com/da45920fef8b22d35ee6cce0702d290241252fbfd99695e2abc0934d20de0974.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (434), with no line terminators
Hash b99c303f3ba644a8a6c5e5b69a96809f
de8bbd869cced07d0189e48f990d2b04a380eac2
0569e3633081ec425333bdc8c58d6a06254ffd1e30a79afa7a0eea47c2d0c78f
GET /da45920fef8b22d35ee6cce0702d290241252fbfd99695e2abc0934d20de0974.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 218
Content-Type: text/css
Last-Modified: Mon, 12 Sep 2022 15:57:56 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "b99c303f3ba644a8a6c5e5b69a96809f"
X-HW: 1698861075.dop010.sk1.t,1698861076.cds256.sk1.shn,1698861076.dop010.sk1.t,1698861076.cds014.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/af8cb63eb52ab7aacc87848677124fdb944ed943c878a55780b6c6a667da7ae5.css
200 OK 8.9 kB URL GET HTTP/1.1 css.rbxcdn.com/af8cb63eb52ab7aacc87848677124fdb944ed943c878a55780b6c6a667da7ae5.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c69bc38f2b4701d115aab4a19b996078
c5b39c34260cd2a3c3e05cebb786b705b70199d8
a82e39fb05a845625b83c42213ac9933fad6c5ca27e01ebe6b720ed5dad6be71
GET /af8cb63eb52ab7aacc87848677124fdb944ed943c878a55780b6c6a667da7ae5.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8882
Content-Type: text/css
Last-Modified: Mon, 12 Sep 2022 19:05:48 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "c69bc38f2b4701d115aab4a19b996078"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds218.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds253.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
static.rbxcdn.com/css/leanbase___5e469c309d1eeddf42cc9d36a50f82e0_m.css/fetch
5.0 kB URL static.rbxcdn.com/css/leanbase___5e469c309d1eeddf42cc9d36a50f82e0_m.css/fetch
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12506), with CRLF line terminators
Hash 71c6e4dcb559033bffb685bfcac9213a
25f961c9654c8b6ebdb65fc84b3e218fba9fe9fe
77dcc1c86b052027db7eeeec2d6bad3d899360ca512a5c8ff38db272e9cee5c9
GET /css/leanbase___5e469c309d1eeddf42cc9d36a50f82e0_m.css/fetch HTTP/1.1
Host: static.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sun, 01 Jan 2006 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cross-origin-opener-policy: same-origin-allow-popups
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src 'self' 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com client-api.arkoselabs.com; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.google.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com; connect-src 'self' *.roblox.com *.robloxlabs.com *.rbx.com *.rbxcdn.com *.roblox.cn *.simulpong.com *.lightstep.com *.ns1p.net *.arkoselabs.com *.kaptcha.com *.google.com *.google-analytics.com *.doubleclick.net *.sentry.io wss://realtime.roblox.com wss://realtime.sitetest1.robloxlabs.com wss://realtime.sitetest2.robloxlabs.com wss://realtime.sitetest3.robloxlabs.com *.braintree-api.com *.braintreegateway.com d1q2u37vreaobr.cloudfront.net funcaptcha.com;
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 5006
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: public, must-revalidate, max-age=31536000
expires: Thu, 31 Oct 2024 17:51:16 GMT
date: Wed, 01 Nov 2023 17:51:16 GMT
vary: Accept-Encoding
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider
access-control-allow-origin: *
X-Firefox-Spdy: h2
css.rbxcdn.com/0ada184ff07352e6ee303952ebf2689070ae5a1a83fb247c8413b463373911c2.css
200 OK 985 B URL GET HTTP/1.1 css.rbxcdn.com/0ada184ff07352e6ee303952ebf2689070ae5a1a83fb247c8413b463373911c2.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (3881), with no line terminators
Hash 5243b43919d5e103d2b8ee5aa0988bda
1be2d65a3dd7eb1ecd0276c2652a75178832ea52
a133563a8607b4331a9c0ea29c2f9022f67fa1338c811fbfb480fd52d32a49da
GET /0ada184ff07352e6ee303952ebf2689070ae5a1a83fb247c8413b463373911c2.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 985
Content-Type: text/css
Last-Modified: Mon, 12 Sep 2022 17:06:16 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "5243b43919d5e103d2b8ee5aa0988bda"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds231.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds260.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/b8f8f15a57a66e73469ae72eea7d8905346afa78b9f2397627cd099f7dcc779a.css
200 OK 143 B URL GET HTTP/1.1 css.rbxcdn.com/b8f8f15a57a66e73469ae72eea7d8905346afa78b9f2397627cd099f7dcc779a.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with no line terminators
Hash 4822b35d6907be7deb782a70cd7d8ac2
1ae9d83eb6fd731044d638013370ab016519b7b5
55fadb9d729a01259ece92f76daf5defd5b86755fcf3f1928fc5f2eef61fa0f6
GET /b8f8f15a57a66e73469ae72eea7d8905346afa78b9f2397627cd099f7dcc779a.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 143
Content-Type: text/css
Last-Modified: Tue, 25 Aug 2020 22:36:10 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "4822b35d6907be7deb782a70cd7d8ac2"
X-HW: 1698861075.dop227.sk1.t,1698861076.cds253.sk1.shn,1698861076.dop227.sk1.t,1698861076.cds225.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/5ec10f696511a19ac709adc0b92273ca5bbabc1191e973b12539d89634bdc2cd.css
200 OK 4.1 kB URL GET HTTP/1.1 css.rbxcdn.com/5ec10f696511a19ac709adc0b92273ca5bbabc1191e973b12539d89634bdc2cd.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (21047), with no line terminators
Hash 7376f57d471bc7e49bffbac288a7dcc8
b2bb686059cb1c46b752c999ad694a7330978e9e
fcf49821bf969ea7ff6b0bd0d8100eccc1e12dec55c6ac7c6383c4e35b787e31
GET /5ec10f696511a19ac709adc0b92273ca5bbabc1191e973b12539d89634bdc2cd.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4083
Content-Type: text/css
Last-Modified: Tue, 16 Aug 2022 00:10:58 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "7376f57d471bc7e49bffbac288a7dcc8"
X-HW: 1698861075.dop216.sk1.t,1698861076.cds213.sk1.shn,1698861076.dop216.sk1.t,1698861076.cds017.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/fdbc0173245f68440cbb311624eb6859d2e4024b89281763b7323e318a19c4c0.css
200 OK 463 B URL GET HTTP/1.1 css.rbxcdn.com/fdbc0173245f68440cbb311624eb6859d2e4024b89281763b7323e318a19c4c0.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (1446), with no line terminators
Hash 31cbf9e42a414b96edc1e24eec7723f5
4c230cd5eefcb1568940753938d1ea83b7b04c66
05bd93d58c26fa0e1f5520e92c5d47f1fa4f02e6432376b5a8b5a1b2fa2a0543
GET /fdbc0173245f68440cbb311624eb6859d2e4024b89281763b7323e318a19c4c0.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 463
Content-Type: text/css
Last-Modified: Wed, 29 Jun 2022 22:04:38 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "31cbf9e42a414b96edc1e24eec7723f5"
X-HW: 1698861075.dop230.sk1.t,1698861076.cds222.sk1.shn,1698861076.dop230.sk1.t,1698861076.cds223.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/cc693776e7662b9afb39b185b252b4f5e8cfb19436bf079b0bc6e2e970112c9d.css
200 OK 249 B URL GET HTTP/1.1 css.rbxcdn.com/cc693776e7662b9afb39b185b252b4f5e8cfb19436bf079b0bc6e2e970112c9d.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (739), with no line terminators
Hash 8df26f008a218a1aede20f4bdd99e50c
f199294f7d485111e7945c593eb9d097523521a1
16ff781c88767e093b0f4aeba086954de9190ab3b9d314eb2a3f6b31d5e7caf5
GET /cc693776e7662b9afb39b185b252b4f5e8cfb19436bf079b0bc6e2e970112c9d.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 249
Content-Type: text/css
Last-Modified: Wed, 28 Jul 2021 21:11:51 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "8df26f008a218a1aede20f4bdd99e50c"
X-HW: 1698861075.dop010.sk1.t,1698861076.cds256.sk1.shn,1698861076.dop010.sk1.t,1698861076.cds002.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/129861d1852d019164c5bf5998d0882e765bc89dd800e664420da05568ac5592.css
200 OK 681 B URL GET HTTP/1.1 css.rbxcdn.com/129861d1852d019164c5bf5998d0882e765bc89dd800e664420da05568ac5592.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (3612), with no line terminators
Hash ea474a9e79699d32aefcaee4c2f72b92
a75d3ed848fbc0805af2a408c59f04753830f3bf
d09c8f9c92eb4db4480efe4ba2b7cb6f7ef0b70340c736d2c7e2202a9dabd692
GET /129861d1852d019164c5bf5998d0882e765bc89dd800e664420da05568ac5592.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 681
Content-Type: text/css
Last-Modified: Fri, 07 May 2021 14:43:59 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "ea474a9e79699d32aefcaee4c2f72b92"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds218.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds258.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
static.rbxcdn.com/css/page___af916f7ef3a36ddc09248088d6b4ecfe_m.css/fetch
200 OK 8.2 kB URL GET HTTP/2 static.rbxcdn.com/css/page___af916f7ef3a36ddc09248088d6b4ecfe_m.css/fetch
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (27341), with CRLF line terminators
Hash b684c3e52f7a09a8d46cda81b6759a7d
b3cfc80ef61381da56e42d08b9aa37247899c9c2
8fba7ba8ca3368e8d040b6f91280f7a4ae46c8f8c604bf15b9c0b81bf7c6683b
GET /css/page___af916f7ef3a36ddc09248088d6b4ecfe_m.css/fetch HTTP/1.1
Host: static.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sun, 01 Jan 2006 06:00:00 GMT
strict-transport-security: max-age=86400; includeSubdomains
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src 'self' 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 8169
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: public, must-revalidate, max-age=31484093
expires: Thu, 31 Oct 2024 03:26:09 GMT
date: Wed, 01 Nov 2023 17:51:16 GMT
vary: Accept-Encoding
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider
access-control-allow-origin: *
X-Firefox-Spdy: h2
css.rbxcdn.com/b52536edd49882b6c7ffbb39e44d25c8f3a96eceb0bf94b4413e6ae9f6e2477b.css
200 OK 271 B URL GET HTTP/1.1 css.rbxcdn.com/b52536edd49882b6c7ffbb39e44d25c8f3a96eceb0bf94b4413e6ae9f6e2477b.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (887), with no line terminators
Hash ddc2e4d42437d759fa422b758bb74e15
83b872c10fea8d9df3808f7ba02c24df2883b881
1e865c5c6ef5b00894d36c7f24ee7973aa94b264b4c8fa18c7c8aecc761beed3
GET /b52536edd49882b6c7ffbb39e44d25c8f3a96eceb0bf94b4413e6ae9f6e2477b.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 271
Content-Type: text/css
Last-Modified: Tue, 10 Nov 2020 18:26:20 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "ddc2e4d42437d759fa422b758bb74e15"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds231.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds247.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/6fe55c3438539daf776774645e39e121d991246d6a38972b81e3f9550a585b5b.css
200 OK 2.9 kB URL GET HTTP/1.1 css.rbxcdn.com/6fe55c3438539daf776774645e39e121d991246d6a38972b81e3f9550a585b5b.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (12917), with no line terminators
Hash a3f2249b03a0c93f21df7bf11e05e42d
ae47cce5d828f236078a92fafc927d8aa9a6eba9
a145a3d9ca3579fe5ab398dc6c1936398cb3db591ef951a79e5cc9967c14fd48
GET /6fe55c3438539daf776774645e39e121d991246d6a38972b81e3f9550a585b5b.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2944
Content-Type: text/css
Last-Modified: Wed, 14 Sep 2022 17:01:05 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "a3f2249b03a0c93f21df7bf11e05e42d"
X-HW: 1698861075.dop227.sk1.t,1698861076.cds253.sk1.shn,1698861076.dop227.sk1.t,1698861076.cds217.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/5331669054807354a3a20a4717d18c566a7cbee984e7471ece3a2090cb70150c.css
200 OK 190 B URL GET HTTP/1.1 css.rbxcdn.com/5331669054807354a3a20a4717d18c566a7cbee984e7471ece3a2090cb70150c.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with no line terminators
Hash 70a6af37612b242c8d5080cc5cdfaeab
5e2b0457edf967b68a51805c8dbfd26e1cae75f2
8f1a729ef2b732680fe8f4134c962db639bf994825ff144d9c12a613b4593bee
GET /5331669054807354a3a20a4717d18c566a7cbee984e7471ece3a2090cb70150c.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 190
Content-Type: text/css
Last-Modified: Wed, 06 Apr 2022 06:29:24 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "70a6af37612b242c8d5080cc5cdfaeab"
X-HW: 1698861075.dop216.sk1.t,1698861076.cds213.sk1.shn,1698861076.dop216.sk1.t,1698861076.cds017.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
css.rbxcdn.com/d5a3728b78be729b693aadf79a1f45f0fa49c15fe863a0d7dd631b75f9e82207.css
200 OK 93 B URL GET HTTP/1.1 css.rbxcdn.com/d5a3728b78be729b693aadf79a1f45f0fa49c15fe863a0d7dd631b75f9e82207.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with no line terminators
Hash 9c33609893ba704e16ae19f563888e5a
9bcc2f77c6e9cdf2842b5a5ce8e8d236408a257c
2ccd7eaf7c0888ceb1e968925904718ef6371d7e00bcb60bf9a9a2044104a4b2
GET /d5a3728b78be729b693aadf79a1f45f0fa49c15fe863a0d7dd631b75f9e82207.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 93
Content-Type: text/css
Last-Modified: Thu, 26 Aug 2021 18:22:29 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "9c33609893ba704e16ae19f563888e5a"
X-HW: 1698861075.dop230.sk1.t,1698861076.cds222.sk1.shn,1698861076.dop230.sk1.t,1698861076.cds223.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
tr.rbxcdn.com/2938e6637a4d60631f7ad9d4e9821982/352/352/Image/Png
200 OK 200 kB URL GET HTTP/2 tr.rbxcdn.com/2938e6637a4d60631f7ad9d4e9821982/352/352/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 352 x 352, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199553 bytes)
Hash 2c4f1d1a01657e9031e1bde1442df062
13412bdc35ac977b6bb1d98971fdf53fec7f8cbe
dbdc7e260e6f41e62d64e5497626d587153ffd7a30ecf1a8a764fdfb992e42c9
GET /2938e6637a4d60631f7ad9d4e9821982/352/352/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
pragma: no-cache
content-length: 199553
content-type: image/Png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=3600
roblox-machine-id: CHI2-WEB5177
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:17 GMT
date: Wed, 01 Nov 2023 17:51:17 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.rbxcdn.com/4bed93c91f909002b1f17f05c0ce13d1.gif
200 OK 10 kB URL GET HTTP/2 images.rbxcdn.com/4bed93c91f909002b1f17f05c0ce13d1.gif
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 164 x 48\012- data
Hash 4bed93c91f909002b1f17f05c0ce13d1
26de4c017ad0a46c5dda61020bbf4c10631ecc44
abe5cc7ec81a92de937f9402e5c9b31a55f8d50e984e66a876e05d2d0603cfe3
GET /4bed93c91f909002b1f17f05c0ce13d1.gif HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: UQewGHzbu49n3A535/2IJeqfacvfZRuWC0lwvzHeXyMFQq4EL+kQB/G0m9tYCzi7tZ5/ROqE5t0=
x-amz-request-id: 025FF33D22390889
last-modified: Thu, 21 Apr 2016 02:38:14 GMT
etag: "4bed93c91f909002b1f17f05c0ce13d1"
x-amz-version-id: qOg.FaHOwd4AAXei42ka2_sDUER_aW1K
accept-ranges: bytes
content-type: image/gif
content-length: 10529
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=23491689
date: Wed, 01 Nov 2023 17:51:17 GMT
X-Firefox-Spdy: h2
js.rbxcdn.com/aac542106f7f77697cbc3b36ab3cf0619bf9b69a1af0983e59dfeb6c36652d3b.js
200 OK 2.7 kB URL GET HTTP/2 js.rbxcdn.com/aac542106f7f77697cbc3b36ab3cf0619bf9b69a1af0983e59dfeb6c36652d3b.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 309f01ff26f0ff96b50d3aba3bc30508
8301a64524e2da09d03c257b6a087a8e9ec9b2a6
ee96e8aae10c5f46edbf951b56ad5572f14fee8bfe4460d81f15ea18402565bd
GET /aac542106f7f77697cbc3b36ab3cf0619bf9b69a1af0983e59dfeb6c36652d3b.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: zBK4OSFHafjYi7pw1pNNO0/UimEI89+qqkJdOGxb8ipE3IHKmRs9peL02p7BNNXMPFOrIzw8PyA=
x-amz-request-id: 1C7Q53505YP204FF
last-modified: Fri, 22 Nov 2019 06:07:26 GMT
etag: W/"412cb4ed0f38462ac1269717a19f0f75"
cache-control: public, max-age=31536000
x-amz-version-id: XUAG0VGmyCqpy5H7wM4uWWu8jR26Cppi
x-cf3: H
cf4age: 540621
x-cf-tsc: 1697899258
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 5826d7a905a48258587b8a39f856074c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.com/js/hsts.js?v=1
200 OK 201 B URL GET HTTP/2 roblox.com/js/hsts.js?v=1
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 670828ec4d5bc925af5e231a21aca9b5
e5b287e529c4cd2892df1ae31ff5ca3e4e820519
60da31d144a496f76bc76caad2a7c809721440703e0cc41899d3275f47c808c5
GET /js/hsts.js?v=1 HTTP/1.1
Host: roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: application/x-javascript
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 03:42:56 GMT
accept-ranges: bytes
etag: "0e0a455acbda1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubdomains
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
date: Wed, 01 Nov 2023 17:51:18 GMT
content-length: 201
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
images.rbxcdn.com/5be09c7c686dbba1984fc1a2bacb772c-navigation_light.svg
200 OK 32 kB URL GET HTTP/2 images.rbxcdn.com/5be09c7c686dbba1984fc1a2bacb772c-navigation_light.svg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5be09c7c686dbba1984fc1a2bacb772c
b0626f753ce1f18bd01b5c29d86af92a7152e07f
c85491a931fe791cd1b23d54b42bd7abec503842ed5cb76420ab365c4ff45b4a
GET /5be09c7c686dbba1984fc1a2bacb772c-navigation_light.svg HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yGkJQ8ZMuB1FCLYEThhzG6FwDzdCxYF6vPgFMJHDG+pYs/n5euFWUDaiacBsjZ3POekViOMvBBI=
x-amz-request-id: A998968449825EF4
last-modified: Fri, 31 Jan 2020 19:54:58 GMT
etag: "5be09c7c686dbba1984fc1a2bacb772c"
x-amz-version-id: BfPlE2TwIAcXzaZMUVjicM55frkalq.T
accept-ranges: bytes
content-type: image/svg+xml
content-length: 32503
server: AmazonS3
cache-control: public, max-age=25880113
date: Wed, 01 Nov 2023 17:51:18 GMT
X-Firefox-Spdy: h2
images.rbxcdn.com/db648997fb029fc877acbab089ba8a03-loading_light.gif
200 OK 10 kB URL GET HTTP/2 images.rbxcdn.com/db648997fb029fc877acbab089ba8a03-loading_light.gif
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 246 x 72\012- data
Hash db648997fb029fc877acbab089ba8a03
42d5c5fa74e33525a508b43706a35fccb27e766a
09d9109c681366a10e206177fc36f1f3f9694ebebe17074e73efecdd81c31f1c
GET /db648997fb029fc877acbab089ba8a03-loading_light.gif HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7T0Xqp7RPTt0UsLMRa5Ttvm8eNHv2yoI37nJFQSt2isnKjZiivPlvHDXSxxtPIYDnSAECKefXco=
x-amz-request-id: 07D26506BD3BE778
last-modified: Tue, 19 Mar 2019 20:13:02 GMT
etag: "db648997fb029fc877acbab089ba8a03"
x-amz-version-id: sz8lbXyLyV9pIhDOQjEDzWF43TfTwRuw
accept-ranges: bytes
content-type: image/gif
content-length: 10013
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=27004722
date: Wed, 01 Nov 2023 17:51:18 GMT
X-Firefox-Spdy: h2
css.rbxcdn.com/6eafc48312528e2515d622428b6b95cc-GothamSSm-Book.woff2
200 OK 44 kB URL GET HTTP/2 css.rbxcdn.com/6eafc48312528e2515d622428b6b95cc-GothamSSm-Book.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 43612, version 1.19726\012- data
Hash 6eafc48312528e2515d622428b6b95cc
8c21c748004366757a93c587668ab55cb6a4bdf0
dee6942321440ad24c989d45fd96bf0c0c11e63e04357af2128118eb75eb887b
GET /6eafc48312528e2515d622428b6b95cc-GothamSSm-Book.woff2 HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: hIECCZ3hs3oo3ZebE+W9KxtwDBGop7Nvapfp0SzbK7qDVAN1OAUPhWMxAZLjm4zGCTpVkjZ3dNU=
x-amz-request-id: C4056486E50748C2
last-modified: Fri, 07 Feb 2020 16:12:10 GMT
etag: "6eafc48312528e2515d622428b6b95cc"
x-amz-version-id: GOxM9ZMupyRaz7HJaEvW636_0TzsWSwf
accept-ranges: bytes
content-type: font/woff2
content-length: 43612
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=26566745
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-origin: *
X-Firefox-Spdy: h2
css.rbxcdn.com/66d562e3299ee732a53db150038c026e-GothamSSm-Medium.woff2
200 OK 44 kB URL GET HTTP/2 css.rbxcdn.com/66d562e3299ee732a53db150038c026e-GothamSSm-Medium.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 44264, version 1.19726\012- data
Hash 66d562e3299ee732a53db150038c026e
f514a9e346cd443d196c1bc401f078a9fa147323
252d971616775193836fe6c0c057edc13c511ed2bdbdb61fbe3c4567a3a8e530
GET /66d562e3299ee732a53db150038c026e-GothamSSm-Medium.woff2 HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 4K8fYo+Q1blkqp+CQR75tOf72NHhX54R6ww8T0FDP2+RF700R7YBZyl6hhIiNsrk+v3taLJixJQ=
x-amz-request-id: DD920008EC79DEFA
last-modified: Fri, 07 Feb 2020 16:12:10 GMT
etag: "66d562e3299ee732a53db150038c026e"
x-amz-version-id: ztm1GRobVghqnFfLQU6bx4suno1xui5W
accept-ranges: bytes
content-type: font/woff2
content-length: 44264
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=28313865
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-origin: *
X-Firefox-Spdy: h2
css.rbxcdn.com/0acd8ff34f3a5c177d02e9011ee74eb3-GothamSSm-Black.woff2
200 OK 44 kB URL GET HTTP/2 css.rbxcdn.com/0acd8ff34f3a5c177d02e9011ee74eb3-GothamSSm-Black.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 44408, version 1.19726\012- data
Hash 0acd8ff34f3a5c177d02e9011ee74eb3
7985774d3676c27586c71bbf28b1f53598951a05
ecc55e4682a2b83956e183e86dc4d475e91bf192ea71faab52a8ed8cde83a3a3
GET /0acd8ff34f3a5c177d02e9011ee74eb3-GothamSSm-Black.woff2 HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 53JFKj5nykRVMC0jHZqkjCYyr5eGS4mH0JJt0lLmQx4gSOMtb2G8uCJt7tkj/eTCeRRa12/Tpzo=
x-amz-request-id: 8438ECA4779E609A
last-modified: Fri, 07 Feb 2020 16:12:08 GMT
etag: "0acd8ff34f3a5c177d02e9011ee74eb3"
x-amz-version-id: dtXTNIC3Hf6Ocu3lsnp3JHQ7KfxLosVd
accept-ranges: bytes
content-type: font/woff2
content-length: 44408
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=25671397
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-origin: *
X-Firefox-Spdy: h2
css.rbxcdn.com/3c102ace52ea35b16da4383819acfa38-GothamSSm-Bold.woff2
200 OK 44 kB URL GET HTTP/2 css.rbxcdn.com/3c102ace52ea35b16da4383819acfa38-GothamSSm-Bold.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 43756, version 1.19726\012- data
Hash 3c102ace52ea35b16da4383819acfa38
91a9953eeaf4ed11a424ea57bd3c2dfaa686c948
eb447eecadbf640fa5e062754192cd7c2b60b4d37c621320ca3eb7ab25b0c3ca
GET /3c102ace52ea35b16da4383819acfa38-GothamSSm-Bold.woff2 HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: bZk8w6QwWnISpVw2Wp0VarARChZowRN994Xo9wGxljSraWp5o/6lfp56zhmo579YLk6gahvw4i4=
x-amz-request-id: J6R26W0849T7XH0B
last-modified: Fri, 07 Feb 2020 16:12:10 GMT
etag: "3c102ace52ea35b16da4383819acfa38"
x-amz-version-id: XBMiglLKvk.F_R9FXxeV9VjsaDprWHJ0
accept-ranges: bytes
content-type: font/woff2
content-length: 43756
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=6786311
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/v1/thumbnails/metadata
18 B URL roblox.fm/v1/thumbnails/metadata
IP
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text
Hash a7ac15d8273b9d40bee8b8a0d02fe7bb
0df67fa41838f384dc5aff2bc356a99d758efd1d
c3804d813c0ea8ae01d80301a64c2033ea63d5e5c882577cf7273eede6d2700b
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/thumbnails/metadata HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
content-length: 18
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
set-cookie: PHPSESSID=h4859nd69hmmututf4jqhp57f6; path=/
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc2f2c5b5684-OSL
alt-svc: h3=":443"; ma=86400
images.rbxcdn.com/7bba321f4d8328683d6e59487ce514eb
200 OK 4.4 kB URL GET HTTP/2 images.rbxcdn.com/7bba321f4d8328683d6e59487ce514eb
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 7bba321f4d8328683d6e59487ce514eb
ae0edd3d76e39c564740b30e4fe605b4cd50ad48
68984ffee2a03c1cdb6296fd383d64cc2c75e13471221a4bcb4d93fcfa8dab54
GET /7bba321f4d8328683d6e59487ce514eb HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GzCCAywjceEIiQRIQqEGEbyp30IKA5lwG7ObJLAYM8K+btiDkDUlIi6zbSLRck05jEi5HDzjsZE=
x-amz-request-id: 6NFDHHY2VX8SKYM9
last-modified: Tue, 06 Sep 2022 22:21:51 GMT
etag: "7bba321f4d8328683d6e59487ce514eb"
x-amz-version-id: aPgoUuQuV6R.ptR45HukIEFVMsyAdOSo
accept-ranges: bytes
content-type: image/x-icon
server: AmazonS3
content-length: 4414
cache-control: public, max-age=26153189
date: Wed, 01 Nov 2023 17:51:19 GMT
X-Firefox-Spdy: h2
css.rbxcdn.com/38e00f7de6f417aa3a458560a15e2b8a-GothamSSm-Light.woff2
200 OK 43 kB URL GET HTTP/2 css.rbxcdn.com/38e00f7de6f417aa3a458560a15e2b8a-GothamSSm-Light.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 42964, version 1.19726\012- data
Hash 38e00f7de6f417aa3a458560a15e2b8a
b451a3a2ab0b04170804d6cf823c6465f33f6f44
cafe3fe334035fb21ebef6484cfbe1efa85c46f02113c57f8047c875fb9928c5
GET /38e00f7de6f417aa3a458560a15e2b8a-GothamSSm-Light.woff2 HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Llc+lX0jgDDmcFRYB2Wa+03PtIaBnT1JVxncElUmdFnrjjwFxMHze5KOZnpojAtie/18NtxSd4s=
x-amz-request-id: 4G8KQB66MCKAXNKF
last-modified: Fri, 07 Feb 2020 16:12:09 GMT
etag: "38e00f7de6f417aa3a458560a15e2b8a"
x-amz-version-id: x.faB3n4zz8gmssvtzZNidda0P6qZzdp
accept-ranges: bytes
content-type: font/woff2
content-length: 42964
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=5020308
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/c083a5aa190f60cf120abd97f9756641/300/250/Image/Jpeg
200 OK 41 kB URL GET HTTP/2 tr.rbxcdn.com/c083a5aa190f60cf120abd97f9756641/300/250/Image/Jpeg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/user-sponsorship/3
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash 7c4bceddc76fde1b676c2bf84480e6b7
1ec7fc8840895b55e31ffd430533fd23169bd25b
78310ec1f5d4601b68684db1d0ed961bd34861636f7c3985192978a83889054e
GET /c083a5aa190f60cf120abd97f9756641/300/250/Image/Jpeg HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 40652
content-type: image/Jpeg
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 037036228cd4
x-roblox-region: us-central
x-roblox-edge: ord2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:19 GMT
date: Wed, 01 Nov 2023 17:51:19 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/35f6f7f95e76c098dfcdc20fd72b9791/300/250/Image/Jpeg
200 OK 40 kB URL GET HTTP/2 tr.rbxcdn.com/35f6f7f95e76c098dfcdc20fd72b9791/300/250/Image/Jpeg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/user-sponsorship/3
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash ae17879961caf5f7defa4c2711a6f941
7f0be73a723ed7254e977d2a23f6059e0a101513
ae08e9f8f4e3d8bfb7bd94c8a9f27bbf79d1f8a3c04b27c3d02bd50724483055
GET /35f6f7f95e76c098dfcdc20fd72b9791/300/250/Image/Jpeg HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 40340
content-type: image/Jpeg
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB4970
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-roblox-region: us-central
x-roblox-edge: dfw2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:19 GMT
date: Wed, 01 Nov 2023 17:51:19 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.rbxcdn.com/css/page___91499eb369d75ba185c90bb0415c3266_m.css/fetch
200 OK 4.2 kB URL GET HTTP/2 static.rbxcdn.com/css/page___91499eb369d75ba185c90bb0415c3266_m.css/fetch
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/user-sponsorship/3
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (12859), with CRLF line terminators
Hash 7aa8676fc389e1fbc55a8443998674c5
7ff1cb8c9331cdfa61cb92c2427a17b63770a8ee
65a711d5d266ccfc8a465750d5a9a3ffd927ec24eb0fc5c12b906d89ac0c0972
GET /css/page___91499eb369d75ba185c90bb0415c3266_m.css/fetch HTTP/1.1
Host: static.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Sun, 01 Jan 2006 06:00:00 GMT
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; script-src 'self' 'unsafe-inline' *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com ajax.aspnetcdn.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com imasdk.googleapis.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com https://googleads.g.doubleclick.net cdn.veriff.me lightstep.com
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 4185
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: public, must-revalidate, max-age=31535954
expires: Thu, 31 Oct 2024 17:50:33 GMT
date: Wed, 01 Nov 2023 17:51:19 GMT
vary: Accept-Encoding
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.rbxcdn.com/0c045c9e7dcfc403ccb4235ea52c213bd4fa861c3c223f9c90b9a01792083435.js
200 OK 26 kB URL GET HTTP/2 js.rbxcdn.com/0c045c9e7dcfc403ccb4235ea52c213bd4fa861c3c223f9c90b9a01792083435.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash b06f0894130a350b103e2f8d18589e79
329937bad48b9a31552d87736b774db4af8f5f45
8ec96a1ac2084b38029f90b7780197677d0a0e56094469d47b9408c625d82dee
GET /0c045c9e7dcfc403ccb4235ea52c213bd4fa861c3c223f9c90b9a01792083435.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Cp4L8nW5vRtusNRagNGhET4drPwJtM6mEZVvyW7UUpopbUNNjh3eRC8kHsXZTpfKDYrez0FDEI8=
x-amz-request-id: H8ZCCX2VAXWFC8P5
last-modified: Tue, 25 May 2021 15:22:13 GMT
etag: W/"cccf35bfbe09c76c90dec863d2cf6cd8"
cache-control: public, max-age=31536000
x-amz-version-id: szwlomHk2YZXfHPlR__Smi.XlNwHz_36
x-cf3: M
cf4age: 0
x-cf-tsc: 1674533522
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 35861fd6485da65ce90fe4adb0102156
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/captcha/v1/metadata
200 OK 15 kB URL GET HTTP/3 roblox.fm/captcha/v1/metadata
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (907)
Hash 57e1e50ea5aa9ee3961c95cdf04d9e98
9fd8ea4af447d97c11d3766c3b43d9d42509d47a
275aa398f537b8b5b13320b679c665d584d3b46dd1e850d0aeae96cf1f672da7
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /captcha/v1/metadata HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
set-cookie: PHPSESSID=egg6h5o9nbnlmn4dcmdlclpbam; path=/
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc2fccf35684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.rbxcdn.com/fonts/source-sans-pro-v9-latin-regular.woff2
200 OK 14 kB URL GET HTTP/2 static.rbxcdn.com/fonts/source-sans-pro-v9-latin-regular.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/user-sponsorship/1
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 14308, version 1.3276\012- data
Hash 58dd2a1c6d7861ea261912ba153ac8e3
235c384b9599ed2099f8fda87ba7bc8917eb1aa4
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
GET /fonts/source-sans-pro-v9-latin-regular.woff2 HTTP/1.1
Host: static.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://static.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
last-modified: Tue, 31 Oct 2023 03:42:56 GMT
accept-ranges: bytes
etag: W/"0e0a455acbda1:0"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubdomains
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 14308
x-roblox-region: us-central
x-roblox-edge: waw1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: public, max-age=604800
expires: Wed, 08 Nov 2023 17:51:19 GMT
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.rbxcdn.com/fonts/source-sans-pro-v9-latin-regular.woff2
200 OK 14 kB URL GET HTTP/2 static.rbxcdn.com/fonts/source-sans-pro-v9-latin-regular.woff2
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/user-sponsorship/1
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 14308, version 1.3276\012- data
Hash 58dd2a1c6d7861ea261912ba153ac8e3
235c384b9599ed2099f8fda87ba7bc8917eb1aa4
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
GET /fonts/source-sans-pro-v9-latin-regular.woff2 HTTP/1.1
Host: static.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://static.rbxcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
last-modified: Tue, 31 Oct 2023 03:42:56 GMT
accept-ranges: bytes
etag: W/"0e0a455acbda1:0"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubdomains
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length: 14308
x-roblox-region: us-central
x-roblox-edge: waw1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: public, max-age=604800
expires: Wed, 08 Nov 2023 17:51:19 GMT
date: Wed, 01 Nov 2023 17:51:19 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.rbxcdn.com/51328932dedb5d8d61107272cc1a27db.png
200 OK 6.4 kB URL GET HTTP/2 images.rbxcdn.com/51328932dedb5d8d61107272cc1a27db.png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 230 x 180, 8-bit colormap, non-interlaced\012- data
Hash 51328932dedb5d8d61107272cc1a27db
9ad499a502fd8e6f742eb67c4a523290fe13701d
808595c0a58fdf98a2cafcb101a38698dacd129bc1483a33e2abca3112f9b3f7
GET /51328932dedb5d8d61107272cc1a27db.png HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Jvs6lGv0Ewn47t5Jo7cSFjj4Oggl+PHgy1Q0n/wZ0QVwsclzurfhmw33NBjkzEilrGqeZJl43iY=
x-amz-request-id: 7FECFC6015CDEED1
last-modified: Tue, 21 May 2019 21:09:57 GMT
etag: "51328932dedb5d8d61107272cc1a27db"
x-amz-version-id: 46.6R8LCOR1FeSA0kaFLq0EC.QjALPlw
accept-ranges: bytes
content-type: image/png
content-length: 6368
server: AmazonS3
cache-control: public, max-age=26615932
date: Wed, 01 Nov 2023 17:51:19 GMT
X-Firefox-Spdy: h2
js.rbxcdn.com/3574cff8a3839614386f61fdf914e02e5217a7878601ce33a9ff41f94a2ad8e3.js
200 OK 5.5 kB URL GET HTTP/2 js.rbxcdn.com/3574cff8a3839614386f61fdf914e02e5217a7878601ce33a9ff41f94a2ad8e3.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 7ae9fc7e26ee22e3b09b67bf70d404e7
7aca382bd8f507cc25376223f0ab9ccf4d650a2f
455ea82212d93f30fc69195b637cffdc9966301ca54ec0cfbebc32d74de1c1f8
GET /3574cff8a3839614386f61fdf914e02e5217a7878601ce33a9ff41f94a2ad8e3.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: txUwkcZr7l/e1hZ/NDtOa9N4R1GWKn+AJYuGyeiNkFYBsoAffSc+Pr91g3aYrtuCl/Rl3PdFSwQ=
x-amz-request-id: AAAJRQAF568BTK16
last-modified: Thu, 14 Apr 2022 00:10:56 GMT
etag: W/"c4d63cb23d961a45d5b4459ccebeba0e"
cache-control: public, max-age=31536000
x-amz-version-id: bJSKJVD1apNuT3KoK8aeKaJmNd75E9Ct
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: b217c19b3686b2c7aeb4a0309184c413
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/7f87a48c2277d62a95d8de1bb042bad213bb8d1f0a84442a8002c6ef09370d33.js
200 OK 78 kB URL GET HTTP/2 js.rbxcdn.com/7f87a48c2277d62a95d8de1bb042bad213bb8d1f0a84442a8002c6ef09370d33.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash b67a4e48689cf86d0f6750f8111a336c
98e97fc7432a6f566d6d6351bb31456bb76598d0
4c4a94c40165fec1c05232a6113f0df07ff234ce09cb4c272d6fc8d89de3b2c7
GET /7f87a48c2277d62a95d8de1bb042bad213bb8d1f0a84442a8002c6ef09370d33.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: yFG6dvqxFTd2YFdGQy5bD9WY9EyKkg3L2p7S7EUah/k74qrjvHlAihmU1lF5UlQkzZz5yCUYYAw=
x-amz-request-id: 4QD2ZP16WSR2P2FN
last-modified: Mon, 19 Sep 2022 23:15:10 GMT
etag: W/"9def4e0fd9a1c5125c25636f452af493"
cache-control: public, max-age=31536000
x-amz-version-id: X_38ZxnYqvY87M_AqyXvS634xogwlWxV
x-cf3: H
cf4age: 34974
x-cf-tsc: 1695278152
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 51b99287b04a4e8974d18ba9136532ad
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/6b5062502c103afe4d5cf5f72c3ca78ba29c734ed492f2295d4c39f2bbf5bfc2.js
200 OK 12 kB URL GET HTTP/2 js.rbxcdn.com/6b5062502c103afe4d5cf5f72c3ca78ba29c734ed492f2295d4c39f2bbf5bfc2.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 9dfd9f982a6daacaf97a3fae7785d872
66b60f35a3f15cb527b3ce41c262de3df9518749
c8e48f4db42c41ffd7248486315dcbb322a73580b9a8d172b57d550228da8890
GET /6b5062502c103afe4d5cf5f72c3ca78ba29c734ed492f2295d4c39f2bbf5bfc2.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: GJXZGUkeYiynMhZUZ/Ab6h5/8bSPPPkFtgVZ9TbxHWcwufsFdPNyRSZrX4Ktx2TX5tVa/mFnjvI=
x-amz-request-id: 704DACH5AWV685WV
last-modified: Wed, 21 Sep 2022 20:11:06 GMT
etag: W/"fc850c7c64f790e2b01343cdf8a0b0d6"
cache-control: public, max-age=31536000
x-amz-version-id: 97GykG3iqNoA2CFoyfdS4bv6xb320Idw
x-cf3: M
cf4age: 0
x-cf-tsc: 1676346645
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 3286f8168b294fe1d305e098bfc3c8ac
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/329ba9314a5de7282e8a8035046e7a56faf772d3ffea8af619b3e8854df0fc41.js
200 OK 4.7 kB URL GET HTTP/2 js.rbxcdn.com/329ba9314a5de7282e8a8035046e7a56faf772d3ffea8af619b3e8854df0fc41.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 7307ad7cfa932da0321e316ecf803b0c
05d3a54c87ba3f2b9d1895496a4401efb4539ded
a5b73bef5b8d927a7db1b1303b0e181026f62de4d0570069ccfab4c504ad3c89
GET /329ba9314a5de7282e8a8035046e7a56faf772d3ffea8af619b3e8854df0fc41.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: r5D3mZr2sNvR/lcdsy6ONtKKNauOauOi4QBxSlHn5N6lh+FbxKkXCV01XuIdsdEG/mH3k0iKlgw=
x-amz-request-id: D42WG5T0AZNKBKV9
last-modified: Thu, 08 Sep 2022 00:10:31 GMT
etag: W/"bb8da42faa3bbd5baf2494ccc697d928"
cache-control: public, max-age=31536000
x-amz-version-id: WgJXUuuw459H25FV5AoyQH.QrzVrnrC2
x-cf3: M
cf4age: 0
x-cf-tsc: 1669066003
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 2456f177cfcdd0cff9b85d42dd1a97b5
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-0C4E339619AD3696A297A6396F2C7ECE-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 19 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-0C4E339619AD3696A297A6396F2C7ECE-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d8bedd221a11b8b49a95833605925564
dba8d0fdc05d0bf7915343fc6abccc08e7e81f88
19ac46c8856ae6583247d08801654e16406e0a2b17287151cc8f82d404b25908
GET /30DAY-AvatarHeadshot-0C4E339619AD3696A297A6396F2C7ECE-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 19360
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: e776a374412d
x-roblox-region: us-central
x-roblox-edge: atl1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/users/profile/playerassets-json?assetTypeId=11&userId=1868295962
200 OK 35 kB URL GET HTTP/3 roblox.fm/users/profile/playerassets-json?assetTypeId=11&userId=1868295962
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (10800)
Hash 879e1bb15c3cdfdc577911246e38cde3
210adaa500bd4f411fd1cf2fb7a5790fe4e0d504
cc2547a1601eeaa2ffd3bd3e56e74758d89821580554b3d9acb8a21350601708
GET /users/profile/playerassets-json?assetTypeId=11&userId=1868295962 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc315e8a5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
images.rbxcdn.com/5118faaf986c9742bbd5abf8d78dc7ef-placeholder_light.svg
200 OK 5.6 kB URL GET HTTP/2 images.rbxcdn.com/5118faaf986c9742bbd5abf8d78dc7ef-placeholder_light.svg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5118faaf986c9742bbd5abf8d78dc7ef
bf2330b4381adc90492bce6f2a339166c9b5c4a1
4f00e3ed6316c42c26474d875678a12360b47c4d1287c1e7754bf3198c008b54
GET /5118faaf986c9742bbd5abf8d78dc7ef-placeholder_light.svg HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: iMnamuogMuqFt5dQONbTACD6x7c0ZE035quGGNzNYSSDZ+sf1hda9lepinAxy3km7rH7MbpJ8NM=
x-amz-request-id: X0TJ5HC58YFDM4WV
last-modified: Fri, 07 Jun 2019 05:47:27 GMT
etag: "5118faaf986c9742bbd5abf8d78dc7ef"
x-amz-version-id: RKo6XeiTHfsV7jUePVcV9.G_W.sNqKie
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 5644
cache-control: public, max-age=25038509
date: Wed, 01 Nov 2023 17:51:20 GMT
X-Firefox-Spdy: h2
roblox.fm/product-experimentation-platform/v1/projects/1/values
200 OK 4.7 kB URL POST HTTP/3 roblox.fm/product-experimentation-platform/v1/projects/1/values
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (362)
Hash 31ad693d2a22ace044ff845057e5a2f1
74b3f953761e05b69e504d2c1dfc99680aaeb8c2
c6349f4c932324535e0fa609695cf91615fbfd16cb8cb946ae53e636bf07cb24
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /product-experimentation-platform/v1/projects/1/values HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 35
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc320f6e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/users/1868295962/groups/roles
200 OK 11 kB URL GET HTTP/3 roblox.fm/v1/users/1868295962/groups/roles
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4955)
Hash 6ffd4bdb0c41c87be060b88f2bd2ae58
27d09604e2ca3c61b4dbd1534c9ef78ba829e86f
0ccc7d069460ee0bd7a042813a3bac6183090b3b63df2a0ca9a3d1c2c3912824
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/groups/roles HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc319ed45684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/users/1868295962/friends
200 OK 22 kB URL GET HTTP/3 roblox.fm/v1/users/1868295962/friends
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (9729)
Hash 96832df19c44abea497fe85ca7090f0b
327a8298e7e3f68483c0801f0482c1e18952ada6
3237efb92c01ddde032bf9515f3a21bea3df5080b6c4deae61b2adf515a78f99
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/friends HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc319ec95684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/groups/policies
200 OK 17 kB URL POST HTTP/3 roblox.fm/v1/groups/policies
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text
Hash e73cc21972dd9e81539638acd63b2ec0
f81f85c1359948b1ca9a6df421fdc3caa624caa5
5130cbfd94cc4055d9ac74ba48a974fda3dde21e87b0d56478dce7d7ceee2a93
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/groups/policies HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-TOKEN: B3HWI/L0g+jW
Content-Length: 84
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc391e8a5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/30DAY-AvatarHeadshot-FA6A02ADFAE5773343BFF94F5E6F26B0-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 18 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-FA6A02ADFAE5773343BFF94F5E6F26B0-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 26d557e690be9baf19669a4100d0f861
cf52f257d9151cd44f37ee059167d02044f6ca81
95bce7928bc318d9eb103acca65bc4037226fed33a7cf4fd6a5b8f18e975bfd4
GET /30DAY-AvatarHeadshot-FA6A02ADFAE5773343BFF94F5E6F26B0-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 18025
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: c0a8ace9fd75
x-roblox-region: us-central
x-roblox-edge: ord2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-4BB6951F4065190593CD90F1566F49F7-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 21 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-4BB6951F4065190593CD90F1566F49F7-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 17752f0c659fed9741aa8dce2d7b2831
b52f4939718d3614384c51abb132467f3911cc9e
4cd84a33e07be7c4815d487a2dee5720f07792b7c529c761eebdb7dbefda22c8
GET /30DAY-AvatarHeadshot-4BB6951F4065190593CD90F1566F49F7-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 20591
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 4de10c2d7883
x-roblox-region: us-central
x-roblox-edge: mia2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-C8C6287E11BD4F1F19235A139C128AD3-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 21 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-C8C6287E11BD4F1F19235A139C128AD3-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 8faaaeaf885c43827cdcb24336278661
c1c8414e40c5e3ea509dfa37f7db9398798837fc
173cea653fd3e976c2f12fe54abe6ff4986fc113edd82f33051422ee54f62976
GET /30DAY-AvatarHeadshot-C8C6287E11BD4F1F19235A139C128AD3-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 20994
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 9167c8f50755
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-3B435C60A495722785121ACD1C7C115C-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 17 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-3B435C60A495722785121ACD1C7C115C-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 65ae0d3a9c39929b1a93ff2e9f5067b8
df2041766d73f954c3f88317e0bb8bb4e5b12b4a
fae801a95ff11e038eba4adbfe82ea095157003a2e7645cfd9b061817a752bdf
GET /30DAY-AvatarHeadshot-3B435C60A495722785121ACD1C7C115C-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 16573
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 7797ec9df558
x-roblox-region: us-central
x-roblox-edge: ord2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-FC21C658C49F00F3843AD8909F4EB805-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 17 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-FC21C658C49F00F3843AD8909F4EB805-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f7bda57e2cf2cc2247928a05850251f
45b95fc0a58196016008ee039ba372af99840479
7892b36323623c4dc14a25adf7f3080e8c15bbc5af0e2d5a78765a47ee1f98ce
GET /30DAY-AvatarHeadshot-FC21C658C49F00F3843AD8909F4EB805-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 16832
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: c28bd47dc337
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecsv2.roblox.com/www/e.png?evt=pageHeartbeat&ctx=heartbeat1&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A21.618Z
200 OK 68 B URL GET HTTP/2 ecsv2.roblox.com/www/e.png?evt=pageHeartbeat&ctx=heartbeat1&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A21.618Z
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /www/e.png?evt=pageHeartbeat&ctx=heartbeat1&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A21.618Z HTTP/1.1
Host: ecsv2.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
date: Wed, 01 Nov 2023 17:51:20 GMT
content-length: 68
x-envoy-upstream-service-time: 0
server: envoy
vary: Origin
strict-transport-security: max-age=3600
x-ratelimit-limit: 3600000, 3600000;w=60
x-ratelimit-remaining: 3599999
x-ratelimit-reset: 40
x-roblox-region: us-central
x-roblox-edge: lhr2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
js.rbxcdn.com/1a6389791b88e1ce869baa0b43e2f423e77141f6913f9d51eeda7d460d53aa97.js
200 OK 26 kB URL GET HTTP/2 js.rbxcdn.com/1a6389791b88e1ce869baa0b43e2f423e77141f6913f9d51eeda7d460d53aa97.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash f1fcefeaa74ac79af8a226af3f857587
5d3df5f06d9d80c0ffb85ec8b7bfe73f9a553297
da79cfb4cef0f724f1e837989d5e274ecb57e696a5c9e470d2616b60201a1656
GET /1a6389791b88e1ce869baa0b43e2f423e77141f6913f9d51eeda7d460d53aa97.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: tbpOTI3sCOujjtgolSaiEMgXexU5xD8Tm40v1T1NfLEuGqbEiNsaHOMMMrU6/oNw9AHr712LKaw=
x-amz-request-id: C0950VP90BCAYF3P
last-modified: Fri, 22 Jul 2022 21:56:20 GMT
etag: W/"c32bd83bf2b8bd24a7a7b182cd62afb5"
cache-control: public, max-age=31536000
x-amz-version-id: fCdmBQ0aEb1oGQcQfDl9lQoqOv21qlPz
x-cf3: M
cf4age: 0
x-cf-tsc: 1697628261
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: d9c8806fa95a1094dbbd1b90ab012177
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
images.rbxcdn.com/2a85da8fd52855683c2b039c8536ef56-badges.svg
200 OK 34 kB URL GET HTTP/2 images.rbxcdn.com/2a85da8fd52855683c2b039c8536ef56-badges.svg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 2a85da8fd52855683c2b039c8536ef56
389c5522563a807b865940ef12075a0f52c01baa
40e86db6205c36e6ac3b885d0bb1033937d188052fc1cc3a63f6104c8c6e3dda
GET /2a85da8fd52855683c2b039c8536ef56-badges.svg HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-amz-id-2: AHA1zwdMmcKWcVORbX5NwgR7qzFDuWB72mFRDW/Nr7jI0AOV1dlAXSviu3qAmiiGx67ewuJzuUw=
x-amz-request-id: 3YKK619NY02MX6ZS
last-modified: Fri, 07 May 2021 14:43:58 GMT
etag: "2a85da8fd52855683c2b039c8536ef56"
x-amz-version-id: _jz3Ud_me7vKjhUy0D60duROEZLYJWS0
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 34400
cache-control: public, max-age=28123705
date: Wed, 01 Nov 2023 17:51:22 GMT
X-Firefox-Spdy: h2
roblox.fm/v1/users/1868295962/roblox-badges
200 OK 10 kB URL GET HTTP/3 roblox.fm/v1/users/1868295962/roblox-badges
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (771)
Hash c29f6d8c90427e4cfe98107a0036bc86
c9a038fb863988bd831accf64b3d30cf4e80e105
54bb4dc3fa0a0aef478c77a1c9802c304455f595c8bafc95988ac6814708516a
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/roblox-badges HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc32a8115684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/61d28990c4169f15c9d4d2455dd4501f/150/150/Face/Png
200 OK 2.2 kB URL GET HTTP/2 tr.rbxcdn.com/61d28990c4169f15c9d4d2455dd4501f/150/150/Face/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced\012- data
Hash 8b02ebcb0961d1b75e20227c2ee4c0d0
b0f56eef2d5e0dc377f8ff5d538171b28912ae8f
0f0840314dd0f75d88b877e0f2370b2a1627b262ed7ad18beccb82b0ec9166f7
GET /61d28990c4169f15c9d4d2455dd4501f/150/150/Face/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
pragma: no-cache
content-length: 2235
content-type: image/Png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=3600
roblox-machine-id: CHI2-WEB3156
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/89b56f5eca77cf6c2460abd72d84d1a3/150/150/Head/Png
200 OK 9.6 kB URL GET HTTP/2 tr.rbxcdn.com/89b56f5eca77cf6c2460abd72d84d1a3/150/150/Head/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 3de672343318021b5f14e84261732a00
aacf9174d71a538712fed6ccc4592e6336ec3240
3d4ae88d84cf4181f96cfcb9a76a4bb18c9df052f21b425d011dfd1acd026309
GET /89b56f5eca77cf6c2460abd72d84d1a3/150/150/Head/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 9647
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: fa0e8b198f09
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/universal-app-configuration/v1/behaviors/cookie-policy/content
200 OK 18 kB URL GET HTTP/3 roblox.fm/universal-app-configuration/v1/behaviors/cookie-policy/content
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (1026)
Hash 24746db5c6de0794c1ee0ee56bf6f133
8ade112791bcc2e29d4e2352d4ebd3878e3e5dd8
d4cb2fb1a55f5d3672e4d68adf977bfd8656e10f61eecdf3a145d43a3cfba624
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /universal-app-configuration/v1/behaviors/cookie-policy/content HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc328ff45684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/batch
200 OK 12 kB IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (1886)
Hash 960cfd2ab50eeeaecba9afad98bd44d4
04797edb9786e4752f5b0312ec009246217a84de
5bf58a40d8d1f8f996514b830bd65e8b4772cf7baa3362dd0fdc0112d242850f
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/batch HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-csrf-token: B3HWI/L0g+jW
Content-Length: 1067
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc406e775684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/207b515aaad84c360fbd84ab46aada86/150/150/BodyPart_LeftLeg/Png
200 OK 10 kB URL GET HTTP/2 tr.rbxcdn.com/207b515aaad84c360fbd84ab46aada86/150/150/BodyPart_LeftLeg/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 18b3c09628de7c2be18fc0eb670ad5b6
eb6c83593acf6585ad37c5b0e9166149c96dc182
92cc99973bb59ab0a000cb9aaecda470758141743d2e2f0495b26b9740a2d773
GET /207b515aaad84c360fbd84ab46aada86/150/150/BodyPart_LeftLeg/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 10203
content-type: image/Png
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB5305
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/be50153210252149eca23aa881a4ed29/150/150/BodyPart_RightArm/Png
200 OK 12 kB URL GET HTTP/2 tr.rbxcdn.com/be50153210252149eca23aa881a4ed29/150/150/BodyPart_RightArm/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1302c1af10e8c35a20a28a4f7a6ec31f
62605d5a224942b04fe4fee34c1b194ad4698486
65ee4060b38aabc8f3ebe1f05c4aacf4b75be98c881eefe1d695b3aff2d2eb37
GET /be50153210252149eca23aa881a4ed29/150/150/BodyPart_RightArm/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 11654
content-type: image/Png
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB4252
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/31d66eb1691fbaa9f2b25c7a11f46dc1/150/150/BodyPart_RightLeg/Png
200 OK 11 kB URL GET HTTP/2 tr.rbxcdn.com/31d66eb1691fbaa9f2b25c7a11f46dc1/150/150/BodyPart_RightLeg/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d4f0e4a3fc362c8559cb3027ab5a967
f93269fa13998e698342bddf047580ea8f0f1549
fe8bfa538fdab2305cf98df4277083f0ff3d86bf8bafc268edc31304e6094779
GET /31d66eb1691fbaa9f2b25c7a11f46dc1/150/150/BodyPart_RightLeg/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 10723
content-type: image/Png
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB1463
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/product-experimentation-platform/v1/projects/1/values
200 OK 270 B URL POST HTTP/3 roblox.fm/product-experimentation-platform/v1/projects/1/values
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (368)
Hash d9b65050820a471c6d8e334b04988dac
85b69c7e86fc1e10359358e9aba536efdb6de4f5
c9836e013a96726f6fad2b1f5d7c0ac4018a5a4292e1253bde4324aa9f45d858
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /product-experimentation-platform/v1/projects/1/values HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 41
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc326fd25684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c0ak.rbxcdn.com/test-50kb.png
200 OK 53 kB URL GET HTTP/2 c0ak.rbxcdn.com/test-50kb.png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 192 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 588ee33c26fe83cb97ca65e3c66b2e87
842429b803132c3e7827af42fe4dc7a66e736b37
bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
GET /test-50kb.png HTTP/1.1
Host: c0ak.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: LHfzeulnH7xsybNCHK4YwlyyzOGOO4bpXQ3GoNtuGrU5xrex8Uldx7V1Qe6OFdE7qjMI2kvO3WM=
x-amz-request-id: 7A82952F23302237
last-modified: Sat, 13 Jun 2015 00:10:18 GMT
etag: "588ee33c26fe83cb97ca65e3c66b2e87"
x-amz-version-id: 8CdyEAvn4B0CF4PkySV34MTVrj7Tlt6D
accept-ranges: bytes
content-type: image/png
content-length: 53218
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=31493754
date: Wed, 01 Nov 2023 17:51:22 GMT
rbx-cdn-provider: ak
access-control-expose-headers: Rbx-Cdn-Provider,Akamai-Request-BC
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
js.rbxcdn.com/0d3ba3cd162212eb04b26996eda08e542bd0febd250e1e03bba5a932dcb3d84f.js
200 OK 26 kB URL GET HTTP/2 js.rbxcdn.com/0d3ba3cd162212eb04b26996eda08e542bd0febd250e1e03bba5a932dcb3d84f.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 42b2209ba82061876d57a6276e1a2151
91b4554ecc92075155e427252aa7f6f2b5e3a53b
03885f0b5cdc5e5b926f90f56a005325ef494d2bb1586a77f2d9126421b1aedc
GET /0d3ba3cd162212eb04b26996eda08e542bd0febd250e1e03bba5a932dcb3d84f.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: R4MpNUw05vGtIqpHw2WhKu4R9rR3JmKdJS0mbktD0OZ/Ancdws43KmG7PVYbAzdt5cO+GpM1s0Q=
x-amz-request-id: 6Q2D5SQ2DM14WC58
last-modified: Wed, 24 Aug 2022 00:10:48 GMT
etag: W/"f40ef79e694b3da333c59c169cbc04c7"
cache-control: public, max-age=31536000
x-amz-version-id: g7lD.tuUQI253qnmtNApcikpT7vwtJ68
x-cf3: H
cf4age: 1344726
x-cf-tsc: 1697865391
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 20d9526ee6984fc4f87002cd37c04909
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/9cf047a292f5735b2ce9c1896e1951a873acc17e0d794deddde210b8bd91d6d4.js
200 OK 2.1 kB URL GET HTTP/2 js.rbxcdn.com/9cf047a292f5735b2ce9c1896e1951a873acc17e0d794deddde210b8bd91d6d4.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 67ed0a1461a68d1ebe8901b90c865484
6fc3cf2fadbf67be6c273cc01819019ac0454404
0774c7651fbb596b16d8540087baedb6efce46aff2807ac1007c0ccb58c4b32e
GET /9cf047a292f5735b2ce9c1896e1951a873acc17e0d794deddde210b8bd91d6d4.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: YZYIC/SMoSWgp5CZgcw6ADmnTLLEc9ADKO3MY1YV7AJner6CWDL2dPQ+vSOCpmHtfdRgRf/YfPI=
x-amz-request-id: T5ZNTA46WR0H5ARC
last-modified: Thu, 27 Jan 2022 00:10:42 GMT
etag: W/"6a0de487cfde946269403a9458de24ee"
cache-control: public, max-age=31536000
x-amz-version-id: OuNGnH2nG2NT8iZNtc0u0.dfrfSXqiex
x-cf3: M
cf4age: 0
x-cf-tsc: 1682906603
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 9b77b3e543dba20e3d03a5c2c6341360
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
pulsar.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 pulsar.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: pulsar.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
tr.rbxcdn.com/9a56308cb7b1e694277dcc857ceb5569/150/150/Image/Png
200 OK 27 kB URL GET HTTP/2 tr.rbxcdn.com/9a56308cb7b1e694277dcc857ceb5569/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 72e9cd20d1f3ab92c917c6441a62b004
2633f9268722e95ae4211c8d5965eb1637c0947f
924b117a9babb6b62c29045d5a6f6711c1de6280b10ff2980e8cb8917457cd80
GET /9a56308cb7b1e694277dcc857ceb5569/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 26946
content-type: image/Png
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB5504
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/v1/batch
200 OK 27 kB IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (1414)
Hash 9997129a3eb82bccc271734a490b20c3
f0fc6e6a08d6c567ab05cc738b5b5c258da97045
7698cc925be6e11c8e1700165ec3337333ae16fb8452bd7b839752cfa350deb5
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/batch HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-csrf-token: B3HWI/L0g+jW
Content-Length: 853
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc44caaa5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/f41ec06eeae79fa94e6ae9f435b0a1c6743085e898884eddb4d4025ca3af8a44.js
200 OK 48 kB URL GET HTTP/2 js.rbxcdn.com/f41ec06eeae79fa94e6ae9f435b0a1c6743085e898884eddb4d4025ca3af8a44.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type gzip compressed data, from Unix\012- data
Hash 1a82843a958c5ebdfe81274bc90de2a5
3f81398301fad016e1785fb71c5ba9e9a6d66eb8
3d6890f828450ebd11987bd556fe3a75746cfc472032d395837b3989720a04fa
GET /f41ec06eeae79fa94e6ae9f435b0a1c6743085e898884eddb4d4025ca3af8a44.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Ud+oplHJRxuz+0lDv7DapSiUKze/xBKd9GP+7GECa3YkJ6y4LEsS87hENLGXy3m8Lrwdsu0NE/o=
x-amz-request-id: AAAN9HQZ6BKJ0AP4
last-modified: Wed, 12 May 2021 03:21:56 GMT
etag: W/"7ae97680c42130384a6acebb7deb3d81"
cache-control: public, max-age=31536000
x-amz-version-id: InS7vyvopn.i4Az6EMHF956FPVM9VkxJ
x-cf3: H
cf4age: 724877
x-cf-tsc: 1698083495
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5311d9a7b7c52fbaae2eeb78010dbda1
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/73acc4dde4aa1e282cc81bc09b932aef/150/150/Image/Png
200 OK 28 kB URL GET HTTP/2 tr.rbxcdn.com/73acc4dde4aa1e282cc81bc09b932aef/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 559e0f763f7695a296242d8786a56f9e
27a709f5cf67c413ae2ffd53926ec51eb6932fdd
cc105a73ab10be59b2900c2702cdfae322434e653e4d969c75ccd7fef8576ddb
GET /73acc4dde4aa1e282cc81bc09b932aef/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 27672
content-type: image/Png
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB5504
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-roblox-region: us-central
x-roblox-edge: ash1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/e69861ebc8e6b315cf06ee9579c22e01/150/150/Image/Png
200 OK 28 kB URL GET HTTP/2 tr.rbxcdn.com/e69861ebc8e6b315cf06ee9579c22e01/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b970b2e4d299eb0f3651978d588be42
d3cb9873d56dde78c05bc233aa0ea01417580fed
e0da7b55c455d3c72e2f0184203bfd0d3032299802e601051340f78134546411
GET /e69861ebc8e6b315cf06ee9579c22e01/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 28083
content-type: image/Png
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI1-WEB2574
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-roblox-region: us-central
x-roblox-edge: ash1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/v1/users/1868295962/groups/primary/role
200 OK 5 B URL GET HTTP/3 roblox.fm/v1/users/1868295962/groups/primary/role
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
Hash 68b9d60205dc935ede5221fc4307cf6a
668ce2fbde3616de6aaa3c8b3fa7d0a11fb0a8d8
a0a34da0d1630ff2b9a40b845e83c3f5219ccfb993afa54ef93b32a11a04b916
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/groups/primary/role HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
content-length: 5
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc3af8cc5684-OSL
alt-svc: h3=":443"; ma=86400
waw1-128-116-124-3.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 waw1-128-116-124-3.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: waw1-128-116-124-3.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
aws-eu-west-2a-lms.rbx.com/
200 OK 43 B URL GET HTTP/2 aws-eu-west-2a-lms.rbx.com/
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerAmazon
Subjectaws-eu-west-2a-lms.rbx.com
Fingerprint2A:08:05:AC:91:BD:7C:47:45:54:A0:0B:DA:CE:E8:AD:E3:3E:17:91
ValidityMon, 20 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET / HTTP/1.1
Host: aws-eu-west-2a-lms.rbx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALB=0x09K8VHxGXimgNIBZ50ahjj4xgRFNMh1abE8YBtpEXAQu+v/eHCP0fH7JN7y+Kb08EQlqOkmQg3RF1XtBhgHLVtLLDwEYRelfec3f/j12XnHs9znsp3oZe79BSx; Expires=Wed, 08 Nov 2023 17:51:22 GMT; Path=/
AWSALBCORS=0x09K8VHxGXimgNIBZ50ahjj4xgRFNMh1abE8YBtpEXAQu+v/eHCP0fH7JN7y+Kb08EQlqOkmQg3RF1XtBhgHLVtLLDwEYRelfec3f/j12XnHs9znsp3oZe79BSx; Expires=Wed, 08 Nov 2023 17:51:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
lga2-128-116-32-3.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 lga2-128-116-32-3.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: lga2-128-116-32-3.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
roblox.fm/v1/batch
200 OK 731 B IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (560)
Hash 0853aa7aa0141b577428308670e38a66
c038d3597956c3f8d25f83bf0c25091d7557760d
f7488e7aa69d25585ee29c069672eae7083de0900dd9733e28cb87ce519e17e0
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/batch HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-csrf-token: B3HWI/L0g+jW
Content-Length: 291
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc3419965684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mia2-128-116-127-3.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 mia2-128-116-127-3.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: mia2-128-116-127-3.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
roblox.fm/v1/batch
200 OK 534 B IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (2638)
Hash 664a950473225a2207ab5a8d17bea771
3681b01f0dc1c1a4f9ce07fccd4784432f213e5a
7b4e856b04d77a2eeefd75de3e7a88a11fe8b338fd223059bb4358f407fde50b
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/batch HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-csrf-token: B3HWI/L0g+jW
Content-Length: 1351
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc37fd6e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/catalog/items/details
200 OK 173 B URL POST HTTP/3 roblox.fm/v1/catalog/items/details
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (340)
Hash 6c7f6fe634ec29cc15e30b57798d0194
55b6ab5d6fdbc7574e1362a240a8b61a1d71790f
142ec94c3857d8274329c01d1bd4d57b91f29389818e3850d39d893880f95438
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/catalog/items/details HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 341
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc3fadbb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/performance/measurements
3 B URL roblox.fm/v1/performance/measurements
IP
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text
Hash 71304b116ad9b3351ef61d5d386ad0f8
64586b3dae6f945519d36e3bbc146f721ba3c67f
a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /v1/performance/measurements HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 841
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:30 GMT
content-type: application/json; charset=utf-8
content-length: 3
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc7568285684-OSL
alt-svc: h3=":443"; ma=86400
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: 17856
rule-data-version: 3
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-12-08-22-56-18.chain; p384ecdsa=5v2a0zAWdVcr8XyYMZvdIMeUWDXeriGf61pahaccyAkzcEQKKMUG_1cftivCshXb-PNqww77-ehIfnYwIczhCCVoAhmQFds-nwg16GLpvpC_hxx5u7FTjHs-NKZwKCpL
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Wed, 01 Nov 2023 17:50:53 GMT
age: 40
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
roblox.fm/product-experimentation-platform/v1/projects/1/values
200 OK 113 kB URL POST HTTP/3 roblox.fm/product-experimentation-platform/v1/projects/1/values
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (362)
Size 113 kB (113395 bytes)
Hash 31ad693d2a22ace044ff845057e5a2f1
74b3f953761e05b69e504d2c1dfc99680aaeb8c2
c6349f4c932324535e0fa609695cf91615fbfd16cb8cb946ae53e636bf07cb24
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /product-experimentation-platform/v1/projects/1/values HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 35
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc321f875684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Wed, 07 Jun 2023 18:17:03 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1686161822.36709
Content-Type: application/zip
X-Trans-Id: tx850f8ba461544848b47ef-006519bffadfw1
Cache-Control: public, max-age=196931
Expires: Sat, 04 Nov 2023 00:33:44 GMT
Date: Wed, 01 Nov 2023 17:51:33 GMT
Connection: keep-alive
roblox.fm/v1/metadata
200 OK 703 B IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (334)
Hash 58e7676e4a3120f5d8b9b95c95fac397
e2bb6ab4d966dac911b578a6f7637851a9e8132c
ba537030518737bdc66f7c786273c85c9d746223ca81c6a45af95bc1f168eacb
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/metadata HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc32b81a5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin
817 kB URL firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin
IP
Size 817 kB (817083 bytes)
Hash 6b5b15372ca108d4b33caf02ed016f3e
13df17583626a0987070dde4340f876d08c401c0
9c890391b90d43bf692755185bfa1780ee051467ae9a2775759d9866f4546664
GET /staging/addons-bloomfilters/6c7d9b78-4642-461c-9b2d-b802ccd7a1d5.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqJeb5K4rSm8QgCXHhECp-2B4jCBZylThqv1gweUS3onF0ncBQtvEDZAPJz9rJrX5IIKCiGWxW7gd6dcuJCvo4Lp4zJ4zbP
x-goog-generation: 1690223885754624
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 817083
x-goog-hash: crc32c=NmyCHA==, md5=a1sVNyyhCNSzPK8C7QFvPg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 817083
server: UploadServer
date: Fri, 27 Oct 2023 10:21:36 GMT
cache-control: public,max-age=604800
age: 458998
last-modified: Mon, 24 Jul 2023 18:38:05 GMT
etag: "6b5b15372ca108d4b33caf02ed016f3e"
content-type: application/octet-stream
alt-svc: clear
X-Firefox-Spdy: h2
roblox.fm/product-experimentation-platform/v1/projects/1/values
200 OK 178 kB URL POST HTTP/3 roblox.fm/product-experimentation-platform/v1/projects/1/values
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (362)
Size 178 kB (177804 bytes)
Hash 31ad693d2a22ace044ff845057e5a2f1
74b3f953761e05b69e504d2c1dfc99680aaeb8c2
c6349f4c932324535e0fa609695cf91615fbfd16cb8cb946ae53e636bf07cb24
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /product-experimentation-platform/v1/projects/1/values HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 35
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc320f635684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/v1/users/1868295962/currently-wearing
200 OK 4.3 kB URL GET HTTP/3 roblox.fm/v1/users/1868295962/currently-wearing
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text
Hash 1609385405a884f318b3b288fb0af5a8
b20ca93028665437718ab1adbb991576244f0914
14833aaf10c60733af6df9e405012c283a95c96d24d6f7abeda1e14cea14de4f
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/currently-wearing HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:21 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc3298075684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/privateJs/Security.js
200 OK 48 B URL GET HTTP/3 roblox.fm/privateJs/Security.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with no line terminators
Hash 2abfdd28253267e1f0540235aae1b199
6711fe7da87beb29cec07c34594b466ff86c15ec
a39965fe9cd369e874b5864b4ba5f142fc71551496816de7e7d7a7e3a3847d03
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/Security.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e5-30"
last-modified: Fri, 20 Oct 2023 17:12:05 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cg3vHNzI0GU1EwkpNfXZAHUvT1g8l7aI7ayORaRfVF1am2McGrRhz7znA4h%2BorhXS1yB7dYP0KPFF2oqpaV0VkO83smKO1%2FdE2eHcV7Gol9JBkJPeAS1lz1euw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc183b015684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox-api.arkoselabs.com/fc/api/?onload=reportFunCaptchaLoaded
200 OK 376 B URL GET HTTP/2 roblox-api.arkoselabs.com/fc/api/?onload=reportFunCaptchaLoaded
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerCloudflare, Inc.
Subjectarkoselabs.com
Fingerprint6E:7D:85:B7:2D:33:4C:AC:9F:7B:5B:9A:0A:F8:4B:AB:6A:0F:E3:DB
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (389), with no line terminators
Hash c4a47bf5790d76892c027d25104ae4f9
ddf899a86791c52834e6e37641ecc1a4baeb074d
bd05b3e06f9512a96b52026c0a15007f4567d94a10cc879c14d685ae37fff547
GET /fc/api/?onload=reportFunCaptchaLoaded HTTP/1.1
Host: roblox-api.arkoselabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript
cache-control: public, no-cache
etag: W/"6af2c0d87b9879cbf3365be1a208293f84d37b1e|sha384-0WSnGKUOVQB3bg5Ofr5NVln10Hgdsr1qyM+lwRI+diKuJL5zXCe0CmeRgzJ/TUEF"
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: _cfuvid=UZu28lgeiOcNAZPjZagFmWOjgHI7RQeiGLRXm1RrMDI-1698861075317-0-604800000; path=/; domain=.arkoselabs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 81f5fc18be2fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.rbxcdn.com/c4b0a446b38285f3db5472340f4ef27d737c87b78348e36dc7acbcfec89d70bf.js
200 OK 2.6 kB URL GET HTTP/2 js.rbxcdn.com/c4b0a446b38285f3db5472340f4ef27d737c87b78348e36dc7acbcfec89d70bf.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2620), with no line terminators
Hash 4ad5a2589abdaf602effeaf6a300bcaa
3e0d6b2776254d0891cd86f830222785bcd4e7c2
b33db8b9877c3843398ece808830aef68433af963b1a72985b02ec55dbe6f2b0
GET /c4b0a446b38285f3db5472340f4ef27d737c87b78348e36dc7acbcfec89d70bf.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: m+eJZCnw/Lks0/iL4G4YGT83z0Y0aFbKapCS9MpwHb0ERSPxVfkfSVtHTIJwDAxOr+nyQLfQLog=
x-amz-request-id: 4YBEY63J76KP4YYA
last-modified: Wed, 23 Feb 2022 02:35:16 GMT
etag: W/"921ac3eedd28fa0e68ea4abc9d34be91"
cache-control: public, max-age=31536000
x-amz-version-id: bdMLZv80KuAHemRcPbt4x9J3feC8m7rr
x-cf3: H
cf4age: 373875
x-cf-tsc: 1697732496
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 640888a471a0603b2ce73c07518479f4
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/5804331763d8dd8d8fb671924b73023bd1feddd205229569f18413e6f0190f93.js
200 OK 61 kB URL GET HTTP/2 js.rbxcdn.com/5804331763d8dd8d8fb671924b73023bd1feddd205229569f18413e6f0190f93.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5804331763d8dd8d8fb671924b73023bd1feddd205229569f18413e6f0190f93.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: wDURBgLUKcq3rSyB4/arEhhNKRZt1J+nIqceHjnn096rTxigDEfbLQv8HBurVOlrJtjEgpLY3Z4=
x-amz-request-id: 6Q27JCRQ6K0MHTWK
last-modified: Wed, 06 Apr 2022 06:29:24 GMT
etag: W/"5f3ff3ac1d57bc43b4703973852ff51b"
cache-control: public, max-age=31536000
x-amz-version-id: IzELPdMbj3ed6uw4znR1kfSCeC8Ued_M
x-cf3: H
cf4age: 132679
x-cf-tsc: 1696653344
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 679254ca54ff9629061c64769c058087
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/7693d98990f875a88c91c0385e1b0542bb51913fb34b23f414b6890d90353c40.js
200 OK 14 kB URL GET HTTP/2 js.rbxcdn.com/7693d98990f875a88c91c0385e1b0542bb51913fb34b23f414b6890d90353c40.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (13850)
Hash 959be10187ff17f4f4b5684a33dcb315
003ca24bcd9a2ed3ee644f7b0cabe0d5bf881cdd
b757c1c017abda974e444fec6c8a8f182df7106d504b2623a455b03b83292955
GET /7693d98990f875a88c91c0385e1b0542bb51913fb34b23f414b6890d90353c40.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: lEqfdJSyG7FoyWLrxvJcVeYZskIlTGS5/R6LWq4yIOSkmw6njhI9lqe46rkQCoSiQjA7fyGIEpw=
x-amz-request-id: 4ZP9GC69QQQFWPYZ
last-modified: Mon, 28 Mar 2022 20:15:10 GMT
etag: W/"959be10187ff17f4f4b5684a33dcb315"
cache-control: public, max-age=31536000
x-amz-version-id: piabnzgMqBT9IvMwmwMcYiWSxKxdqz2H
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358618
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 66f939119399381fae821ae804b0ac45
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/v1/users/1868295962/badges?sortOrder=Desc
200 OK 4.9 kB URL GET HTTP/3 roblox.fm/v1/users/1868295962/badges?sortOrder=Desc
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (5438), with no line terminators
Hash 38789559984bbd4c85c165d864492bf6
03aff28eec85bf6ee0bf2777d2918ceb7fd73792
75eac37fe0d13573a2562eb2e94eaddbea60ad9b95265856c962332fb8fe1cea
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/users/1868295962/badges?sortOrder=Desc HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc32b8195684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/c46b4fb03550b521b63f90cdca3214e620c53f676987f9c644dc3ed60a9d74c9.js
200 OK 1.2 kB URL GET HTTP/2 js.rbxcdn.com/c46b4fb03550b521b63f90cdca3214e620c53f676987f9c644dc3ed60a9d74c9.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1321), with no line terminators
Hash 4610c0b850e6393943b8cf6167ada50c
b0550a3d3b7e352721e4813cac548c95e2e1a087
7e61e61fc3d3e15af934f4af78d880dcc2ba0a6be1cfe93cbde462aa97802973
GET /c46b4fb03550b521b63f90cdca3214e620c53f676987f9c644dc3ed60a9d74c9.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: IWqTnlYIrrdaE6B6n5DB9w6sVifyh8OlZMWdm2gbnZTPAkE/CWvDeLSny9wRP53oWXn80TNO2fQ=
x-amz-request-id: P64EEKXNYX8F8FPV
last-modified: Wed, 18 Aug 2021 20:11:13 GMT
etag: W/"1ba75999b3ec1105914a31501c389244"
cache-control: public, max-age=31536000
x-amz-version-id: 31qctP6tuYqxpJPZ8raU7qLqHEHuj4MF
x-cf3: M
cf4age: 0
x-cf-tsc: 1679022171
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: c8af9e27898945537450491a4d6cc7b6
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-081470FE9EFF6BAA2D6D038FFCB33715-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 17 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-081470FE9EFF6BAA2D6D038FFCB33715-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d549fa3fa3a52c4d3204c9d71ae9f69
3daa18660e2510250893f586519336b49b8725c6
70e8631ae32a3e6efe48f8fc6ecb88ee2e445b8b3dacf9dc202f4f4f0f205fb3
GET /30DAY-AvatarHeadshot-081470FE9EFF6BAA2D6D038FFCB33715-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 16576
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: a319f50f38f0
x-roblox-region: us-central
x-roblox-edge: atl1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-3F0D4B6DC443B407CBCF1489B7CB57CA-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 22 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-3F0D4B6DC443B407CBCF1489B7CB57CA-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c67f778fbc452f269acfaebdd85aa44
d464e18a62b5c77bda9c88f7285e238dcf747a65
4495e4d9e21d5b2e5135cc16ad3a87e320c1742baed5436eea6f08b5f6abe0aa
GET /30DAY-AvatarHeadshot-3F0D4B6DC443B407CBCF1489B7CB57CA-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 21454
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: ef24d8011096
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.rbxcdn.com/edc66704bd1974195d8c60f4a163441bec82f1bcb11c492e7df07c43f45a4d49.js
200 OK 74 kB URL GET HTTP/2 js.rbxcdn.com/edc66704bd1974195d8c60f4a163441bec82f1bcb11c492e7df07c43f45a4d49.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (63622)
Hash 096c52a1373d3402d1891e78a72ff1ca
af06578e590bb4bdedc93e2929d7b93aa3965cba
3d6ae062089115769f8b39aa37e26311b99f256b82af68aef72a1f725faf3168
GET /edc66704bd1974195d8c60f4a163441bec82f1bcb11c492e7df07c43f45a4d49.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 2/gSlZBQH+iEQvFnP6oo9v2DBsk6BhjNkboWlObXwQ5bP+lUByxn2UdwSK4yblOd6TWJwU8T1uE=
x-amz-request-id: 0X9NJ9FYF4TF1Z0J
last-modified: Wed, 14 Oct 2020 00:23:09 GMT
etag: W/"096c52a1373d3402d1891e78a72ff1ca"
cache-control: public, max-age=31536000
x-amz-version-id: q_LxmEY2Vv1NuAASryrTHMtsoWbhmr4L
x-cf3: H
cf4age: 373861
x-cf-tsc: 1697732468
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 449a1fb35cddb7baff3547504cfbce7b
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/adeccc658a8d5ddc63fb224cc0bcd3e29b73d70db3847c0379426bfa128d9381.js
200 OK 102 kB URL GET HTTP/2 js.rbxcdn.com/adeccc658a8d5ddc63fb224cc0bcd3e29b73d70db3847c0379426bfa128d9381.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101965 bytes)
Hash 9e6058494cccae8c1eecb3917c9e47b8
c4d6f09a7cfe8e380e64e7bbd57f230ecb422d06
0d5a48a425f1afa73c260137e2ea2ba39491ae5dee9277f4882a0eeae0a221b5
GET /adeccc658a8d5ddc63fb224cc0bcd3e29b73d70db3847c0379426bfa128d9381.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:17 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: zhS7VX4RJi3ZruRmX8Y7KzL55GTT30s62AS8nYBeuTSprRsIy7DJ6tq4j9byERMAiinApph4F4M=
x-amz-request-id: HZXV8EHTZG75A052
last-modified: Mon, 24 Jan 2022 22:48:43 GMT
etag: W/"9e6058494cccae8c1eecb3917c9e47b8"
cache-control: public, max-age=31536000
x-amz-version-id: 8miqXCRvj15F1R2COSA5vXS6Yy.4EO01
x-cf3: M
cf4age: 0
x-cf-tsc: 1673978474
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 707de2dfe8959a404e000217ddc20c4d
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/5370e5e55fc9993ec53b0a4195e82290b8c1c5f95a1fb5cd11a2ec82d5d07809.js
200 OK 3.5 kB URL GET HTTP/2 js.rbxcdn.com/5370e5e55fc9993ec53b0a4195e82290b8c1c5f95a1fb5cd11a2ec82d5d07809.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (3799), with no line terminators
Hash dba8e63580790afe21eebf715283b796
0b6923b85a8e5007763e947c4a4914fae20f82e1
afde8106f42839665ab9d35feb71e0e7a728ac7c5e0576d29de738af95da4d70
GET /5370e5e55fc9993ec53b0a4195e82290b8c1c5f95a1fb5cd11a2ec82d5d07809.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Rb7eVR+DCbwotXKn13pEkZOE18Cg3tcnAbuT+TRXA5A954jxPx54ZehzEHPqhjp8y2ulmIATn4M=
x-amz-request-id: 7T9VTN3BBMZ8DJZR
last-modified: Tue, 07 Dec 2021 22:20:21 GMT
etag: W/"9e2a1059f270bdc220c7a9bcb0cc170c"
cache-control: public, max-age=31536000
x-amz-version-id: xUqftER.GuaCq8tveLqgsdXoZTWpN3DE
x-cf3: M
cf4age: 0
x-cf-tsc: 1695816256
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 7876b5b309a8632facfa2091fabfede8
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/95044be3ff42e3dc429313faca1316cea62f328a39e29689ffeda9002f3a8bc6.js
200 OK 23 kB URL GET HTTP/2 js.rbxcdn.com/95044be3ff42e3dc429313faca1316cea62f328a39e29689ffeda9002f3a8bc6.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash 4ee607ed79a8c978e7086df3a746f907
89118f719b63bafa0cc58347fc4c4b53a481b141
b2ff65837db33c8b8e8dd59e01f3f3b094f742195c8d6f217c783baade88307a
GET /95044be3ff42e3dc429313faca1316cea62f328a39e29689ffeda9002f3a8bc6.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: U6D4ITaG4vkoNJ0mHtrL5Fexg3aQEtmWw8yFM4Xs7loLtZLanWHMRZUgbQOSmTwVtrd0tRmzX2I=
x-amz-request-id: BPBH6G0KFT83BC4Z
last-modified: Thu, 29 Apr 2021 22:47:04 GMT
etag: W/"4ee607ed79a8c978e7086df3a746f907"
cache-control: public, max-age=31536000
x-amz-version-id: OJW.tWcSP37vJ7IgpGnPD3JPoap.4ixy
x-cf3: M
cf4age: 0
x-cf-tsc: 1677719284
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 2b6d9cbeb6cb4845ce08aa7dcbddee37
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js
200 OK 151 kB URL GET HTTP/3 roblox-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerCloudflare, Inc.
Subjectarkoselabs.com
Fingerprint6E:7D:85:B7:2D:33:4C:AC:9F:7B:5B:9A:0A:F8:4B:AB:6A:0F:E3:DB
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT
Size 151 kB (150608 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js HTTP/1.1
Host: roblox-api.arkoselabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Cookie: _cfuvid=XGVA.bpKyTjV99fsgQKeCAe7H6U_IA7hQw3iYZVyhyw-1698861075322-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:18 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 81f5fc2f0c1056bb-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 486196
cache-control: public, max-age=31536000, immutable
etag: W/"3763ca5c6d75616a43468902aff7b465"
last-modified: Fri, 12 May 2023 04:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
x-amz-id-2: R+F9zz1XBJIir1lW1cbPpSDsO6ByZwShhHEZmFgyM6KO8as7SBcpyb6zbHKRDgnqIJFje7+4Wvg=
x-amz-request-id: PN01VHYM5S1RGR8M
x-amz-server-side-encryption: AES256
x-amz-version-id: js6Xlp6Z7xNtDrBHyzcLHcTB0YN._K9R
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/61e5618f3587b191fe85f3a1fc6c4dbb/150/150/Image/Png
200 OK 27 kB URL GET HTTP/2 tr.rbxcdn.com/61e5618f3587b191fe85f3a1fc6c4dbb/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 9957e7d42f77790ab3b9408c20875730
6986192fa5b191f63be5fdae9e15f290ed85b9d8
0f31194c3f533871ee8ea2b48924c103c7f4252846875e828da1bfa48c6ecf47
GET /61e5618f3587b191fe85f3a1fc6c4dbb/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 26628
content-type: image/Png
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI1-WEB2574
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.rbxcdn.com/cf340fb618d9a73913b30dfc624ae60d68b9e59723746e6c08d06d14ebdd6dca.js
200 OK 14 kB URL GET HTTP/2 js.rbxcdn.com/cf340fb618d9a73913b30dfc624ae60d68b9e59723746e6c08d06d14ebdd6dca.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cf340fb618d9a73913b30dfc624ae60d68b9e59723746e6c08d06d14ebdd6dca.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: LPBts8ez5qUwunoLq8KnSDTx+O8B45Vj6A0Fr57OfAUSWvJP6xOzukHv4r4AckV+fS2zheeDLpI=
x-amz-request-id: G2RPJ44G7ABC6MKT
last-modified: Thu, 08 Jul 2021 18:38:08 GMT
etag: W/"e635901144a084ea5240665be5baa113"
cache-control: public, max-age=31536000
x-amz-version-id: 5g3N.oEApkaWF75848hPow7_3hwnSx4j
x-cf3: H
cf4age: 26628
x-cf-tsc: 1696564175
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: e9396c6634c88dbc00f03cfe972477f7
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/users/profile/playerassets-json?assetTypeId=10&userId=1868295962
200 OK 11 kB URL GET HTTP/3 roblox.fm/users/profile/playerassets-json?assetTypeId=10&userId=1868295962
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type JSON data\012- , ASCII text, with very long lines (10810)
Hash 41da4631a1df044ba9ac3d31e721a579
5af1160f93b0c46e14f67180acbc31f63f1d0867
601c519255fe954e2d8dcde2dc1cb3655fd5b47c37fa4f20df76c109e4fdf8f0
GET /users/profile/playerassets-json?assetTypeId=10&userId=1868295962 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc315e875684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
roblox.fm/users/2633435479/profile
200 OK 108 kB URL User Request GET HTTP/2 roblox.fm/users/2633435479/profile
IP
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
Size 108 kB (108198 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /users/2633435479/profile HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:14 GMT
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc14ee3a56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.rbxcdn.com/b8f73eea6b6a8602f787da463c88858dbb1aedeffeb2d07479af47dbda222aae.js
200 OK 73 kB URL GET HTTP/2 js.rbxcdn.com/b8f73eea6b6a8602f787da463c88858dbb1aedeffeb2d07479af47dbda222aae.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b8f73eea6b6a8602f787da463c88858dbb1aedeffeb2d07479af47dbda222aae.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: DFZLuXyRfJcQ6bqxOfZsRUyDTJkouMvsSz6ThdtCFPdCK1BoeL5awZ4paZM7xEK4UaTZcJCnwuQ=
x-amz-request-id: WNCAJ48XR64JF4XK
last-modified: Thu, 14 Jul 2022 00:41:30 GMT
etag: W/"f867d6bc36a95b131afc5c77aa7cc9f5"
cache-control: public, max-age=31536000
x-amz-version-id: ff3ysKvsqakf.cJdefugiqsiUrrrEyPj
x-cf3: H
cf4age: 975951
x-cf-tsc: 1697628261
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 30c4c26c710c66b0dd4e5e0123cdda2b
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/07b194e2522e88438b609a41cddbe4bb1b848f936be678e469bcfdcef4cff99c.js
200 OK 53 kB URL GET HTTP/2 js.rbxcdn.com/07b194e2522e88438b609a41cddbe4bb1b848f936be678e469bcfdcef4cff99c.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (27880)
Hash 921f5f3e1d5031b40f88429f6607e401
5ce740d5e85c6767e861bb5a3bfc7d9ccf93a8cb
e9365b93cfa87fac98fec3d65cc9c8da77f96334fe3914cf6d6f0be241cb381b
GET /07b194e2522e88438b609a41cddbe4bb1b848f936be678e469bcfdcef4cff99c.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: EYZxvUBd65Yexc9p9ullYsS1MmHB299qtJ5FH4fxrJM0acuFTBFoq8ezx8Prh+ZyWXtx2FK+xkE=
x-amz-request-id: NPMPMKDMM7E12T13
last-modified: Mon, 12 Sep 2022 17:06:16 GMT
etag: W/"921f5f3e1d5031b40f88429f6607e401"
cache-control: public, max-age=31536000
x-amz-version-id: RL.KT5n_1ZnQrOS6UozuDIreSou.9L_d
x-cf3: H
cf4age: 1696300
x-cf-tsc: 1697102390
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5e3d1c93edc48c819d0fc9540594f12b
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/de03ec32d530d4845313591fcdf929c0cd82bc2afb9ba47410ad04f4e82b4bb7.js
200 OK 177 kB URL GET HTTP/2 js.rbxcdn.com/de03ec32d530d4845313591fcdf929c0cd82bc2afb9ba47410ad04f4e82b4bb7.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 177 kB (177075 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de03ec32d530d4845313591fcdf929c0cd82bc2afb9ba47410ad04f4e82b4bb7.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 10fBRnFpjuoR1qSg+wNO/6rvnOqzc557LmWSbgBDV8yBe+m1HFimNlQKes4o07vq/plxDDb5zVQ=
x-amz-request-id: MFHZCY4JHMWRA7X3
last-modified: Thu, 28 Jul 2022 16:48:55 GMT
etag: W/"cd3edf903c8f8a38021052519a853c9c"
cache-control: public, max-age=31536000
x-amz-version-id: qHlxW910Xh.uP1pvSBFQM_1N2k0fbG9i
x-cf3: M
cf4age: 0
x-cf-tsc: 1696397166
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 03c4659e5fd434491b0398db43e95766
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/c15073cf382cb56f2db0437ffcd3b9de10a92d99da9833badf3713c969485bce.js
200 OK 9.6 kB URL GET HTTP/2 js.rbxcdn.com/c15073cf382cb56f2db0437ffcd3b9de10a92d99da9833badf3713c969485bce.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (9974), with no line terminators
Hash de28236d5b919fca0db1c3d6abf5bc02
d0e9a34c39854d7b05d2d9db0fba0a493c5e67e1
3abb2723af79fc181c5875501ac1c75f718499235aa530160dac377520c56a99
GET /c15073cf382cb56f2db0437ffcd3b9de10a92d99da9833badf3713c969485bce.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: xd+bz6rJf+6vojFORhqDIm14eZ0eeh6I4VY2PJQ7vH/Y10wFeIxmeSL3w0I+fLwqqacttwoL5Ms=
x-amz-request-id: 6Q2D4022607YCNVT
last-modified: Thu, 25 Aug 2022 00:10:42 GMT
etag: W/"9da81623c50ddc10aed8a188492f4ada"
cache-control: public, max-age=31536000
x-amz-version-id: Lib4xggwqLhJrENlxLDdr4I8.e0T3qgP
x-cf3: H
cf4age: 1701257
x-cf-tsc: 1698221922
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: c3944909793a2771a94b11f50ceea6ab
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/358e6ae5bebb0fa9326d0de99d3ee229ee63236bf44ed11b9ab1d314c7972e79.js
200 OK 1.2 kB URL GET HTTP/2 js.rbxcdn.com/358e6ae5bebb0fa9326d0de99d3ee229ee63236bf44ed11b9ab1d314c7972e79.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1300), with no line terminators
Hash dd8209fb3e5424c2330fe8a007f3afe1
511897163f18e7d9c8d3016944f21590b0cb96e3
6795a25e41a02708a491fe57837dfca59497e7d2eee23b9bdb6cfcbad1fa2f76
GET /358e6ae5bebb0fa9326d0de99d3ee229ee63236bf44ed11b9ab1d314c7972e79.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: qC+cdJKMgjLxVO47j2z9f0DwYlpJyJtArf/A/+HuHO2AoqPW1FITHHagf440btD3rQhE9mhC1RQ=
x-amz-request-id: 6EEAZ16MRJ9S2EJJ
last-modified: Wed, 18 Aug 2021 20:11:13 GMT
etag: W/"7dafbac1a59e0f6dd78eb48f12d14e58"
cache-control: public, max-age=31536000
x-amz-version-id: oJ4CjDmpRjn3BVVztI8WfQFEAavUq6BZ
x-cf3: M
cf4age: 0
x-cf-tsc: 1697621286
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: db398bddc265b3b1f9b9eec56e077e06
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/b2fdfc220f896d90ce64b6e925dd5acf.js
200 OK 1.4 kB URL GET HTTP/2 js.rbxcdn.com/b2fdfc220f896d90ce64b6e925dd5acf.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1419), with no line terminators
Hash 381984f3800907e81955ce978e5413ee
36c68bd029590bbb9a61bffb2ba763acaec632e1
a61615b0351202597c2fc10a1617340ee042ad934d8143bcb1bbed7ff7c52318
GET /b2fdfc220f896d90ce64b6e925dd5acf.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: xMJ87sSi7XtadHTj1n69Yqlj/vHaed3Hp70clDnsNHPFXgu7Cnf/n5X5FH1haYYCG2D3wIRQEuQ=
x-amz-request-id: FF8AHVJEVRZ8BMGR
last-modified: Sat, 30 Jul 2022 07:35:00 GMT
etag: W/"b2fdfc220f896d90ce64b6e925dd5acf"
cache-control: public, max-age=31536000
x-amz-version-id: ndYfvjZ0u7HgPKBK8mzlDHiqWXeFWryy
x-cf3: M
cf4age: 0
x-cf-tsc: 1697102390
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: c6d8dd6ad758979de37dd9f3248fe525
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/bf24cb5f654c931a5af602a9bcbb79aa.js
200 OK 76 kB URL GET HTTP/2 js.rbxcdn.com/bf24cb5f654c931a5af602a9bcbb79aa.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (10622), with CRLF line terminators
Hash bf24cb5f654c931a5af602a9bcbb79aa
ccda2920eb65145b96b7518bc537a47e9cfa7a04
ad938b60958822dfbc708c2829e444e892936ed9476a7d1fc630a6f1783c9acc
GET /bf24cb5f654c931a5af602a9bcbb79aa.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: JHFPat9sw3ae8xrKR9+OJkvomatjFSx5QoWEaK0SqEYEsVxg93g/L9s8SzbhdnDdOhVYeksAwxo=
x-amz-request-id: DTTAWZDH9HB02TSD
last-modified: Mon, 19 Sep 2022 16:43:50 GMT
etag: W/"bf24cb5f654c931a5af602a9bcbb79aa"
cache-control: public, max-age=31536000
x-amz-version-id: LxYY3RBGgRLmkfIvnQ0.GDNtBIOJPtPc
x-cf3: M
cf4age: 0
x-cf-tsc: 1695215983
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: af15925e7c9ed311e32db590cc47410f
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/b0449203aa4d09dd98f37745daa567aa84d251e5e8b148f40daaa8169bdde13e.js
200 OK 35 kB URL GET HTTP/2 js.rbxcdn.com/b0449203aa4d09dd98f37745daa567aa84d251e5e8b148f40daaa8169bdde13e.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b0449203aa4d09dd98f37745daa567aa84d251e5e8b148f40daaa8169bdde13e.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: LRxGlz+vEUp5bU+XjQmig/fDS2oamhO9BVdZWMFr+FrxsVFDn7m6x/Grf703CRx7VYcTRdbeAbw=
x-amz-request-id: C09FRK67NKPCY31V
last-modified: Thu, 08 Sep 2022 00:10:31 GMT
etag: W/"284d35b5dc0bf91311842e727c0e96d5"
cache-control: public, max-age=31536000
x-amz-version-id: cwABaqe7AOxtPFow3OGR.8CpnWFnwf.E
x-cf3: H
cf4age: 79148
x-cf-tsc: 1697707410
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 6396d2e56bc0d9789f4ae049fed4ac37
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/privateJs/ProfileBadges.js
200 OK 11 kB URL GET HTTP/3 roblox.fm/privateJs/ProfileBadges.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (10366), with CRLF line terminators
Hash cb63d7c3345de03d844d616496b8a2d1
217e874cd05ca89f6031e2463257bff33d7874b5
2896126f2e997f8a632753879b8b13721c7428e4e17744fb1249c40e896d3a0e
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/ProfileBadges.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e6-2a16"
last-modified: Fri, 20 Oct 2023 17:12:06 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 5710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hUx3j3f9%2FqOsW871zfoSPYptsCp4ywmnZhudURhAgcWTQ%2FWoaJm7%2FU5RExSS%2FPxfpb9eNVsy0tORi4WyMFGG%2F90lJxUX8dPeMeW6WKS9IugVtlmZSMv2%2FRFkbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc187b3a5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
bom1-128-116-104-4.roblox.com/_/_/1px.gif
0 B URL GET bom1-128-116-104-4.roblox.com/_/_/1px.gif
IP
Requested by https://roblox.fm/users/2633435479/profile
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_/_/1px.gif HTTP/1.1
Host: bom1-128-116-104-4.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
js.rbxcdn.com/cdb4a43d103beb4fae32b4b70508663277bc97e355c75c3ab21d4ff6c69f77c9.js
200 OK 4.5 kB URL GET HTTP/2 js.rbxcdn.com/cdb4a43d103beb4fae32b4b70508663277bc97e355c75c3ab21d4ff6c69f77c9.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (4912), with no line terminators
Hash 08a6fe001883ce483f6b76b8d20b790a
469ac20a8863e5aac999e23359d12eae98ad5caa
092993666fe12e7d353f9a5185470d5de7c0958ca06ba9a41f66cb2e9ae1e997
GET /cdb4a43d103beb4fae32b4b70508663277bc97e355c75c3ab21d4ff6c69f77c9.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: fKqqmg3aoOG0E/4RcDvSHlmfKdO/TIv89yuKAlcynxFBjgrDNc32bpBtOAl8wyvjXcZN9vaZuws=
x-amz-request-id: 39CY89QV5FV3MZNY
last-modified: Tue, 25 May 2021 15:22:13 GMT
etag: W/"63a76b4d87f4d4aa54f1d4b16dcd4d41"
cache-control: public, max-age=31536000
x-amz-version-id: xmt_XlW9ksKTH7BSpxSRCqht1WracTI8
x-cf3: M
cf4age: 0
x-cf-tsc: 1697627444
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 82874834122940d078fd7ab269e7f9f2
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/08ebe979ab2b5ef0dec90d8c0567ecc4/150/150/BodyPart_LeftArm/Png
200 OK 12 kB URL GET HTTP/2 tr.rbxcdn.com/08ebe979ab2b5ef0dec90d8c0567ecc4/150/150/BodyPart_LeftArm/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c84423307a285aa29af8eb17d468a94
e4928fbe75f5fc635eb261d3eda941daafa953e0
e842d54effe0e930ab0de8e12d7b8cea1d7ab936c94a597bf700b5981c288b16
GET /08ebe979ab2b5ef0dec90d8c0567ecc4/150/150/BodyPart_LeftArm/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 11655
content-type: image/Png
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB4518
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
roblox.fm/user-sponsorship/3
200 OK 1.7 kB URL GET HTTP/3 roblox.fm/user-sponsorship/3
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1773), with no line terminators
Hash 33f4c440596afac4c6ed0165c239703d
b7d0475797f3ad79e2deb89b5cbbe416b1846f08
a3c47c7e4f44c1e60775ad5466dfb70550e9d172d6b236b33878b0b8e2c93574
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /user-sponsorship/3 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
set-cookie: PHPSESSID=qgmqgh4g6b468l4ugal2k7it9n; path=/
strict-transport-security: max-age=604800; includeSubdomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc2ecbfb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/b79589d3dfb2446936aac95605deaa507ce5bc3e09073bac7dd04872880694c2.js
200 OK 197 kB URL GET HTTP/2 js.rbxcdn.com/b79589d3dfb2446936aac95605deaa507ce5bc3e09073bac7dd04872880694c2.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (44449)
Size 197 kB (197105 bytes)
Hash 6cfed30cdb69f19c15da9442ad3f8eb7
c0e81e60512fbbcc3c50c9759f4105cd5a442185
0c9969537d1177c77bbe5ee1670a235a8daa10d6f7e6ded34c2b5c1ce3c56f53
GET /b79589d3dfb2446936aac95605deaa507ce5bc3e09073bac7dd04872880694c2.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: hfvXSVlGFGi7W6k1iQRGgr3DDLtnG49V7HOScl19tWkLQLvgf6kqkEe2U0R4Xb4J54Ic/U51wWU=
x-amz-request-id: YJ7WG90DF8JNM3EA
last-modified: Tue, 24 May 2022 23:29:41 GMT
etag: W/"6cfed30cdb69f19c15da9442ad3f8eb7"
cache-control: public, max-age=31536000
x-amz-version-id: 22CT2qQMv5wWQ2tnJ.ebMBmkH5v6kZuU
x-cf3: H
cf4age: 373861
x-cf-tsc: 1697732472
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: b43c767de147417dc6ba817709560039
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/c629f6739d6903fec0d935d26a9cea02ff757856d4ed73a83fd1535affea0300.js
200 OK 3.5 kB URL GET HTTP/2 js.rbxcdn.com/c629f6739d6903fec0d935d26a9cea02ff757856d4ed73a83fd1535affea0300.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (3820), with no line terminators
Hash f131b857e45b45c8c117aa1a6bd1cf63
1a43c3acd12968fe3bb3fbb1ac3a043662e57162
39bd18575ea4b09133eddbc23f3a0936b6ec088c571bb9ceaa60f3a7a864cba0
GET /c629f6739d6903fec0d935d26a9cea02ff757856d4ed73a83fd1535affea0300.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: lp0wJofelc3+jlXa5t9ymDJIJoRAUUqDUQpiEsn8kY8cFTJXX8KtDYTwLcYg8FFUg4m+3uI1vgE=
x-amz-request-id: 79VP4D04P6163J0Q
last-modified: Tue, 07 Dec 2021 22:20:21 GMT
etag: W/"10c4b936895ec071d32581f5ef428b01"
cache-control: public, max-age=31536000
x-amz-version-id: oo3hJ2mewm_lDVgHhfFLaiGrObkiQmMR
x-cf3: H
cf4age: 1263393
x-cf-tsc: 1697059848
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: f46ddd83db9fa6384cdde5383764f4f3
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/1e9c21f67e9901f767acd1db03c4a5c6029d4bc0862424e80c746d6e3cf5b99c.js
200 OK 2.2 kB URL GET HTTP/2 js.rbxcdn.com/1e9c21f67e9901f767acd1db03c4a5c6029d4bc0862424e80c746d6e3cf5b99c.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2460), with no line terminators
Hash 5b218fa31a8580ec076142da962af06b
4160b5efdd10c692bb24d42816529cdc4b5e7d62
e645362e1a1652772b7c2a33b59b14297120ac57927a94168347aca918c10a4f
GET /1e9c21f67e9901f767acd1db03c4a5c6029d4bc0862424e80c746d6e3cf5b99c.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 3rXoDyLMbm/5cUhJbFCmEaRjc5pnJA3xh+T5o5dpcuiG1SxZbaN+Kj9MUnNPL0OfMB30bvvbAf8=
x-amz-request-id: 941WX6W1MW08WGF3
last-modified: Thu, 07 Jul 2022 00:11:09 GMT
etag: W/"32ab999235fa2989b0e909d5c507894a"
cache-control: public, max-age=31536000
x-amz-version-id: ZCCeGncWEyuzZGozehUrVJRhC2NJqsTZ
x-cf3: H
cf4age: 36100
x-cf-tsc: 1698771818
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 21ed4d074d9eed56e1b6953912c4235c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/3f6cf43ba9cc024bb84a85caee38f7c5b98ce5a2e3006d197f21eecc25f495c7.js
200 OK 7.9 kB URL GET HTTP/2 js.rbxcdn.com/3f6cf43ba9cc024bb84a85caee38f7c5b98ce5a2e3006d197f21eecc25f495c7.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (8271), with no line terminators
Hash a4dfe589112914241f4b21f9a6f70f0f
65da46b365cb4c15474a87aef1e613de0e1778c6
8b42cb803e0b416075fed208ddb9b8c7778276ea984c9e3e08ed47f35f72bb23
GET /3f6cf43ba9cc024bb84a85caee38f7c5b98ce5a2e3006d197f21eecc25f495c7.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: xVvC4+uUJ4bvmVeV70mHhneF8TxYw4z1OkjLKFe1cM6dgEWmVkPVhqc4j5gFKL5545PsAlZ2m6w=
x-amz-request-id: 6Q225H7JJQA3ACBD
last-modified: Tue, 26 Jul 2022 00:10:39 GMT
etag: W/"0e052bede13387992f8008d6eaa3942e"
cache-control: public, max-age=31536000
x-amz-version-id: pNEjcKdGlLFYLViLtjbnGr7naByp02Ni
x-cf3: H
cf4age: 539183
x-cf-tsc: 1697059848
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 3a4421b0d60a3f7c4466505ad722763e
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/0eb9f3bc4309642fdf241b8263d8987cbe07add49b9342084cdc23be4e042d93.js
200 OK 5.6 kB URL GET HTTP/2 js.rbxcdn.com/0eb9f3bc4309642fdf241b8263d8987cbe07add49b9342084cdc23be4e042d93.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (6063), with no line terminators
Hash 341a1bf33577c83050703e079fe85115
ae03f231c536903d2053ff38548e1ed364772801
dfac81e2eb41d7cf6ec5206db34e34d4dde3369cba786f1d73a44cee5aff9c0c
GET /0eb9f3bc4309642fdf241b8263d8987cbe07add49b9342084cdc23be4e042d93.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: k2lrKq8qEvRiGznxAKpwXRpOBlAcsEzmd0qxc1W4zYTTHiV68xiqgpKuby2AW3HGFpEE+ghbba8=
x-amz-request-id: T5ZQA6ZDCEK8G748
last-modified: Thu, 27 Jan 2022 00:10:42 GMT
etag: W/"71ddc27009b44e1418832b1fc8854c18"
cache-control: public, max-age=31536000
x-amz-version-id: DSaMb5WuEdmIlsDlsPSE7MAU2bfljick
x-cf3: M
cf4age: 0
x-cf-tsc: 1682906603
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: d0e935dc8375495d14787afa3bb67435
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/6ca23c4bef0b8c2ee82d1bcf9bb3c52c2d8c6b1c6c69ad40ed2d03d0887335e2.js
200 OK 8.0 kB URL GET HTTP/2 js.rbxcdn.com/6ca23c4bef0b8c2ee82d1bcf9bb3c52c2d8c6b1c6c69ad40ed2d03d0887335e2.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (8292), with no line terminators
Hash 6c2347a1d9f496939165099bd15cbd20
0eb63d6a6d4c4f85017b8379e45edb835a93bc2b
19a8f3ac914818f0677f54a6092381ef31cb7a852dba18196aadbffb5dd7eb95
GET /6ca23c4bef0b8c2ee82d1bcf9bb3c52c2d8c6b1c6c69ad40ed2d03d0887335e2.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: sUp6SNdJqh29NVDd5mv2XSV7Vsz0Kyr0RGX2iGNr4GO5d7lneEWNeLNaLuEZtU8a130r80zHIPU=
x-amz-request-id: PQ14716HFSQ52NQW
last-modified: Tue, 26 Jul 2022 00:10:39 GMT
etag: W/"a879fc9acb45b7c1fb474167251b98e3"
cache-control: public, max-age=31536000
x-amz-version-id: F2VlDEd50Cx3nmwY7nSNWf5lrYWEizcc
x-cf3: H
cf4age: 148833
x-cf-tsc: 1697773909
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: ea4c6990a6933570b4af86bc2201829a
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/d44520f7da5ec476cfb1704d91bab327.js
200 OK 251 kB URL GET HTTP/2 js.rbxcdn.com/d44520f7da5ec476cfb1704d91bab327.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 251 kB (250749 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d44520f7da5ec476cfb1704d91bab327.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 2EPOwJ6N4VO2PlDtFSw+rFVtOTbrlRAbi/spPE1uXPHgWVrkKVvR48xvizoN96WPJIYFiEsoA7U=
x-amz-request-id: AAAY5WF41E9DYYQA
last-modified: Tue, 11 Jun 2019 18:24:51 GMT
etag: W/"d44520f7da5ec476cfb1704d91bab327"
cache-control: public, max-age=31536000
x-amz-version-id: C5eh6ouHocdj_iUsaAbHG1XR64KH6HAV
x-cf3: H
cf4age: 373854
x-cf-tsc: 1697732472
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: ad020b9669ebafcdf1f6f6e61a0c28ec
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/ce6a4105a4d28cac59aa57a3d6615d56ba63526569ebfd88d49ac363d61caddb.js
200 OK 4.4 kB URL GET HTTP/2 js.rbxcdn.com/ce6a4105a4d28cac59aa57a3d6615d56ba63526569ebfd88d49ac363d61caddb.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (4565), with no line terminators
Hash cff0afed973fea239c82a7c3be23e330
85969ce4e81db7a0f2c6b65c23ff2001b7b6b020
4557663ad3b9b57a7b494752674912b40acc3539c7f61bab4667a702f5c9b0ca
GET /ce6a4105a4d28cac59aa57a3d6615d56ba63526569ebfd88d49ac363d61caddb.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 82B/qEbBZmk3aZ0e8TAfJChzk+A5Jd0djjJ0tox64TQ3BeMCnK3FQnL8447UCvkrpFodcrz1Ej4=
x-amz-request-id: MPJ3RW1NZY4WNARC
last-modified: Fri, 06 Aug 2021 04:11:07 GMT
etag: W/"d39a5329a499e3cdbd151fe9de5ff9f2"
cache-control: public, max-age=31536000
x-amz-version-id: cLqwVpy2m8SQuTT7TMXBUt2Hd_K6jMk1
x-cf3: M
cf4age: 0
x-cf-tsc: 1697621285
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: a1cfd79fffcc57d30c582f96587b5fb8
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/772034db167d3f4260047db4a7f2b8a58cf448709327013541e47c8962b6e556.js
200 OK 132 kB URL GET HTTP/2 js.rbxcdn.com/772034db167d3f4260047db4a7f2b8a58cf448709327013541e47c8962b6e556.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 132 kB (132452 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /772034db167d3f4260047db4a7f2b8a58cf448709327013541e47c8962b6e556.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 04uVtbScQC2qAwRHPjza8xdDorivWcd4LU+0TrhC45p+l7LHcUWu6WsknDjWjU5HykPljgFGld4=
x-amz-request-id: QR6CKRJ4ZEETR188
last-modified: Thu, 18 Feb 2021 20:31:48 GMT
etag: W/"9d820d1a7b2108579da7302ef37531b1"
cache-control: public, max-age=31536000
x-amz-version-id: gjckLiT46Z.zMdUZzfwHejjrA_Pj.Fg1
x-cf3: H
cf4age: 3401
x-cf-tsc: 1693342078
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5f06a92d6956bc3235b571eb3cda4e6d
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-AF3913529CD4516E115A92D444017788-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 20 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-AF3913529CD4516E115A92D444017788-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d37b8126e2839fbd5c5f70956e67c56d
c08a900bdea82e6bad57805c48a38a220fd34eb4
67f877e54474510a4c944e7f659b7494b9538eafc25f9e96a30dadee04fcdd22
GET /30DAY-AvatarHeadshot-AF3913529CD4516E115A92D444017788-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 20464
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 8890d163e1b3
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:21 GMT
date: Wed, 01 Nov 2023 17:51:21 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-AvatarHeadshot-A4D19CD85F86265EDBB9EB9F287B863C-Png/150/150/AvatarHeadshot/Png/noFilter
200 OK 9.5 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-AvatarHeadshot-A4D19CD85F86265EDBB9EB9F287B863C-Png/150/150/AvatarHeadshot/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a706720b8251829fd2b8788b25a92e8
91e16928e8ea0802211f3dfae88e5cdaa482a15c
865a56e621b58d0000b282c19485174ec3bc19f4c3e2bb029994f7e77f3a185a
GET /30DAY-AvatarHeadshot-A4D19CD85F86265EDBB9EB9F287B863C-Png/150/150/AvatarHeadshot/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 9508
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 0e396020ffdf
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
lhr2-128-116-119-3.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 lhr2-128-116-119-3.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: lhr2-128-116-119-3.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
js.rbxcdn.com/4a481e857787c241b22259659a0674a7.js
200 OK 138 kB URL GET HTTP/2 js.rbxcdn.com/4a481e857787c241b22259659a0674a7.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (38663), with CRLF line terminators
Size 138 kB (137585 bytes)
Hash 4a481e857787c241b22259659a0674a7
30fdae6dc00656fbdb8e70b3d2d440e7a5801814
686c0bff8fd6170505cc9b94f464dc6baf8acdb1c6e30f0c640a8c50dcc8b581
GET /4a481e857787c241b22259659a0674a7.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: emF7tmwDDOvBaJBFvNYvjs5LjA7d8ZBJ/Rc4X0TywX5zMGDfcR7KsK6xsqJSPEKrcYB5MGOwrD4=
x-amz-request-id: JXSW22XKCTPWMT4Y
last-modified: Fri, 05 Aug 2022 19:43:24 GMT
etag: W/"4a481e857787c241b22259659a0674a7"
cache-control: public, max-age=31536000
x-amz-version-id: UO.XBHRx4pCAtLszQxqzShTzZo85CRH3
x-cf3: M
cf4age: 0
x-cf-tsc: 1679380050
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 3c663d5250a6f732f9e76f677b6f8c1a
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/6852af8f7df15395ccb3d121a914ee7301a7162f5afb3395575c6075c617923f.js
200 OK 1.8 kB URL GET HTTP/2 js.rbxcdn.com/6852af8f7df15395ccb3d121a914ee7301a7162f5afb3395575c6075c617923f.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1913), with no line terminators
Hash 0a1a53c5db161a71bf4705360a9db312
52d255a6aed33cf63e740dc5bafa918314fe8eed
ca773937e898141186c3ff2fc32a2447a1cffe18b49cb58d3f6ee10d1d228da0
GET /6852af8f7df15395ccb3d121a914ee7301a7162f5afb3395575c6075c617923f.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: mCBQDTmOBrLBob1KpBJp/DiIK//a6y12pHYzW+9Uu+HLJUcG5ewzNRACKDpzbij+ej93kFIEUgw=
x-amz-request-id: AAAK5F4RZEA6EHS0
last-modified: Wed, 12 May 2021 03:21:55 GMT
etag: W/"1e41c14439a61ee159c462ffd6e1ac5c"
cache-control: public, max-age=31536000
x-amz-version-id: MnUzqb0w10fxyBx_4HAo1bp41JSS7yXR
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 9ff22998dbb4bda4683f81461b6b6e33
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
tr.rbxcdn.com/30DAY-Avatar-0C4E339619AD3696A297A6396F2C7ECE-Png/352/352/Avatar/Png/noFilter
200 OK 33 kB URL GET HTTP/2 tr.rbxcdn.com/30DAY-Avatar-0C4E339619AD3696A297A6396F2C7ECE-Png/352/352/Avatar/Png/noFilter
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 352 x 352, 8-bit/color RGBA, non-interlaced\012- data
Hash 45d49a97768b69b879ee62c02f0fe221
87d587077d8a7157c6f2778ec704d0ee338742f0
cead22a89b1c5be38eb197aa415c24274a08cca8145b850cb2831c1380233e7d
GET /30DAY-Avatar-0C4E339619AD3696A297A6396F2C7ECE-Png/352/352/Avatar/Png/noFilter HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 32713
content-type: image/Png
server: Kestrel
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: cd45b05573c9
x-roblox-region: us-central
x-roblox-edge: iad4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:20 GMT
date: Wed, 01 Nov 2023 17:51:20 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
aws-us-west-1c-lms.rbx.com/
200 OK 43 B URL GET HTTP/2 aws-us-west-1c-lms.rbx.com/
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerAmazon
Subjectaws-us-west-1c-lms.rbx.com
Fingerprint57:BB:FC:88:50:A5:54:24:18:72:1C:D5:FE:C7:9A:E2:93:DE:71:14
ValidityTue, 21 Feb 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET / HTTP/1.1
Host: aws-us-west-1c-lms.rbx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:23 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALB=6vsiBcZrWVzXFM9g/03thyp6F7WOCJ0Sy4F0+aI6jHFWrgHBQCvdxUb1Tz61QFNIWsM+qhM3I3Ug9j2RytrEP2+PLCFxQ/Xfy85FAMXdnn6ke/q3vnfIRgVq4/lB; Expires=Wed, 08 Nov 2023 17:51:23 GMT; Path=/
AWSALBCORS=6vsiBcZrWVzXFM9g/03thyp6F7WOCJ0Sy4F0+aI6jHFWrgHBQCvdxUb1Tz61QFNIWsM+qhM3I3Ug9j2RytrEP2+PLCFxQ/Xfy85FAMXdnn6ke/q3vnfIRgVq4/lB; Expires=Wed, 08 Nov 2023 17:51:23 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
js.rbxcdn.com/aea2ac0ba42d423fbbe50e96dce2ac4e9fdf2798381c00ca5d402aebc6dc7d83.js
200 OK 12 kB URL GET HTTP/2 js.rbxcdn.com/aea2ac0ba42d423fbbe50e96dce2ac4e9fdf2798381c00ca5d402aebc6dc7d83.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (11493)
Hash ba74abcfbb4878b110770eedd1ff3154
4150c31f07492182eacce6d9107127daf8868d38
b84f294fcf40e0b53d9cf245e5385eb07b0ffbfc3a013f7665b5f9075676aaf9
GET /aea2ac0ba42d423fbbe50e96dce2ac4e9fdf2798381c00ca5d402aebc6dc7d83.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: UD2qCovk9xPEp4DBWlG7QzoM6GCxi/JLJoLQ90kniJQJ1HDIL6qUeu61Fh7QXBiUQ9v2RZ00NlI=
x-amz-request-id: 6NCRC5P4BFY7F5MC
last-modified: Thu, 13 Jan 2022 00:43:27 GMT
etag: W/"ba74abcfbb4878b110770eedd1ff3154"
cache-control: public, max-age=31536000
x-amz-version-id: hCIOP7MJXj_u4RRASLcS028O1bCiFrzP
x-cf3: M
cf4age: 0
x-cf-tsc: 1692843631
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 7f892629e875355e7be31d1edb3958d1
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
images.rbxcdn.com/bcf5d84d4469c075e6296bfbc4deabb1
200 OK 2.0 kB URL GET HTTP/2 images.rbxcdn.com/bcf5d84d4469c075e6296bfbc4deabb1
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 180 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash bcf5d84d4469c075e6296bfbc4deabb1
cdecd6f1c34e3abb9e5318f8fa9f914ae497f184
c3f5cb5693554522cadf48baaee026b22d96d2b817353bb45d0412ec5b6494da
GET /bcf5d84d4469c075e6296bfbc4deabb1 HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: GNah2xntPhHuhIYR016sKS1tXVWct9sLkXm1VRV0XYZ+AvfHUrZDOGzl3m5NO65FbbPFuXKRbRA=
x-amz-request-id: 6WTQEF4WAVM9PWNR
last-modified: Wed, 24 Aug 2022 00:00:12 GMT
etag: "bcf5d84d4469c075e6296bfbc4deabb1"
x-amz-version-id: L9SUyi.uMlnAGdMc8EEQa2E7uEi0x2nQ
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 2012
cache-control: public, max-age=25630065
date: Wed, 01 Nov 2023 17:51:19 GMT
X-Firefox-Spdy: h2
images.rbxcdn.com/994d61715b1d8899f7c7abe114ec452a-common_sm_light_12032018.svg
200 OK 4.5 kB URL GET HTTP/2 images.rbxcdn.com/994d61715b1d8899f7c7abe114ec452a-common_sm_light_12032018.svg
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4636), with no line terminators
Hash 3defc90ba00fe9277734117677a6d3be
06260e7c83f1ee71f47b43bb6df795a7890afdd2
ed85d0ca5ca2ff267ae11047348e42cb7d44195d4fb520dc66eca9545e0fc5d4
GET /994d61715b1d8899f7c7abe114ec452a-common_sm_light_12032018.svg HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.rbxcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ftKbMpN4mSJL063QZbABdL+WH1FhKVUeNO6Wx9vkTc4c8Wxvx5qvh9opkKwqd70mQCiNhuTqMoc=
x-amz-request-id: EA9064AAE52AA026
last-modified: Fri, 07 Jun 2019 05:47:30 GMT
etag: "994d61715b1d8899f7c7abe114ec452a"
x-amz-version-id: PNyz1GcdKV00EN2CqtffRZilQgzxsZkZ
accept-ranges: bytes
content-type: image/svg+xml
content-length: 4518
server: AmazonS3
x-akamai-ew-subworker: 8096267
cache-control: public, max-age=25261908
date: Wed, 01 Nov 2023 17:51:20 GMT
X-Firefox-Spdy: h2
roblox.fm/users/2633435479/profile
302 Found 108 kB URL User Request GET HTTP/2 roblox.fm/users/2633435479/profile
IP
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
Size 108 kB (108198 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /users/2633435479/profile HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 01 Nov 2023 17:51:14 GMT
content-type: text/html; charset=utf-8
eggy-wall: eggy#8888
location: /users/2633435479/profile
set-cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; SameSite=Lax; path=/; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADsEmTdF2HglUciFgO5%2BdVL1vB9XqTvOiNmXJGYWByjMH6D%2Bw2J8tmlyEnxCT09en5%2BhmB7yU3VKe3MHLi%2FOyPbo%2FrAf7P99NJQwM02ZEX%2FwyWvZiJqCAPP4u2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f5fc147d8e56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.rbxcdn.com/8cd6abee4abc62beee3af45eaa3a2894ce41c1d6a02bd6b158d5ea7001127921.js
200 OK 6.1 kB URL GET HTTP/2 js.rbxcdn.com/8cd6abee4abc62beee3af45eaa3a2894ce41c1d6a02bd6b158d5ea7001127921.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (6443), with no line terminators
Hash aca8f9db644e8dce86f5f2cfd92a8f3e
020333d329171cd5480a3937e580b8e5919d4927
0533eaf6f4102557f53c9f82b1cfeafa44e47f11555179262226ab1135d4eb2d
GET /8cd6abee4abc62beee3af45eaa3a2894ce41c1d6a02bd6b158d5ea7001127921.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: GOpMedmGIINyB6JSHvp2lXv0yg5tHqFDazl6E9MPf/US9fwtUBZAuijTfOc5YkAf/xjKj/pL4/4=
x-amz-request-id: 39CN96FGH87TF2TV
last-modified: Mon, 15 Aug 2022 20:10:31 GMT
etag: W/"6e288730af012ffc9f1696b2a7d99aa4"
cache-control: public, max-age=31536000
x-amz-version-id: jzkcTeZJ50YJ5LL_R__h2y34NqPfaSqT
x-cf3: H
cf4age: 123117
x-cf-tsc: 1697750562
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 226f6074f84d1c4ce2489a05ced5b3d6
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/privateJs/CurrentWearing.js
200 OK 8.5 kB URL GET HTTP/3 roblox.fm/privateJs/CurrentWearing.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (8668), with no line terminators
Hash 3ea3de8ac15fc4899dc938fd63495ff8
fd159580b9aadbb562343443d14760b73973ff54
8cb0e4493a63d33d6a8beaafebfd2ac26e0368bccfa21d343361b3173281ccdc
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/CurrentWearing.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e5-2142"
last-modified: Fri, 20 Oct 2023 17:12:05 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 5710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NT6td8%2FWlgFf85vuP8dEv2XsqIRMfZfTZ7tQJoF1DALELzEc2Z3IsWtABAVZS4tZlyyeQ0jYw%2F93w5tZULXjvk1b9L%2FtFvCRqkdaRrXjYCPitx2RsWrh2s8iFto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc187b385684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/8165702e491136cf4bab9ad02c3a0d15/150/150/Image/Png
200 OK 48 kB URL GET HTTP/2 tr.rbxcdn.com/8165702e491136cf4bab9ad02c3a0d15/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e57e7abdb9b1e00052f41f3418ecd6ec
6ebf630f1edb4a17c388167a8a7faff806902582
2c506c4b67dcbd260a832ef2eabf08607aeeaa2647610ff4ae781831d3a17c84
GET /8165702e491136cf4bab9ad02c3a0d15/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 47831
content-type: image/Png
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB5177
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecsv2.roblox.com/www/e.png?evt=pageHeartbeat&ctx=heartbeat2&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A29.618Z
200 OK 68 B URL GET HTTP/2 ecsv2.roblox.com/www/e.png?evt=pageHeartbeat&ctx=heartbeat2&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A29.618Z
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /www/e.png?evt=pageHeartbeat&ctx=heartbeat2&url=https%3A%2F%2Froblox.fm%2Fusers%2F2633435479%2Fprofile<=2023-11-01T17%3A51%3A29.618Z HTTP/1.1
Host: ecsv2.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
date: Wed, 01 Nov 2023 17:51:28 GMT
content-length: 68
x-envoy-upstream-service-time: 1
server: envoy
vary: Origin
strict-transport-security: max-age=3600
x-ratelimit-limit: 3600000, 3600000;w=60
x-ratelimit-remaining: 3599998
x-ratelimit-reset: 32
x-roblox-region: us-central
x-roblox-edge: lhr2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
js.rbxcdn.com/83d836a661ff433d5b7ce719c489e43af590ff75ab39ccc6d393546fe91b766a.js
200 OK 27 kB URL GET HTTP/2 js.rbxcdn.com/83d836a661ff433d5b7ce719c489e43af590ff75ab39ccc6d393546fe91b766a.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash 3ee7ef4fbd7fd6a8598053bb1c9163ac
477c9e17205ab78bc62d93a04874f0dd2d42f503
31ef50611f6981b083bc1c17f1a2d9df1c2b1722d63548902000e47dab835c65
GET /83d836a661ff433d5b7ce719c489e43af590ff75ab39ccc6d393546fe91b766a.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: XwqbAmBsliCplXggVbXt1UPC7uazclrmHoOcxTYBUFKM/qP7zL76gNI2WIx2B5BCJFnbZoUQSZ8=
x-amz-request-id: 0X9MYJ9DWBBQ0QPE
last-modified: Fri, 19 Jun 2020 00:31:02 GMT
etag: W/"3ee7ef4fbd7fd6a8598053bb1c9163ac"
cache-control: public, max-age=31536000
x-amz-version-id: TTkd3QF_RMdbXOz0KjQ4kU5xdUIcgH1c
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358607
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: a7ff48b0b3ca431e36f2426c7710dbf3
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/f1c993578f9e72da8a554cf8931c293f8020438c236b4c304fb3d527e9e15638.js
200 OK 6.1 kB URL GET HTTP/2 js.rbxcdn.com/f1c993578f9e72da8a554cf8931c293f8020438c236b4c304fb3d527e9e15638.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (6464), with no line terminators
Hash cda913a1cc10db0fbfea65047a9e337b
d617a2ee644708ee64fa565593671743900c9abe
e3ab5ad905d553d566d11b5004c124e143ad8556539f8f02a8b857ad0abaed0c
GET /f1c993578f9e72da8a554cf8931c293f8020438c236b4c304fb3d527e9e15638.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: MLh/5TJgjKTKJq7MZM7W21GHYa6pX2PWRQvhSMPNCSFAZc9/2C3lyInog5R8RDq1Uz8xb0fqTuA=
x-amz-request-id: XM8RKP5CP4M86HZ0
last-modified: Mon, 15 Aug 2022 20:10:31 GMT
etag: W/"e1ba05af2a8d37b5d75b30e70f4b89bf"
cache-control: public, max-age=31536000
x-amz-version-id: JC8OMAdgSmTBBup_.oROmj4vG6A3hC75
x-cf3: H
cf4age: 1733
x-cf-tsc: 1675239282
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 1b68a25665af3b0dda7c6e828d5d449a
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/c1300ec424eab695a3fd12fcaed2ef4f1365d575cb029ee094254ddbcc3396ff.js
200 OK 366 kB URL GET HTTP/2 js.rbxcdn.com/c1300ec424eab695a3fd12fcaed2ef4f1365d575cb029ee094254ddbcc3396ff.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 366 kB (365911 bytes)
Hash 67e413d32378b1d451e0e931e78466ae
ac3e5f97c2a9b41cfa5d2a883beb616f01b685b3
8a4acb94f7b13454e4683baa9e3fe26f2ed88e6db88fc882048d70c7d46eb7a4
GET /c1300ec424eab695a3fd12fcaed2ef4f1365d575cb029ee094254ddbcc3396ff.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: d/GE+D+MGbJGAUsHX9LFgxJ41U+dagGuZYgpAk4BdsvInC/5g86Rh6UUi8CIusbRVu+dYvRHGjE=
x-amz-request-id: VN967WVQ3VJDGS47
last-modified: Thu, 14 Jul 2022 00:41:29 GMT
etag: W/"67e413d32378b1d451e0e931e78466ae"
cache-control: public, max-age=31536000
x-amz-version-id: E5xna_iGMQSZc6B0PikjmmXvjp8e6FVw
x-cf3: M
cf4age: 0
x-cf-tsc: 1667848638
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: ddd5b04672f325b89a4c4e49a374b8e0
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/c0606e8d6eb4487cdc70d318e6de3d9aaeeb465ddb84acd95139011e56c5e5c6.js
200 OK 1.5 kB URL GET HTTP/2 js.rbxcdn.com/c0606e8d6eb4487cdc70d318e6de3d9aaeeb465ddb84acd95139011e56c5e5c6.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (1521), with no line terminators
Hash d352c713ba0dc80476db71795ef0d0b3
47891c7705e137fc7078ab144d82250cc82f4412
a7dda68109c224495323aecd8c7067562c62a39d178127f8d7e30806789270bf
GET /c0606e8d6eb4487cdc70d318e6de3d9aaeeb465ddb84acd95139011e56c5e5c6.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 3VIwzdovWGQZxF2yABH/t+EIxXDrnQBxOZabFZWC82upQWGckySLO6g7meo4AnQ+2DhyDNAlHzY=
x-amz-request-id: G19NWRGCR0QW7YVW
last-modified: Wed, 03 Mar 2021 20:21:51 GMT
etag: W/"e3553b406af60d93e6ce493cbc788efc"
cache-control: public, max-age=31536000
x-amz-version-id: .zsiNBqMq.R9VGSZaaXCoi46x8cXreb2
x-cf3: H
cf4age: 712028
x-cf-tsc: 1697358620
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 0d095daa4471cdfebb7542f8cce73ba9
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/a054aec7da3a2b719cf38e09c5f6a9f45af54f6e632aa964ccc8b5ec2d83b9b0.js
200 OK 1.5 kB URL GET HTTP/2 js.rbxcdn.com/a054aec7da3a2b719cf38e09c5f6a9f45af54f6e632aa964ccc8b5ec2d83b9b0.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1590), with no line terminators
Hash 1464f9e3aaf08e26f0e6a4e889e5282f
b33a6c06542fefb464bd484f1f4f05320fe82ec6
79ea1bfc8d7a71264643d4fe9d3923617b221f09db6eeb19f857144051ed106a
GET /a054aec7da3a2b719cf38e09c5f6a9f45af54f6e632aa964ccc8b5ec2d83b9b0.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Rgs8m9/iJSdPHo/7HLZJ1VkcxI8Egd4wylv91JJtOsoNF76L2oaiIyFn/FUBNgWTa/8lRUAvuWE=
x-amz-request-id: AAASSG3NEPFJZZYX
last-modified: Thu, 14 Apr 2022 00:10:56 GMT
etag: W/"304c33ce16dcb5dce6eeb186759c73eb"
cache-control: public, max-age=31536000
x-amz-version-id: VGkEJKnHCKgPuba71di0KxWl7WjfO.Pc
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 9b0b2b081a8c9541d94e93c6c62f7186
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/ffcc04436179c6b2a6668fdfcfbf62b1.js
200 OK 1.7 kB URL GET HTTP/2 js.rbxcdn.com/ffcc04436179c6b2a6668fdfcfbf62b1.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1758), with no line terminators
Hash 404020fdcf164fd8a1d0fc2332ba7d56
d15ddc56fffb9bfeff3b5c6919de5a334c05b77a
60495a8fc75e8d207d137170417c9f05b844b721a3850aafa5a6c6a2c7dfb33c
GET /ffcc04436179c6b2a6668fdfcfbf62b1.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: iU8jf4nHep4NdDKqMRNS1AB45eIvkWAEGKgAF2vx2W+/x83cs1K3M3z01Gwqb5nUfc/vfXQE8bI=
x-amz-request-id: 4YB4X69DJ817C3M1
last-modified: Mon, 13 Apr 2020 23:58:19 GMT
etag: W/"ffcc04436179c6b2a6668fdfcfbf62b1"
cache-control: public, max-age=31536000
x-amz-version-id: 9mSirlbN.hTg9LSKRB3PBYfdXgOV4pB9
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358620
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 21c7b316189211725a51a074568dfcb5
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/f4943448e16b63aa3eb1c33bdb12cd16e7cf164ded346d9cc2121f5e05f0c219.js
200 OK 13 kB URL GET HTTP/2 js.rbxcdn.com/f4943448e16b63aa3eb1c33bdb12cd16e7cf164ded346d9cc2121f5e05f0c219.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (12612)
Hash f003eb2a144f276cfc14d3141cc5d93f
2082615cf417e43193929d15b52e6ee5040858eb
8e581e898384431c9ac0ae17444fba5763060a3e70aa9ca3abc128d17d4a646c
GET /f4943448e16b63aa3eb1c33bdb12cd16e7cf164ded346d9cc2121f5e05f0c219.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: aZBZu+lOo4iQco2LDnxLSy7DAPb/omATdqoX4goQWmTueiRNiFHIgNAObvt9w6vklUMzPC+Lgyg=
x-amz-request-id: GYFKX0PV21QBEXQW
last-modified: Fri, 09 Sep 2022 17:24:25 GMT
etag: W/"f003eb2a144f276cfc14d3141cc5d93f"
cache-control: public, max-age=31536000
x-amz-version-id: EgoD4vZNno4tz7MuE8H4PNBnT3KDI37p
x-cf3: H
cf4age: 3107239
x-cf-tsc: 1697707410
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: efc52d3fa93eca60db4025b46b088b69
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/9cdd3e705e1509e946b3916eb1d5336665c559cea71280c5eeecb04165310be7.js
200 OK 34 kB URL GET HTTP/2 js.rbxcdn.com/9cdd3e705e1509e946b3916eb1d5336665c559cea71280c5eeecb04165310be7.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9cdd3e705e1509e946b3916eb1d5336665c559cea71280c5eeecb04165310be7.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: JVibaaWAVV8TshP/Og8XHm7gfzM7spa3QkyDlBlw1Umy25rVWFAoN+O+owiVd8GtF/oAEN0L+nY=
x-amz-request-id: G3TFKGQE25T9DS66
last-modified: Wed, 21 Sep 2022 20:11:06 GMT
etag: W/"d2b35c28d4c6cc5f4874b81312cd6dd8"
cache-control: public, max-age=31536000
x-amz-version-id: TuDSUvl41ddiF_FzI17_CZnxIW5.K8MV
x-cf3: M
cf4age: 0
x-cf-tsc: 1675125971
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: e9f8db67469ad3cbf56ffb35e2852ce1
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/privateJs/Navigation.js
200 OK 79 kB URL GET HTTP/3 roblox.fm/privateJs/Navigation.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (65362), with CRLF line terminators
Hash 67204d7834bff28aea262baaf74a4bb6
2c18091c612cf154d42466f13ae98b95a60be21a
4985ef86c1eb30d93b1fb740da47b8672b4e875acb31c81d22684d2c3d602f11
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/Navigation.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e6-13603"
last-modified: Fri, 20 Oct 2023 17:12:06 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOzhUYcGnRUdOcWhQ05LTB48avXID%2BKOq0XHbiR6RJD7%2B4jxv1lZ%2FTu%2F2AsrZLk3Mlzp1klcUskl4cZ004%2FSK%2BunQpMq5bLGtJFH9ggTWsDQSXPwFZXPYj%2B3Ew0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc183aff5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gold.roblox.com/_/_/1px.gif
200 OK 43 B URL GET HTTP/2 gold.roblox.com/_/_/1px.gif
IP
ASN #22697 ROBLOX-PRODUCTION
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerSectigo Limited
Subjectroblox.com
Fingerprint63:EE:B6:92:2C:0F:A5:1F:70:49:55:41:B5:CF:A0:82:B1:A5:AE:D2
ValidityWed, 22 Mar 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /_/_/1px.gif HTTP/1.1
Host: gold.roblox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
x-rblx-origin: lb
cache-control: no-cache, no-store
content-length: 43
content-type: image/gif
alt-svc: h3=":443"; ma=60
X-Firefox-Spdy: h2
js.rbxcdn.com/95fdafe5af749e388de603b9ee7f67bb092c3c790badc572db4e2bca0c32b49a.js
200 OK 1.5 kB URL GET HTTP/2 js.rbxcdn.com/95fdafe5af749e388de603b9ee7f67bb092c3c790badc572db4e2bca0c32b49a.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (1542), with no line terminators
Hash 4d9ffd52be187efdba51699b3c78ec71
c1f6c52a7941b9cee1ad7ebc4579a1c4308835fa
90ec92b4982eae9151875f00b3843458375cf017e75fef8ed500f528d544af1e
GET /95fdafe5af749e388de603b9ee7f67bb092c3c790badc572db4e2bca0c32b49a.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: KyxBZmD71QfIbMK+QO7KoGb/9HYYw4RMYTyyV3olxj1qD8HTfP/N0GLz98Ma1ouRhyXWR7Jsn9o=
x-amz-request-id: 4YB5V5MB3AEKW8BD
last-modified: Wed, 03 Mar 2021 20:21:51 GMT
etag: W/"00e91f24cef6a93c8f0dde76b7b51e2f"
cache-control: public, max-age=31536000
x-amz-version-id: oRkbliH7hDgUrid0Cmr3PQ_WKlDq3Jbf
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358620
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 0954a86317550a162a291fb6531ada3c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/68896d2573131793f425731c85898bbac9c88c13ed264c68cd8cc87b1c3545e4.js
200 OK 75 kB URL GET HTTP/2 js.rbxcdn.com/68896d2573131793f425731c85898bbac9c88c13ed264c68cd8cc87b1c3545e4.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (34152)
Hash 365776e3130cc87c7fb40cd302d65e7a
c834e260a7859eb7394c70f916c3889224c10bae
1381fd8c6289326e30c3d60a8d4449dfea3a8984067119a26e7cf78c1f68dd80
GET /68896d2573131793f425731c85898bbac9c88c13ed264c68cd8cc87b1c3545e4.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: W3sRHVbxI5Jv/xnc93Mx89GsRZCwrlonZANdSxQ0sh4Wz/kugmhyYrTTuXrm+V6sEm9nftl7c74=
x-amz-request-id: KSCNSETVQKY60SG3
last-modified: Thu, 15 Sep 2022 23:02:10 GMT
etag: W/"365776e3130cc87c7fb40cd302d65e7a"
cache-control: public, max-age=31536000
x-amz-version-id: yoZP8WQCmeqDJ1hLrdE76YspJZXFonFG
x-cf3: H
cf4age: 2775689
x-cf-tsc: 1697628261
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: fc727d095cf6e931c6a243ab0df60440
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/357eab8c76686d6ca33ec7867f6d9268d3c7e0313532c42d3885c92fe3fc0293.js
200 OK 262 kB URL GET HTTP/2 js.rbxcdn.com/357eab8c76686d6ca33ec7867f6d9268d3c7e0313532c42d3885c92fe3fc0293.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 262 kB (261465 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /357eab8c76686d6ca33ec7867f6d9268d3c7e0313532c42d3885c92fe3fc0293.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: d9ODM7toJ9WYVvfZYsAxEAeVk791xtArvrF0cRGclDEfIw1NRUZR52tGtN0a4URKtZDSK3BieiA=
x-amz-request-id: MFHPB730NYZQXHM7
last-modified: Fri, 09 Sep 2022 17:24:27 GMT
etag: W/"ba93008388cd2293b0f30357521f58cd"
cache-control: public, max-age=31536000
x-amz-version-id: Cf837rB302eoBEllyT9T52ZOSpSbUN8b
x-cf3: M
cf4age: 0
x-cf-tsc: 1696397166
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 0b32f9b4b49195de2f9a6f6c592821cc
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/18dede93de3aac02225e1e6e9957d98d6983c39fc9e76eb0cdb05090e5551f95.js
200 OK 4.1 kB URL GET HTTP/2 js.rbxcdn.com/18dede93de3aac02225e1e6e9957d98d6983c39fc9e76eb0cdb05090e5551f95.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (4271), with no line terminators
Hash 827e684dfead451e3fbf6c6e082e3cb8
d00a2d766a8642b56f9b5582bcfaf1e1ac5a03f6
9839eb3a89b5448648e712a24d29943eac1d8a35761bb9a13d1e10ddc66c062e
GET /18dede93de3aac02225e1e6e9957d98d6983c39fc9e76eb0cdb05090e5551f95.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 24rVSPvX6u0Ajc8tq6TPYDvVo5j/37jJMu9KJMp6LIMY32pks2OHo6LRv3FE1KxzaZu9ZPNBMAc=
x-amz-request-id: 2CTHMB4D6C7TJH5D
last-modified: Fri, 04 Mar 2022 12:10:26 GMT
etag: W/"2434ddd0ebe572e9bf091853be1d5a7c"
cache-control: public, max-age=31536000
x-amz-version-id: vW4BPGL1OwsPLIaFoWr9XYHX.y_za4xa
x-cf3: H
cf4age: 4888239
x-cf-tsc: 1698083495
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 49834875cabe7339adfef8b28fb5f17c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/privateJs/PeopleList.js
200 OK 23 kB URL GET HTTP/3 roblox.fm/privateJs/PeopleList.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (22942), with CRLF line terminators
Hash 4bbbcd17339b14ca9e2b949066fe96bf
3839c3d75808d3c9cf145ae8c320a0d868859e48
9ef91b82e81dd2fc06474fd8a0bbe06654ef3e1917335e8a787d5a7c03103c9e
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/PeopleList.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e6-5a82"
last-modified: Fri, 20 Oct 2023 17:12:06 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 5710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRlXFDOb6Yi%2BhIMJDQS5Wsek77cJnpBHZ6kUrmwfnvBJJ24cNNWkpvIQ1He79xjZuNqZb4%2F8z7RZ6qMHg4NGl0foyMfYx1P5TQrDTQRVoRrM3G1hJT0qNT4szrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc185b1f5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/97b99d5ea1fd09bf3fa4aed595502676b5c6d366675698913916b7b0f1b33a30.js
200 OK 2.6 kB URL GET HTTP/2 js.rbxcdn.com/97b99d5ea1fd09bf3fa4aed595502676b5c6d366675698913916b7b0f1b33a30.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2777), with no line terminators
Hash 8f83c79df13091884f97f9aaaa9b3d69
62a13254dfa166c2f63afe53cff32ae0d8b98b97
b789a9c3276e20c31108241f6dff5d9318a0028654647894a17d1c68c2165129
GET /97b99d5ea1fd09bf3fa4aed595502676b5c6d366675698913916b7b0f1b33a30.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: H4AKWcFSMqI2rOEGoLPg9HKtNTTdNegnPKzoPCIuzVjLIILv1B9JnwR9Ncu2fyjzrXgrW8juvGg=
x-amz-request-id: 1HGEZP8TK6TDB95S
last-modified: Wed, 12 May 2021 03:21:57 GMT
etag: W/"c44aedecd7e3ccf371323073714fb16c"
cache-control: public, max-age=31536000
x-amz-version-id: mqF2sKuUQkHwN_rpyIBzgg.sgRLMpi4B
x-cf3: M
cf4age: 0
x-cf-tsc: 1697373132
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 90b2699e5235cc84bd5fadd837094d51
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/6df275f4290dbf3a38657783651fac4e.js
200 OK 143 kB URL GET HTTP/2 js.rbxcdn.com/6df275f4290dbf3a38657783651fac4e.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (32004), with CRLF line terminators
Size 143 kB (143060 bytes)
Hash 6df275f4290dbf3a38657783651fac4e
b307f90a88583a6c4d9781abc0c8ac8621cdc7c8
5c8b5bba4ecbcaef4291851548145b6618cc55054a3c792c32fa71a17b64543c
GET /6df275f4290dbf3a38657783651fac4e.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: qnR7ZfsDOnv5DPOjf7soDiUCXQgguklNGjTA5m0ccpSz//B5HMHlcZ+6X32yPveVR/y/1DAEON4=
x-amz-request-id: 0BHGH6A1GFDR5EEQ
last-modified: Wed, 10 Aug 2022 21:43:03 GMT
etag: W/"6df275f4290dbf3a38657783651fac4e"
cache-control: public, max-age=31536000
x-amz-version-id: GvGWvXiudOH3AjIi3ZBEMPxw6pb5lFQX
x-cf3: M
cf4age: 0
x-cf-tsc: 1698459330
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 2d8a7a14eb053ddd380767d59e713d9b
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/game/report-stats?name=ResourcePerformance_Loaded_funcaptcha_Computer&value=7
200 OK 1 B URL POST HTTP/3 roblox.fm/game/report-stats?name=ResourcePerformance_Loaded_funcaptcha_Computer&value=7
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with no line terminators
Hash 1d78758685e5e2f4efeeb490f8521abd
ef7e6794ca9c6a06b54b66f279237fb8daaaeea8
a80e516bfb196e1c48a9acbe39da8fceb6bc82e0d991b8a990b8f3239c7efaed
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /game/report-stats?name=ResourcePerformance_Loaded_funcaptcha_Computer&value=7 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
content-length: 1
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc3449cd5684-OSL
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/fb47e86d6d7deaf62c7c5c8a62d915361b3f9b47503976e24e4fdd44710a492e.js
200 OK 4.4 kB URL GET HTTP/2 js.rbxcdn.com/fb47e86d6d7deaf62c7c5c8a62d915361b3f9b47503976e24e4fdd44710a492e.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (4544), with no line terminators
Hash b1133c422eabb0000beadb212f486eb9
96acc0b6cc960510ba81868c4653e5fec6ca8471
06af5dc54cd7a7a7787d90d5a03806d328776f7aecf9f303f6457af3a6cd0fca
GET /fb47e86d6d7deaf62c7c5c8a62d915361b3f9b47503976e24e4fdd44710a492e.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: IzT6pskp2c+PJKE02Jwdmf1WNg5OUXlCYrEMbLbeKXqDPYHxfsuUTjvsL+l7IwMzWfeRPtHZVWs=
x-amz-request-id: NZTDCMWW6222TH18
last-modified: Fri, 06 Aug 2021 04:11:07 GMT
etag: W/"7689c0f9bab9fe7973e3c2b1a686d3f6"
cache-control: public, max-age=31536000
x-amz-version-id: BqDKSKIUjenRkJ.zckwaJurvFga9l3u.
x-cf3: M
cf4age: 0
x-cf-tsc: 1692732439
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 2af7a7b0ef9611b12f95dbb9d4307679
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/523958ed41b5e1cfecdd3a29a57074d0dd62ff6ba572fefbebc76ff8d48024d5.js
200 OK 29 kB URL GET HTTP/2 js.rbxcdn.com/523958ed41b5e1cfecdd3a29a57074d0dd62ff6ba572fefbebc76ff8d48024d5.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (28961)
Hash f0a3f4c0b16695f5eef390a3f4e91c12
aba0b0b48c15f5b69f34ea6153485ab8011d2c43
2fdc04f602f4cdd849342475a214f86c24084cb0acba6763a91a1fd3e7ab5317
GET /523958ed41b5e1cfecdd3a29a57074d0dd62ff6ba572fefbebc76ff8d48024d5.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: UlwMApMqYUOU5Q7wUyyZJdIV1JaSODJwOZB3680eTJohnJacZPyCJrFA3G22EJ2SKgpsBy2dfEk=
x-amz-request-id: C09DG9KDV9EDJFC4
last-modified: Fri, 22 Jul 2022 21:56:19 GMT
etag: W/"f0a3f4c0b16695f5eef390a3f4e91c12"
cache-control: public, max-age=31536000
x-amz-version-id: m.mFt764akq6831vxU6WaXVu0BXB6AbQ
x-cf3: H
cf4age: 145647
x-cf-tsc: 1697773909
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: afa59561a4c4ff977b2aba3b083fd4a2
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/recipe?iteration=0
200 OK 884 B URL GET HTTP/3 roblox.fm/recipe?iteration=0
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (986), with no line terminators
Hash 4647546d9889da3e2188bc324db0c373
8f58a024023b85ac6c371dbcf83c35e17bad6eef
0cf1c1cd67e33a4f8da068cf7b9f274644b382c1a4f662e431a13d34cc7280d8
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /recipe?iteration=0 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc33d9545684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tr.rbxcdn.com/920ac01740e9ccc8e9bc064f5a0365bf/150/150/Pants/Png
200 OK 9.6 kB URL GET HTTP/2 tr.rbxcdn.com/920ac01740e9ccc8e9bc064f5a0365bf/150/150/Pants/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 6273a52e9e152d72432ff495062a9cdd
8a52633af168b0296943856bdc5bd54293c49b5b
d1713070cb2271d11186c990e63596aad643ade8b91c042abf3974db2203fc60
GET /920ac01740e9ccc8e9bc064f5a0365bf/150/150/Pants/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 9611
content-type: image/Png
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB3256
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.rbxcdn.com/652fb1e29ca15ae17497ec3eb9aa4f4ebc9be9e0f4be6e68e2ff6ef6bf82c535.js
200 OK 1.4 kB URL GET HTTP/2 js.rbxcdn.com/652fb1e29ca15ae17497ec3eb9aa4f4ebc9be9e0f4be6e68e2ff6ef6bf82c535.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1509), with no line terminators
Hash e627a6dc55c43fb740360069a72aa43a
7e83730516e3540a95b7f8dd1496df810981168d
a4506770951133b67cb805004f3ed73d9fc539f17a678c12e2c0ecaef29623a5
GET /652fb1e29ca15ae17497ec3eb9aa4f4ebc9be9e0f4be6e68e2ff6ef6bf82c535.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 8ha7ls7Oa61cOLrB6APoJN98wzV1EpVCxwtbyOLMCeR2SRj+bUeDLIjSHCjF55g/y9b6jYf+i3k=
x-amz-request-id: ZB086N1VQJH34BKW
last-modified: Sat, 10 Sep 2022 04:11:04 GMT
etag: W/"ab7ce11a8dfd50ee7b1bf93659a03e85"
cache-control: public, max-age=31536000
x-amz-version-id: Ovm7JQ_zCArr8VO5jKanmZtbqeahHBDh
x-cf3: M
cf4age: 0
x-cf-tsc: 1696405575
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: a003c89215f7310ba012492aa788e21e
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/privateJs/LatencyMeasurement.js
200 OK 8.1 kB URL GET HTTP/3 roblox.fm/privateJs/LatencyMeasurement.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (8223), with no line terminators
Hash 5186324c66223364f2d71db915d3e0ee
3e00dc99e199f28117727e60e2b7132c9c339805
924ae101caf161082c661976843374089558455f2993ca4598c8e400756f103a
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /privateJs/LatencyMeasurement.js HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript; charset=utf-8
eggy-wall: eggy#8888
etag: W/"6532b4e5-1f95"
last-modified: Fri, 20 Oct 2023 17:12:05 GMT
proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoXWQaX%2FU%2Bdh91lXDUZQVA8hc6P8Ut%2BVmkcy4yD3fMgyQB7dT0TtU00lrozxb3ESLBioWMOXcBi5lVbD4oU3YATxxA8XMccyuKLW%2B6x6lOaqtzHOSlBmwGJF1JY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f5fc18ab725684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/97cb9ac7262155c329a259fce9f940f9bcfa852a6a1ccb44bd8a41c31e84e54b.js
200 OK 2.9 kB URL GET HTTP/2 js.rbxcdn.com/97cb9ac7262155c329a259fce9f940f9bcfa852a6a1ccb44bd8a41c31e84e54b.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (3001), with no line terminators
Hash 19b03fee270ebe574e690dfc4647f1e0
4daa1e88fe40a478a28d1b743b3891b7e4305b00
f0b1e6da7d0f262d6dc05a09e81391a24fb849c62a15a7b6d0ba1b7d9e8436c5
GET /97cb9ac7262155c329a259fce9f940f9bcfa852a6a1ccb44bd8a41c31e84e54b.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 0GPv9lLxAxKZw9Qw9wykWJl4UDBAjRd4iiG8d7xOS5+A5k955ornYSWfzD8+xStM0lo/kfUDg8Y=
x-amz-request-id: 0X9PFNV3PAR60JFQ
last-modified: Wed, 07 Apr 2021 21:43:11 GMT
etag: W/"1b8fb85a5d25b08fced195d7bd30cef7"
cache-control: public, max-age=31536000
x-amz-version-id: RuIVeB8RcNiZBstWYpnoaExH53Z_F8y3
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358607
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: a3ec15c7dcc190c78e274d1128616270
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/9eacbe15b40e4ff5e72351887eaf514f2352c6d00d0038d5024dd019e7d7860f.js
200 OK 135 kB URL GET HTTP/2 js.rbxcdn.com/9eacbe15b40e4ff5e72351887eaf514f2352c6d00d0038d5024dd019e7d7860f.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 135 kB (134625 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9eacbe15b40e4ff5e72351887eaf514f2352c6d00d0038d5024dd019e7d7860f.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: /zsNfQa8GPyTlykXyfI4HjgVaDAb8gAGH/mTBgEwTQuPfelsH34PunEhRpxjiakGsaQ5mtfLwGA=
x-amz-request-id: M3FGJP604B2F0414
last-modified: Wed, 24 Aug 2022 17:02:04 GMT
etag: W/"05511853c3adab9f28167e37b59c3385"
cache-control: public, max-age=31536000
x-amz-version-id: 73qPfg9KmSXc76Nlj4.9_HvdEk0Z.8IZ
x-cf3: H
cf4age: 3220
x-cf-tsc: 1692946033
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: fc8893c138f12b7dc7804f3d3a8a9cf3
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/34bae4c284cebfa0950c4e76dbc64b8ea982260cc4c29ec7e5ab9dfcc37b4a8b.js
200 OK 1.4 kB URL GET HTTP/2 js.rbxcdn.com/34bae4c284cebfa0950c4e76dbc64b8ea982260cc4c29ec7e5ab9dfcc37b4a8b.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (1488), with no line terminators
Hash 0864422241213fb8e323f65c086a633c
20192d0d05a10a2ec40093dd1c8b9b37a8c10687
718f608722a777abf791349253998948de8db237210caf5f5c1e81f266727bcd
GET /34bae4c284cebfa0950c4e76dbc64b8ea982260cc4c29ec7e5ab9dfcc37b4a8b.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: Pc4YzMDJBn3BppHSo1qVNhTZWbD10n9TG3by3kWE5mElBj1RV00ZZlJYIwLVfxs2KrwBs9HFbGY=
x-amz-request-id: 0BNRY0WEJP450MK0
last-modified: Sat, 10 Sep 2022 04:11:04 GMT
etag: W/"f4fbba6fe96d6aac5dcd074ed967ada8"
cache-control: public, max-age=31536000
x-amz-version-id: awFCG5fbCq_IVlju7sma4_OBalErqs._
x-cf3: H
cf4age: 863234
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 5d9fc2a4832da5504374bbc2bc019772
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/8f8d451cbe04b730d167b5ce92019da934a5c2da928ca13d9b3eb15cbe2ff5d5.js
200 OK 2.6 kB URL GET HTTP/2 js.rbxcdn.com/8f8d451cbe04b730d167b5ce92019da934a5c2da928ca13d9b3eb15cbe2ff5d5.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2756), with no line terminators
Hash a5505bc090323ae930e077a57027393b
da2e541be7f2338cdb3a9db93800e63b5870b2f9
d6593dbe69e3c76717f4cd80adcc85e168ba08f02cf5258c6f43025f7ad5e3ef
GET /8f8d451cbe04b730d167b5ce92019da934a5c2da928ca13d9b3eb15cbe2ff5d5.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: B7Pv65SOaUIXqmqCrPT7cYdq4r4tyniiDOwieBE/5FXltZvucDOvyCN3YXgM3oKIxUMIjv3ZjiI=
x-amz-request-id: GSVHZJ2G24MSMV2G
last-modified: Wed, 12 May 2021 03:21:56 GMT
etag: W/"dae365b04490603674ee4ce0fe535d26"
cache-control: public, max-age=31536000
x-amz-version-id: A5wg34ZeWBaOeRWKpoYVJXraiZtdTEOB
x-cf3: M
cf4age: 0
x-cf-tsc: 1676944160
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 30b24818ce7da497716ce96d851a315e
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/f3f22e9ba7b0005a427909e30108d17f1fb58f0da5db9f4f546bbc32ab96ebe0.js
200 OK 48 kB URL GET HTTP/2 js.rbxcdn.com/f3f22e9ba7b0005a427909e30108d17f1fb58f0da5db9f4f546bbc32ab96ebe0.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (48129)
Hash 954861e333b2b4935b5774244aa337a6
65557bc07f0948f11753748cc928a342e06ea194
54f9693e9b302ff2d53206fcc9fdf7c1445039b623d5501d40a2d3b1ed709f2d
GET /f3f22e9ba7b0005a427909e30108d17f1fb58f0da5db9f4f546bbc32ab96ebe0.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 224C/BE+bZQs0Ks2UXMgzajM9n63W3seqDCzrhMXhyng2w/oOayLvdtON4Bu9m2dFlMRpc7GW/4=
x-amz-request-id: M86KS9JEWCCWMD1H
last-modified: Thu, 18 Aug 2022 17:34:19 GMT
etag: W/"954861e333b2b4935b5774244aa337a6"
cache-control: public, max-age=31536000
x-amz-version-id: juNWUhhsNubrNp6VhxZ1_Sd_3CELnZyj
x-cf3: M
cf4age: 0
x-cf-tsc: 1695819086
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: ca811acba62cbe810b38c3ae34a136f3
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
css.rbxcdn.com/6edb2191aa318f963253361b43d2657a04b3d16e9c28fe7b22d4a4d5686f1cb4.css
200 OK 3.4 kB URL GET HTTP/1.1 css.rbxcdn.com/6edb2191aa318f963253361b43d2657a04b3d16e9c28fe7b22d4a4d5686f1cb4.css
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGoDaddy.com, Inc.
Subject*.rbxcdn.com
FingerprintCA:F8:49:6D:BF:1A:CE:80:B8:73:66:91:93:A6:5B:61:C3:46:CA:D1
ValidityTue, 10 Jan 2023 18:47:18 GMT - Thu, 25 Jan 2024 00:12:45 GMT
File type ASCII text, with very long lines (3392), with no line terminators
Hash 1fa2b76195265ddbe69d3fd5ed9a53b3
4d2aceed14d021ce962a5ccad5a8fe0bd2d6a29b
e2cda1d6e9df7af6208ebaae014fce5b4e3de28b07dfafc63e8afd20269ba592
GET /6edb2191aa318f963253361b43d2657a04b3d16e9c28fe7b22d4a4d5686f1cb4.css HTTP/1.1
Host: css.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 17:51:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 775
Content-Type: text/css
Last-Modified: Tue, 15 Feb 2022 22:05:26 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
ETag: "1fa2b76195265ddbe69d3fd5ed9a53b3"
X-HW: 1698861075.dop003.sk1.t,1698861076.cds231.sk1.shn,1698861076.dop003.sk1.t,1698861076.cds248.sk1.c
Access-Control-Expose-Headers: Rbx-Cdn-Provider
Rbx-Cdn-Provider: hw
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET
js.rbxcdn.com/5c44d71f75449192684a6558fdffae735d08a0a29e18c656dc0374df397a0050.js
200 OK 2.2 kB URL GET HTTP/2 js.rbxcdn.com/5c44d71f75449192684a6558fdffae735d08a0a29e18c656dc0374df397a0050.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2439), with no line terminators
Hash de4b011398a949dc1ed569a01c85373c
7a8b2b2eab59d767b96e9d3cb726656dd795b79c
919c07cc5c2d50b4db5b8176abf3ff1f2d7b88cacde93159f41279b42d5ec1a7
GET /5c44d71f75449192684a6558fdffae735d08a0a29e18c656dc0374df397a0050.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: bjQK+C0e9SCtiLJHNcapFoGydHR0TibX5aRbBu5MiUZ99iF6HubnmE3wRzXeW37xb/xVx4H3e+4=
x-amz-request-id: JQNRQGXN5ZHCKEWP
last-modified: Thu, 07 Jul 2022 00:11:09 GMT
etag: W/"302bcd7bb6f466fe2dae4140ca1b16b5"
cache-control: public, max-age=31536000
x-amz-version-id: _vGkOiQ9pV2TEcc6Mp_fjwQaB1lprcaj
x-cf3: M
cf4age: 0
x-cf-tsc: 1697043619
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 67dcde831f30aceac47d28c8797642fe
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/9f0d42e4c1d1caec59d4fafd16cd31cb945433a50cc63f2a197d9b60d2b7a989.js
200 OK 5.7 kB URL GET HTTP/2 js.rbxcdn.com/9f0d42e4c1d1caec59d4fafd16cd31cb945433a50cc63f2a197d9b60d2b7a989.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (6070), with no line terminators
Hash 88de6ba28bf21793c27467af7da7ca28
7e4c9aa7258216bbccee399e448e6698257907ce
c933852e206a0eeeb462945469fea15d9b5c16e4ad2829403a915a19992c4933
GET /9f0d42e4c1d1caec59d4fafd16cd31cb945433a50cc63f2a197d9b60d2b7a989.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 88tBRjh6KJ007YOfffCg2gZ3VDppBq9xY4aByDUto1nWeLs4epxcC36t5btsbempA2SkwsnH7ls=
x-amz-request-id: CZQKQD9W7W0EJQMV
last-modified: Wed, 24 Aug 2022 00:10:48 GMT
etag: W/"0820ab795fe9d6d2d5460e28b42cfeec"
cache-control: public, max-age=31536000
x-amz-version-id: ZSV0_oYVR9oVJhLYXR37WEI5UGogtfdF
x-cf3: H
cf4age: 285515
x-cf-tsc: 1698150906
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 3e7ad07e48c96995a2ea7fef6ca2cf1a
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/0a83202cf5f2310227e607928f73a26cdaa7d5c27f892b99ef51ec3b863a694d.js
200 OK 2.5 kB URL GET HTTP/2 js.rbxcdn.com/0a83202cf5f2310227e607928f73a26cdaa7d5c27f892b99ef51ec3b863a694d.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2542), with no line terminators
Hash 468a3fec609a61b9f7b80f94d491fbc3
999e8dbc3c9af975f25422eb0a04dcadb2b3d303
302898677cc217dc3dc415e0717c8b2201e41cc22ff34a473f4f563012d6fa95
GET /0a83202cf5f2310227e607928f73a26cdaa7d5c27f892b99ef51ec3b863a694d.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: OM/LjuYC56q50SVS5ldLmufjJnaJ31ihe0jhhJM4ToFJahj2Dngw3kGS1Qy/RQCgqlW9LalY+m8=
x-amz-request-id: 4YBFHB64EA1SK3DC
last-modified: Thu, 29 Oct 2020 21:32:50 GMT
etag: W/"d80a3874aef79a69e1a4456d24bf0399"
cache-control: public, max-age=31536000
x-amz-version-id: _EYtf1uKgz0RG_ahFWxTdO90KXkqVs.u
x-cf3: H
cf4age: 373851
x-cf-tsc: 1697732472
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: eadbc2d4c92d00c2a3a3b849a9efe869
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js
200 OK 151 kB URL GET HTTP/3 roblox-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerCloudflare, Inc.
Subjectarkoselabs.com
Fingerprint6E:7D:85:B7:2D:33:4C:AC:9F:7B:5B:9A:0A:F8:4B:AB:6A:0F:E3:DB
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT
Size 151 kB (150608 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js HTTP/1.1
Host: roblox-api.arkoselabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Cookie: _cfuvid=XGVA.bpKyTjV99fsgQKeCAe7H6U_IA7hQw3iYZVyhyw-1698861075322-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 81f5fc2fac7556bb-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 486196
cache-control: public, max-age=31536000, immutable
etag: W/"3763ca5c6d75616a43468902aff7b465"
last-modified: Fri, 12 May 2023 04:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
x-amz-id-2: R+F9zz1XBJIir1lW1cbPpSDsO6ByZwShhHEZmFgyM6KO8as7SBcpyb6zbHKRDgnqIJFje7+4Wvg=
x-amz-request-id: PN01VHYM5S1RGR8M
x-amz-server-side-encryption: AES256
x-amz-version-id: js6Xlp6Z7xNtDrBHyzcLHcTB0YN._K9R
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
images.rbxcdn.com/bbdb38de8bb89ecc07730b41666a26a4
200 OK 4.8 kB URL GET HTTP/2 images.rbxcdn.com/bbdb38de8bb89ecc07730b41666a26a4
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 180 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash bbdb38de8bb89ecc07730b41666a26a4
8f6c1f71df1d63975a64ce639dcd8de56dc5df6a
02b72558241ed50cc7c169a216da04aecd0eff6d95aa134c105db6560273d90e
GET /bbdb38de8bb89ecc07730b41666a26a4 HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: BwTTcvgVDF1iTCUsUyu1EMX1e1Ii5LKFHcb+gb5/Rcr7szk+UDP7mwkRcn2woU2aAgTuhxoCwG8=
x-amz-request-id: 6WTHQ4K59WATREXT
last-modified: Wed, 24 Aug 2022 00:00:13 GMT
etag: "bbdb38de8bb89ecc07730b41666a26a4"
x-amz-version-id: Ipy_0x70lnWKE9D2FhVSiVxkPGTscV6o
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 4799
cache-control: public, max-age=27004912
date: Wed, 01 Nov 2023 17:51:19 GMT
X-Firefox-Spdy: h2
js.rbxcdn.com/5b148ca445e1fd4ef905bc3665b2e29d065ab357cc88fd68be95b519f6e2da0d.js
200 OK 4.1 kB URL GET HTTP/2 js.rbxcdn.com/5b148ca445e1fd4ef905bc3665b2e29d065ab357cc88fd68be95b519f6e2da0d.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (4250), with no line terminators
Hash 7f465f8437a43591878e209813f900d2
f989d1638481f6bf4cbaabf215850f190961533c
267fc1a3f6761f8a3e35ebe4cf07b15afe32b6febb59cf6f07d6e028038b6d50
GET /5b148ca445e1fd4ef905bc3665b2e29d065ab357cc88fd68be95b519f6e2da0d.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 3eRl8Srhd7DrTsGvulwHrOpiYZC1l+57YgXaRbnw5ngZb7Vok/WyipWXl4Kh3mBDAHUZL32RxX4=
x-amz-request-id: A34B9Y8XFHMEYF2P
last-modified: Fri, 04 Mar 2022 12:10:27 GMT
etag: W/"429d7a15ed66e2a75e37ecf5f40068ff"
cache-control: public, max-age=31536000
x-amz-version-id: tj4g3qXE4oHuecHbMFyq1wjjGsYVUhMa
x-cf3: H
cf4age: 863235
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: b7da8d76c370f0a6f3fc26eea3b00bf0
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/user-sponsorship/1
200 OK 1.7 kB URL GET HTTP/3 roblox.fm/user-sponsorship/1
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1796), with no line terminators
Hash d9556ca1d3febd44b75f640cff4ae76f
03008857bd9be759d53080b1c8dc496111df8d89
ddcc927490017d49d1baa083d0f752d30acd3943cfef64ef2dd0b1bca94e8c7c
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /user-sponsorship/1 HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
set-cookie: PHPSESSID=4346k5c4pqaf5l7nfg2aq68n8g; path=/
strict-transport-security: max-age=604800; includeSubdomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc2ecbf05684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/8681ffb79851244580141f9dffd12cc509a6f1a5590fc83051fec4c71a79be3e.js
200 OK 11 kB URL GET HTTP/2 js.rbxcdn.com/8681ffb79851244580141f9dffd12cc509a6f1a5590fc83051fec4c71a79be3e.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (10848)
Hash a285999a8cfecad54333004b620d586f
592357676eab871bb39defc80e2ffa4cd84f4fa6
17c0be0b7e706cc20f05aca718be1ef0ec82db6b90216a7df293222de4dc4fae
GET /8681ffb79851244580141f9dffd12cc509a6f1a5590fc83051fec4c71a79be3e.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: iBRjg2WXYSWriNm+aID/A2sJ9qJA3eDGUya0lC4ZKitCu+yopfqzgcinMSDeKWFgdoEPrQWxKSo=
x-amz-request-id: 1ZESVQXGFZVE2FJ0
last-modified: Wed, 14 Sep 2022 23:34:54 GMT
etag: W/"a285999a8cfecad54333004b620d586f"
cache-control: public, max-age=31536000
x-amz-version-id: 1yAy7m5VZPdKodf1oowgwJt2Y9a8AaAu
x-cf3: H
cf4age: 1017066
x-cf-tsc: 1698375678
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: f7677df9f10e624e9564fcc7c72304ac
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/report
200 OK 64 B IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with no line terminators
Hash f7f9f0877251960352844b86de013af3
090320e2e3e3a4813de11652eb10920ac624cb2c
57c2d24e49a4f943ff00db840bb20e2cb717e2d2eaa9e5618ecf610e19278bfc
Analyzer Verdict Alert OpenPhish phishing Telegram
POST /report HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-csrf-token: B3HWI/L0g+jW
Content-Length: 1772
Origin: https://roblox.fm
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6; _gcl_au=1.1.107502139.1698861081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc65da915684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/f424a786e3d883cff747a034605fa09d.js
200 OK 12 kB URL GET HTTP/2 js.rbxcdn.com/f424a786e3d883cff747a034605fa09d.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (9188), with CRLF line terminators
Hash f424a786e3d883cff747a034605fa09d
4a103acc6e8aae01d16dde9191a6e98cb9c61729
3815938b03f2c83c093dea3e7d8f2efa5d915bc01c1b331e8b6b517008410e28
GET /f424a786e3d883cff747a034605fa09d.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: OsadlkfSGTGKlFhojzfzWgUJ7csxa9GwbMR5CjWAtBfeTPoOOVpSapL6Rgos1j0KzOnLb2wP+Oc=
x-amz-request-id: AAAYY776STKZY72C
last-modified: Tue, 01 Feb 2022 16:21:09 GMT
etag: W/"f424a786e3d883cff747a034605fa09d"
cache-control: public, max-age=31536000
x-amz-version-id: El8uwrBBO2xZiXjhP.kKwYhwScVr7rvr
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 2edc2903c2421c8f853eac4e0f0e876c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/ae3d621886e736e52c97008e085fa286.js
200 OK 256 kB URL GET HTTP/2 js.rbxcdn.com/ae3d621886e736e52c97008e085fa286.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (566), with CRLF line terminators
Size 256 kB (256540 bytes)
Hash ae3d621886e736e52c97008e085fa286
31900203df1a406f70a07550b46348a93f222b78
1392837387676c45409ae3b5b0bb4e7d07d57d208c2107bd06e006e0a8cc7eee
GET /ae3d621886e736e52c97008e085fa286.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: OB1otimqnicP36SAIIgcRjUxtxWQ3ytiT7gioIFZ81Wd1cmsJ4gGIFmk8ThuxnIQC5A/C73H/S8=
x-amz-request-id: 4YB1JC1CM5RFKEDG
last-modified: Tue, 26 Nov 2019 00:54:58 GMT
etag: W/"ae3d621886e736e52c97008e085fa286"
cache-control: public, max-age=31536000
x-amz-version-id: aAb5U0bf3X5cqm9aIv0TTtVZsAv8gD3s
x-cf3: H
cf4age: 373847
x-cf-tsc: 1697732468
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: 3df5807bf7b926184240d8d0fcc7797b
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/b933c712befde047f1b8d0be6f8ca1b9.js
200 OK 125 kB URL GET HTTP/2 js.rbxcdn.com/b933c712befde047f1b8d0be6f8ca1b9.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 125 kB (125058 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b933c712befde047f1b8d0be6f8ca1b9.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: o7vYMyf2bj5XShO2YqQUBXYit5GEp64+5toYNyla+jQCA+2AdQbDRlBPk080g1np4rpMx2vk7YM=
x-amz-request-id: Z3YKTA558XSYVN0J
last-modified: Mon, 19 Sep 2022 20:37:09 GMT
etag: W/"b933c712befde047f1b8d0be6f8ca1b9"
cache-control: public, max-age=31536000
x-amz-version-id: 3s8S8S736Cdpc8adu8BBlUZWAtMb.Rnp
x-cf3: H
cf4age: 246748
x-cf-tsc: 1697628261
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 53e4ffe61f82d021b47eff0e063653a4
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/9c1d2e9d35e9d8cecc2b93836ad5de2c6077b4cdc1c39eb50078bbb80cf02cee.js
200 OK 346 kB URL GET HTTP/2 js.rbxcdn.com/9c1d2e9d35e9d8cecc2b93836ad5de2c6077b4cdc1c39eb50078bbb80cf02cee.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
Size 346 kB (346430 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9c1d2e9d35e9d8cecc2b93836ad5de2c6077b4cdc1c39eb50078bbb80cf02cee.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: BXcBAdQEaHgGY4m47rbAcSKol8sXfsDKmRhL/0H8+Qwwq7TdYWibzsae92YkW5O8S6sXwoGkVd4=
x-amz-request-id: C0G011E6PCA346EP
last-modified: Tue, 30 Aug 2022 19:43:18 GMT
etag: W/"b66eb7e971f7c9c52d1f08bcc9df0224"
cache-control: public, max-age=31536000
x-amz-version-id: fGF9txky3Ul45lqKC3vnr5H6PRptclVs
x-cf3: H
cf4age: 44339
x-cf-tsc: 1693555090
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 27fabf7521daf099c6cf6101b37e4b1c
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/5259cfe8a3e36118bd61120693dbba3ba87f2c3641f84bb07e29f1d69fe87523.js
200 OK 5.1 kB URL GET HTTP/2 js.rbxcdn.com/5259cfe8a3e36118bd61120693dbba3ba87f2c3641f84bb07e29f1d69fe87523.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (5216), with no line terminators
Hash 5da5ccbf18407264a8d5c0583b8a3e01
d898b8f343d84283e88bfad7ec922fad11de70f4
60ece144a74aa536bb734c73bd18f42db7bb61e2f321474e0166d89cb95be968
GET /5259cfe8a3e36118bd61120693dbba3ba87f2c3641f84bb07e29f1d69fe87523.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 2q3Zk5BFirXx9Mx4UjLT4k8qrdKOfdGJKQsufPoPrNV+te8FE3EPES9LBpb6aUgLIkkxhgtnRiI=
x-amz-request-id: AAAKVHYRB66EW1ZM
last-modified: Thu, 14 Oct 2021 20:07:07 GMT
etag: W/"08c66093a701ea84318ba5ad26752a61"
cache-control: public, max-age=31536000
x-amz-version-id: s_dwc1SVMMtSt2vRjIIwc9Udbx6SOpM8
x-cf3: H
cf4age: 373862
x-cf-tsc: 1697732479
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: c0c0141eb81108fb89aec964960af5b7
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/4ce2522516aad306779a46144f39800e2adb1f31cac04881daa88aaa96cc97bf.js
200 OK 9.6 kB URL GET HTTP/2 js.rbxcdn.com/4ce2522516aad306779a46144f39800e2adb1f31cac04881daa88aaa96cc97bf.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type Unicode text, UTF-8 text, with very long lines (9995), with no line terminators
Hash 800210905ba5d4da9e9ad555919a5bdf
cb7d22b2bcffa6c7746ec952db1f4501b16b501c
c0e4cf46cc2b5ebe8c6be21bf56442b4453e2052b5e6aeff88d12884889b9db9
GET /4ce2522516aad306779a46144f39800e2adb1f31cac04881daa88aaa96cc97bf.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: 6qIjDPLMi+2uK52h6QrpURjzty2dsDYWLmwZkJoWHlBdB+4Do9ZPH8qqHgU4rBrCF+dC6IgvOss=
x-amz-request-id: Z3YYHXCEKWSWWQYR
last-modified: Thu, 25 Aug 2022 00:10:42 GMT
etag: W/"1f7e39fe06d6776e2f154e0d6a514943"
cache-control: public, max-age=31536000
x-amz-version-id: 58hEJ8Ai.relgP6uru1Yp0zVV.wpk8zt
x-cf3: M
cf4age: 0
x-cf-tsc: 1697381513
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: c5f5a70f8ec6d65b3d400c6d47b6e378
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/90f18784a43a70553e967191b948f70b0193df565f1605762c3c1e245ab4b55a.js
200 OK 5.5 kB URL GET HTTP/2 js.rbxcdn.com/90f18784a43a70553e967191b948f70b0193df565f1605762c3c1e245ab4b55a.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (5605), with no line terminators
Hash 7b276dacd71ac184cd6f518ba7416114
19b454640c227bcf993ad20dab5aa38effae7f0b
55a19f8bc69e4bda9df68629c9fd28bb8135a34158d2c88a7085e43cb6d48705
GET /90f18784a43a70553e967191b948f70b0193df565f1605762c3c1e245ab4b55a.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: n/CFak5BplkT3d3IxPMLUr+Cvl/4Gm2w8cylc1zI9PDS9FuML3xCUUKuZWPfNa06UNhRqRAhTvM=
x-amz-request-id: AAAMKHE8H4NNEW5V
last-modified: Mon, 04 Jan 2021 18:58:50 GMT
etag: W/"c49e367328ee66735ee008dabf980c13"
cache-control: public, max-age=31536000
x-amz-version-id: 361LCWIY1uJD.axJkrGkJp9geww9LbdH
x-cf3: M
cf4age: 0
x-cf-tsc: 1697358617
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:H
x-cf-reqid: c7407c64bfac24ad7cb0870faa811dd1
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
js.rbxcdn.com/4db2f741b7a3ec36d11fec999ce33f708ae85641cabfd27e11e0935928f7d9c4.js
200 OK 2.9 kB URL GET HTTP/2 js.rbxcdn.com/4db2f741b7a3ec36d11fec999ce33f708ae85641cabfd27e11e0935928f7d9c4.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (2988), with no line terminators
Hash 07479a1762e9964ae5d63639688a9232
e32f940c5ec37c82c45c6484359261cc42c29ed0
c21d1dd3c0673ff8f11a8279af3927de2eb2699e32accf9184fcae3daedb1be5
GET /4db2f741b7a3ec36d11fec999ce33f708ae85641cabfd27e11e0935928f7d9c4.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: +NruphWaVC+0em4F1QGROcogAEVZMRI7t2zd11Y2a9zBIK/AE8FrJ/IExVvRtrzIvBk8JzBBOGM=
x-amz-request-id: X2ZXBQ9VJ90H4AAT
last-modified: Tue, 11 May 2021 18:07:25 GMT
etag: W/"92ee80da236a62b17856c65a02e916a9"
cache-control: public, max-age=31536000
x-amz-version-id: zLLaxr7X_Zo9ax9oBbd9p8exiny8GHZE
x-cf3: H
cf4age: 3028
x-cf-tsc: 1695069519
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 9a754713bbae2f5167e7da78c0e12e47
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox-api.arkoselabs.com/fc/api/
200 OK 376 B URL GET HTTP/2 roblox-api.arkoselabs.com/fc/api/
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerCloudflare, Inc.
Subjectarkoselabs.com
Fingerprint6E:7D:85:B7:2D:33:4C:AC:9F:7B:5B:9A:0A:F8:4B:AB:6A:0F:E3:DB
ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 22 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (389), with no line terminators
Hash c4a47bf5790d76892c027d25104ae4f9
ddf899a86791c52834e6e37641ecc1a4baeb074d
bd05b3e06f9512a96b52026c0a15007f4567d94a10cc879c14d685ae37fff547
GET /fc/api/ HTTP/1.1
Host: roblox-api.arkoselabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:15 GMT
content-type: application/javascript
cache-control: public, no-cache
etag: W/"6af2c0d87b9879cbf3365be1a208293f84d37b1e|sha384-0WSnGKUOVQB3bg5Ofr5NVln10Hgdsr1qyM+lwRI+diKuJL5zXCe0CmeRgzJ/TUEF"
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: _cfuvid=XGVA.bpKyTjV99fsgQKeCAe7H6U_IA7hQw3iYZVyhyw-1698861075322-0-604800000; path=/; domain=.arkoselabs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 81f5fc18be32b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tr.rbxcdn.com/d6359cc94d73f0d3e83510b7b9127bbd/150/150/Image/Png
200 OK 24 kB URL GET HTTP/2 tr.rbxcdn.com/d6359cc94d73f0d3e83510b7b9127bbd/150/150/Image/Png
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e0c32eaf994837e1a8054835b396f79c
dd8d8f84d6cb63f1f7dae83ff26f7a255e2b4f0d
046c75782c1df19aa4a81d08a12af4c3ebdef2dee11b4fa019f2c27b89ffb0b6
GET /d6359cc94d73f0d3e83510b7b9127bbd/150/150/Image/Png HTTP/1.1
Host: tr.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 24086
content-type: image/Png
server: Microsoft-IIS/10.0
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: CHI2-WEB1408
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-roblox-region: us-central
x-roblox-edge: ash1
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
cache-control: max-age=31536000
expires: Thu, 31 Oct 2024 17:51:22 GMT
date: Wed, 01 Nov 2023 17:51:22 GMT
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.rbxcdn.com/e998fb4c03e8c2e30792f2f3436e9416.gif
200 OK 4.2 kB URL GET HTTP/2 images.rbxcdn.com/e998fb4c03e8c2e30792f2f3436e9416.gif
IP
ASN #20940 Akamai International B.V.
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerDigiCert Inc
Subject*.rbxcdn.com
Fingerprint57:F4:96:1E:91:3F:6A:81:F5:96:11:C2:4F:5C:1C:6A:22:31:83:A7
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash e998fb4c03e8c2e30792f2f3436e9416
323b22bf48208920afc4e4a688572692b8b87e29
9ac3dbbd74d9f0bb0a6b0aa4a0a6f155a2df9b1ab3d949130786c5b58b37eac7
GET /e998fb4c03e8c2e30792f2f3436e9416.gif HTTP/1.1
Host: images.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ZzcHbw8j7mlUh7NZ67bSClDJQyfRZmTo8+9tDAIXylOHUt2A+LloZvDynfjrc8r+mjwNeFAJwMA=
x-amz-request-id: 8000DF20B99868B4
last-modified: Wed, 09 Dec 2015 22:10:30 GMT
etag: "e998fb4c03e8c2e30792f2f3436e9416"
x-amz-version-id: RIFe0e8B8hF0qzYq9HCGpKNSIn0s_6W9
accept-ranges: bytes
content-type: image/gif
content-length: 4176
server: AmazonS3
cache-control: public, max-age=26943167
date: Wed, 01 Nov 2023 17:51:19 GMT
X-Firefox-Spdy: h2
js.rbxcdn.com/5bdcb351422eb9b57b5237886641856149f6c96566bba26e09edd1c130986bfc.js
200 OK 31 kB URL GET HTTP/2 js.rbxcdn.com/5bdcb351422eb9b57b5237886641856149f6c96566bba26e09edd1c130986bfc.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (23109)
Hash a363ea9914fa0261143373472108c0ba
f686778e23fb0a7ed456afa2656c245120139d9a
cca8c446cee6f65569d7485b628aa613a60146250f51deab45075bd7cd8d935f
GET /5bdcb351422eb9b57b5237886641856149f6c96566bba26e09edd1c130986bfc.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: wftZmkvYsEmvjul2KXn26vMT6C6vUwjo5SGmA3dSZHg1tKqfLTg08utEZb0QuMB5oJlEHEdBsJs=
x-amz-request-id: 39CW1D8CWQ5566F8
last-modified: Wed, 17 Aug 2022 03:33:12 GMT
etag: W/"a363ea9914fa0261143373472108c0ba"
cache-control: public, max-age=31536000
x-amz-version-id: i9x2aUAPniY4ECf1vuPTVy30q6Yc0Qma
x-cf3: M
cf4age: 0
x-cf-tsc: 1697627444
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: 481e2e15180cd74cb615359e39b8d9b0
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
roblox.fm/v1/groups/metadata
200 OK 289 B URL GET HTTP/3 roblox.fm/v1/groups/metadata
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerLet's Encrypt
Subjectroblox.fm
Fingerprint60:1F:24:B4:A1:32:0C:55:86:8F:62:55:5E:BF:BE:87:5D:F9:C7:6F
ValidityTue, 24 Oct 2023 12:23:22 GMT - Mon, 22 Jan 2024 12:23:21 GMT
File type ASCII text, with very long lines (308), with no line terminators
Hash 44b0035ba19ff5e4de50da9d2d92b4d5
ae669050d479fde15914c7f58c3e801525e68c5a
1f4056130d013e37db7919c6860d49523c5cd249f14832bc2ed6101b9f77ba0e
Analyzer Verdict Alert OpenPhish phishing Telegram
GET /v1/groups/metadata HTTP/1.1
Host: roblox.fm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/users/2633435479/profile
Cookie: _1__EggyWall_v=09ac94e6b927af2069856bc032971c55e994de0ff8bcdc4c6295c67fc6ec85ba; PHPSESSID=h4859nd69hmmututf4jqhp57f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 17:51:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, private, must-revalidate
content-security-policy: report-uri https://metrics.roblox.com/v1/csp/report?type=enforce; upgrade-insecure-requests; script-src * 'unsafe-inline' roblox.com *.evidon.com *.gigya.com *.google-analytics.com *.ns1p.net adservice.google.com cdn.arkoselabs.com connect.facebook.net funcaptcha.com js.rbxcdn.com long.open.weixin.qq.com midas.gtimg.cn radar.cedexis.com res.wx.qq.com roblox-api.arkoselabs.com roblox-load-generator-configuration.s3.us-east-2.amazonaws.com s.ytimg.com sb.scorecardresearch.com static.rbxcdn.com www.google.com www.gstatic.com www.youtube.com h.online-metrix.net request.eprotect.vantivcnp.com request.eprotect.vantivpostlive.com *.googletagmanager.com *.googleadservices.com googleads.g.doubleclick.net cdn.veriff.me *.lightstep.com ; img-src 'self' data: *.cloudfront.net *.google-analytics.com *.kaptcha.com *.rbxcdn.com *.roblox.com *.robloxlabs.com googleads.g.doubleclick.net i.ytimg.com www.googletagmanager.com *
cross-origin-opener-policy: same-origin-allow-popups
eggy-wall: eggy#8888
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.1,"failure_fraction":1}
pragma: no-cache
proxy-cache: MISS
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
strict-transport-security: max-age=604800; includeSubdomains
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 81f5fc319ecd5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
js.rbxcdn.com/bffafd994791f59d1efb67723313fc0f59b58fef8dec7cf83535c8f4d1d1ebd9.js
200 OK 25 kB URL GET HTTP/2 js.rbxcdn.com/bffafd994791f59d1efb67723313fc0f59b58fef8dec7cf83535c8f4d1d1ebd9.js
IP
Requested by https://roblox.fm/users/2633435479/profile
Certificate IssuerGlobalSign nv-sa
Subject*.rbxcdn.com
FingerprintC3:6F:4B:5C:0E:DB:55:7A:5A:10:E5:90:29:43:77:09:6F:50:86:EE
ValidityFri, 18 Nov 2022 00:01:02 GMT - Wed, 20 Dec 2023 00:01:01 GMT
File type ASCII text, with very long lines (25051)
Hash d51f2332682a3fbae2bda7c63a3791d5
823b422b1406418d0fba98917c8b572936fbd1cb
c4e4914479e8483e2871758227d6b2cda33d15f498d05faf0eed28cb0d03f9e9
GET /bffafd994791f59d1efb67723313fc0f59b58fef8dec7cf83535c8f4d1d1ebd9.js HTTP/1.1
Host: js.rbxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.fm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 17:51:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-id-2: MH9V0qtRUSuWfrMlWv0t+agiJg3q8F76Nls9TPZsYC05D1A6RVoFiQG8kLvoRffCpjiJyd/GXVI=
x-amz-request-id: 941V86Q40GAMTDZC
last-modified: Tue, 15 Feb 2022 22:05:26 GMT
etag: W/"d51f2332682a3fbae2bda7c63a3791d5"
cache-control: public, max-age=31536000
x-amz-version-id: jTr9M2zuplDHtwoxGWfT_.msiKRq07t8
x-cf3: M
cf4age: 0
x-cf-tsc: 1698735718
cf4ttl: 31536000.000
x-cf2: H
server: CFS 0215
x-cf1: 28293:fA.arn1:co:1572652472:cacheN.arn1-01:M
x-cf-reqid: b71ab5a88142f2bdda9130fe324e2ea9
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
access-control-expose-headers: Rbx-Cdn-Provider
rbx-cdn-provider: cfly
content-encoding: gzip
X-Firefox-Spdy: h2
185.11.100.204
13.43.246.38
205.185.216.10
88.221.27.74
0.0.0.0
23.36.76.193
2.18.121.79
0.0.0.0