Report - roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273

Report Overview

Visited public
2024-10-07 08:05:42
Tags
URL
roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Finishing URL
roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
IP / ASN
154.213.192.2
#35916 MULTA-ASN1
Title
Authentication

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-10-05 18:13:38	407 B	19 kB	151.101.65.229
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-10-06 23:50:11	435 B	14 kB	104.18.40.68
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-05 18:13:05	981 B	2.7 kB	23.36.76.226
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-05 18:16:28	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-10-06 08:07:04	1.5 kB	72 kB	142.250.74.99
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-10-05 20:46:12	1.9 kB	34 kB	104.21.26.223
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-10-06 08:07:04	453 B	3.7 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-05 18:12:17	1.3 kB	3.5 kB	23.36.76.226
roblox.com.kg	unknown	2023-08-06	2022-06-12 08:25:14	2024-09-26 19:38:30	4.7 kB	87 kB	154.213.192.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed
2024-10-07	medium	roblox.com.kg	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	kit.fontawesome.com/57f8be95f1.js	ScriptElement	13 kB	2024-10-07	2024-10-11
Pretty URL kit.fontawesome.com/57f8be95f1.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-07 04:23 Last Seen2024-10-11 09:16 Times Seen2 Hash 7cd272090c34e7302b63b1e4b62af41d ec60d67b4173107773d9426f94f18ea89e650344 3e26adc98f31ccabe55fd5c5556b700eb6698f54a9fd6376b2603a698beb2efd Loading...

	roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273 IP 154.213.192.2 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 03:40 Times Seen4640749 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	ScriptElement	71 kB	2024-09-22	2025-02-19
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-22 08:48 Last Seen2025-02-19 07:20 Times Seen81 Hash e7ab2d22059493e08068585b2936fe92 5064547076ac474b07266a04d74daf08483b792d 84c733b55ba8c2a952391013ce80772d11acab1840b420dfa6c775c9593b3a4c Loading...

	roblox.com.kg/controlPage/new/js/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-09
Pretty URL roblox.com.kg/controlPage/new/js/jquery.min.js IP 154.213.192.2 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-05-09 17:10 Times Seen4123 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	roblox.com.kg/controlPage/new/js/popper.js	ScriptElement	21 kB	2023-03-07	2025-05-08
Pretty URL roblox.com.kg/controlPage/new/js/popper.js IP 154.213.192.2 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-08 01:44 Times Seen498 Hash 36affe2ca6cb85233ee7362c5d8b7893 42e3ca1212d825150c0f57f97dea8d9c0b0ce2a1 71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29 Loading...

	roblox.com.kg/controlPage/new/js/bootstrap.min.js	ScriptElement	58 kB	2023-03-07	2025-05-09
Pretty URL roblox.com.kg/controlPage/new/js/bootstrap.min.js IP 154.213.192.2 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 23:28 Times Seen11653 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	roblox.com.kg/controlPage/new/js/main.js	ScriptElement	45 B	2023-03-07	2025-04-29
Pretty URL roblox.com.kg/controlPage/new/js/main.js IP 154.213.192.2 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2025-04-29 12:12 Times Seen30 Hash 22f37194eeafef0a4972d6d9d4f70aaf 2875b95e6718e3694ec156e17db103a256990dd4 65767c864ba004bfbec22417f07411188e53815418c1b01897a5d435123dc978 Loading...

HTTP Transactions (31)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a3efcda1a9e998d5544071b0c97e2bce
95295765d8bb2b090d2daac1e33901c3d882486f
692b8ab76640fa1991a613de0d236d9f805d432d1807574d3e434aa197f261fc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "692B8AB76640FA1991A613DE0D236D9F805D432D1807574D3E434AA197F261FC"
Last-Modified: Sat, 05 Oct 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5594
Expires: Mon, 07 Oct 2024 09:38:30 GMT
Date: Mon, 07 Oct 2024 08:05:16 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
682c241eeba3866975e6665e6850538c
e571e981406bcaca72748b9e22fdf69ef79f40c4
8ca968cce8185cad062c41a9a17c5558a838a87dc9d8fb8e1f938f0a1d4860f8

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8CA968CCE8185CAD062C41A9A17C5558A838A87DC9D8FB8E1F938F0A1D4860F8"
Last-Modified: Sat, 05 Oct 2024 16:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11387
Expires: Mon, 07 Oct 2024 11:15:03 GMT
Date: Mon, 07 Oct 2024 08:05:16 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
92cd7893843bf7005d9d4281f7ddeb25
1d1762ecf80a622168eb8734901fc27382da2b2a
7e1c229fca475d3a4760d7950e2ccd0b8bb27f4c4bc5fd43e96260bfa32388b7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7E1C229FCA475D3A4760D7950E2CCD0B8BB27F4C4BC5FD43E96260BFA32388B7"
Last-Modified: Sat, 05 Oct 2024 16:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3324
Expires: Mon, 07 Oct 2024 09:00:41 GMT
Date: Mon, 07 Oct 2024 08:05:17 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7c54d4aa836f3e2ecea530bf3a6c5d8f
c889bcbb0a5124d8a616c4f84f7cb83db152bd1e
d95b713b61b3708f2595b684f5319d245658f6ed0ceac333f8da65839766f933

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D95B713B61B3708F2595B684F5319D245658F6ED0CEAC333F8DA65839766F933"
Last-Modified: Sat, 05 Oct 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Mon, 07 Oct 2024 09:41:58 GMT
Date: Mon, 07 Oct 2024 08:05:17 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
86530073f74125b901df70e3a8fc3465
872d67db97eb425d4cf978f048c9d8c9774e7eb5
04864397d2cb20c230e60d4b00a93cf97109343ee7d0b5a81e48b9c5456f5b6a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "04864397D2CB20C230E60D4B00A93CF97109343EE7D0B5A81E48B9C5456F5B6A"
Last-Modified: Sat, 05 Oct 2024 16:31:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Mon, 07 Oct 2024 14:04:20 GMT
Date: Mon, 07 Oct 2024 08:05:17 GMT
Connection: keep-alive

roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273

154.213.192.2

403 Forbidden

785 B

URL User Request GET HTTP/1.1
roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
HTML document, ASCII text
Size
785 B (785 bytes)
Hash
9eb0f43775f9e95c0cf61d80491d5eb4
15e8e031a01c0b3c22ec0cb3ec117ef3b199b2aa
33843d4cb53ecb6e5a7059b9e680459baa0dd187fffe834c054d75a84ead1c68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273 HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: br
Content-Length: 785
Splunk-Waf: v1.5
X-Powered-By: PHP/8.3.12
Strict-Transport-Security: max-age=15768000; includeSubDomains

roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273

154.213.192.2

403 Forbidden

785 B

URL User Request GET HTTP/1.1
roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
HTML document, ASCII text
Size
785 B (785 bytes)
Hash
9eb0f43775f9e95c0cf61d80491d5eb4
15e8e031a01c0b3c22ec0cb3ec117ef3b199b2aa
33843d4cb53ecb6e5a7059b9e680459baa0dd187fffe834c054d75a84ead1c68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273 HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: br
Content-Length: 785
Splunk-Waf: v1.5
X-Powered-By: PHP/8.3.12
Strict-Transport-Security: max-age=15768000; includeSubDomains

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0daf539bb5f7c9ff35006ac5a0be9f00
58a94ca5da705dc6932e43c2f12bf7715d7b0e90
21761a415ad3b5125e15eb05cbbf4297b5215f3f6d21597819381dec9a5a4432

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

roblox.com.kg/controlPage/new/css/style.css

154.213.192.2

200 OK

29 kB

URL GET HTTP/1.1
roblox.com.kg/controlPage/new/css/style.css
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
ASCII text, with very long lines (572)
Size
29 kB (28922 bytes)
Hash
591e16b1a5d965d19f98194b2531f70a
e4f971cfea8b4798097dcc4865ad0a4f6dbdb2c2
9c5007b7b3c0d9edca61d255ae0634101956a20fb2d68e53aacc1ed6584af421

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/css/style.css HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/css
Content-Encoding: gzip
Content-Length: 28922
Splunk-Waf: v1.5
Last-Modified: Wed, 01 Nov 2023 04:36:04 GMT
Vary: Accept-Encoding
X-Powered-By: PleskLin
Etag: "370b6-6090fcf19d500-gzip"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000; includeSubDomains

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.65.229

200 OK

18 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (46581)
Size
18 kB (18281 bytes)
Hash
e7ab2d22059493e08068585b2936fe92
5064547076ac474b07266a04d74daf08483b792d
84c733b55ba8c2a952391013ce80772d11acab1840b420dfa6c775c9593b3a4c

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.14.1
x-jsd-version-type: version
etag: W/"1143e-UGRUcHasR0sHJmoE102vCEg7eS0"
content-encoding: br
accept-ranges: bytes
date: Mon, 07 Oct 2024 08:05:17 GMT
age: 26525
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18281
X-Firefox-Spdy: h2

roblox.com.kg/controlPage/new/js/popper.js

154.213.192.2

200 OK

7.5 kB

URL GET HTTP/1.1
roblox.com.kg/controlPage/new/js/popper.js
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
JavaScript source, ASCII text, with very long lines (20831)
Size
7.5 kB (7456 bytes)
Hash
36affe2ca6cb85233ee7362c5d8b7893
42e3ca1212d825150c0f57f97dea8d9c0b0ce2a1
71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/js/popper.js HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/javascript
Content-Encoding: gzip
Content-Length: 7456
Splunk-Waf: v1.5
Last-Modified: Wed, 01 Nov 2023 04:36:04 GMT
Etag: "520b-6090fcf19d500-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

roblox.com.kg/controlPage/new/js/main.js

154.213.192.2

200 OK

46 B

URL GET HTTP/1.1
roblox.com.kg/controlPage/new/js/main.js
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
JavaScript source, ASCII text
Size
46 B (46 bytes)
Hash
22f37194eeafef0a4972d6d9d4f70aaf
2875b95e6718e3694ec156e17db103a256990dd4
65767c864ba004bfbec22417f07411188e53815418c1b01897a5d435123dc978

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/js/main.js HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/javascript
Content-Encoding: br
Content-Length: 46
Splunk-Waf: v1.5
X-Powered-By: PleskLin
Last-Modified: Wed, 01 Nov 2023 04:36:04 GMT
Etag: W/"2d-6090fcf19d500"
Strict-Transport-Security: max-age=15768000; includeSubDomains

roblox.com.kg/controlPage/new/js/bootstrap.min.js

154.213.192.2

200 OK

15 kB

URL GET HTTP/1.1
roblox.com.kg/controlPage/new/js/bootstrap.min.js
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
JavaScript source, ASCII text, with very long lines (57791)
Size
15 kB (15437 bytes)
Hash
e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/js/bootstrap.min.js HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/javascript
Content-Encoding: gzip
Content-Length: 15437
Splunk-Waf: v1.5
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 01 Nov 2023 04:36:04 GMT
Accept-Ranges: bytes
Etag: "e2d8-6090fcf19d500-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding

roblox.com.kg/controlPage/new/js/jquery.min.js

154.213.192.2

200 OK

31 kB

URL GET HTTP/1.1
roblox.com.kg/controlPage/new/js/jquery.min.js
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30675 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /controlPage/new/js/jquery.min.js HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:17 GMT
Content-Type: text/javascript
Content-Encoding: gzip
Content-Length: 30675
Splunk-Waf: v1.5
Last-Modified: Wed, 01 Nov 2023 04:36:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Etag: "15850-6090fcf19d500-gzip"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0daf539bb5f7c9ff35006ac5a0be9f00
58a94ca5da705dc6932e43c2f12bf7715d7b0e90
21761a415ad3b5125e15eb05cbbf4297b5215f3f6d21597819381dec9a5a4432

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
619d6101b5a3c55ece930d0ed961339d
06d440f712028df0414685277ac3a8709ebbbcbd
5f156bfb7633f6b634ca824ef6d0d7d96c6e5eed2a900fcb74817e3b497b50fd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.99

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:07:39 GMT
expires: Fri, 03 Oct 2025 11:07:39 GMT
cache-control: public, max-age=31536000
age: 334659
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
619d6101b5a3c55ece930d0ed961339d
06d440f712028df0414685277ac3a8709ebbbcbd
5f156bfb7633f6b634ca824ef6d0d7d96c6e5eed2a900fcb74817e3b497b50fd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
619d6101b5a3c55ece930d0ed961339d
06d440f712028df0414685277ac3a8709ebbbcbd
5f156bfb7633f6b634ca824ef6d0d7d96c6e5eed2a900fcb74817e3b497b50fd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.99

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 20:18:55 GMT
expires: Sun, 05 Oct 2025 20:18:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 128783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

142.250.74.99

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0
Size
23 kB (23236 bytes)
Hash
716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Oct 2024 17:13:23 GMT
expires: Sat, 04 Oct 2025 17:13:23 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
age: 226315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
619d6101b5a3c55ece930d0ed961339d
06d440f712028df0414685277ac3a8709ebbbcbd
5f156bfb7633f6b634ca824ef6d0d7d96c6e5eed2a900fcb74817e3b497b50fd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Oct 2024 08:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

roblox.com.kg/favicon.ico

154.213.192.2

200 OK

525 B

URL GET HTTP/1.1
roblox.com.kg/favicon.ico
IP
154.213.192.2:443
ASN
#35916 MULTA-ASN1

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerLet's Encrypt
Subjectroblox.com.kg
FingerprintA4:57:3C:7C:B6:2D:F4:78:36:BB:7F:F6:50:F6:D7:A1:57:E2:9C:2F
ValidityFri, 09 Aug 2024 18:19:59 GMT - Thu, 07 Nov 2024 18:19:58 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
525 B (525 bytes)
Hash
68208984e7e1dd87ab5f7c7d587c7a9b
e1257a0d3863d707eb3dda6953068a1ab257585a
1cb7faf06f9d66b671a030ad6a5927119bddfc43fa473b9b9dae463f8175da43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: roblox.com.kg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Oct 2024 08:05:18 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 525
Splunk-Waf: v1.5
X-Powered-By: PleskLin
Etag: "20d-621cfa1fe2c00"
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Last-Modified: Wed, 11 Sep 2024 03:32:00 GMT

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ebfbf818391624422109f66e06087522
3d350dcb6ba462dd127a132bb30066ad5ced29f1
c93edc89f05c8ee4d5344846bedb083a94288cf8a26c39fccf2cafde0732130c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C93EDC89F05C8EE4D5344846BEDB083A94288CF8A26C39FCCF2CAFDE0732130C"
Last-Modified: Mon, 07 Oct 2024 06:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18697
Expires: Mon, 07 Oct 2024 13:16:55 GMT
Date: Mon, 07 Oct 2024 08:05:18 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=57f8be95f1

104.21.26.223

200 OK

4.9 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=57f8be95f1
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintB8:0E:B4:BD:5D:51:E9:6A:20:8E:72:31:7F:AF:18:85:61:54:95:94
ValidityThu, 29 Aug 2024 15:54:38 GMT - Wed, 27 Nov 2024 15:54:37 GMT

File type
gzip compressed data, from Unix
Size
4.9 kB (4879 bytes)
Hash
8a3fe6808213a6c8434dc7843aa61a9a
3f84db474216502b6d77625345ce843fa8dfc902
93fe34253692dc5d903a245a9d983e4b2622a8faf6683e0577737b4c77b32b25

HTTP Headers

GET /releases/v6.6.0/css/free-v4-shims.min.css?token=57f8be95f1 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.kg/
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Oct 2024 08:05:18 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ad3ce7688f48f2bfb8279b49c6c4711e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: ujlKJd5dqqKlXZ_4BdvW34mhg2hzb2Lf8mEes01aegaj_PQHHBHKug==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXNRD4emrG1oQVBGNW4Yw%2BSkuWl7dwQsDbHYreapBlot4s3kQXO235d1AodXZzhe%2BHbukjuvruBxnTapnlmQ77zxUzJgoakvS7GAMtT2l8QRhQMTy8XT4vZ678ltP6lZQiZTO2RLlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cec62a4ece5b505-OSL
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ebfbf818391624422109f66e06087522
3d350dcb6ba462dd127a132bb30066ad5ced29f1
c93edc89f05c8ee4d5344846bedb083a94288cf8a26c39fccf2cafde0732130c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C93EDC89F05C8EE4D5344846BEDB083A94288CF8A26C39FCCF2CAFDE0732130C"
Last-Modified: Mon, 07 Oct 2024 06:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18697
Expires: Mon, 07 Oct 2024 13:16:55 GMT
Date: Mon, 07 Oct 2024 08:05:18 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=57f8be95f1

104.21.26.223

200 OK

23 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=57f8be95f1
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintB8:0E:B4:BD:5D:51:E9:6A:20:8E:72:31:7F:AF:18:85:61:54:95:94
ValidityThu, 29 Aug 2024 15:54:38 GMT - Wed, 27 Nov 2024 15:54:37 GMT

File type
gzip compressed data, from Unix
Size
23 kB (22721 bytes)
Hash
60cb3db4bb4ea41b615c60af1b586647
95a291a337ebe22c3bf79bc30106c0380a5c4bec
c9f5f73f85329e67376833260d7cb021fbe97455ae5df5f090573cc5d33d0c0e

HTTP Headers

GET /releases/v6.6.0/css/free.min.css?token=57f8be95f1 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.kg/
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Oct 2024 08:05:18 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
etag: W/"4ca760f49cd8a14911c81e6c14328874"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vrcanpV8J2AWmuH5jHdIOmAispabv9e0431cmJbkLEswJYKAaMl2TA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phmis4BS9AQgCGGjqmts%2BoNzlm1Vuc87bIpIV01R9fchsWobCVllk3XeSHTi7P0IJ2dsbq2yhBwlOg18gRTqJl1Lmwe1fAP3riqxYqDLZ3Xusj6MmorS763LAjbFulH%2FqQ7VVpNElg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cec62a4ecebb505-OSL
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=57f8be95f1

104.21.26.223

200 OK

1.8 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=57f8be95f1
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintB8:0E:B4:BD:5D:51:E9:6A:20:8E:72:31:7F:AF:18:85:61:54:95:94
ValidityThu, 29 Aug 2024 15:54:38 GMT - Wed, 27 Nov 2024 15:54:37 GMT

File type
ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
eaa8c3d22110c5fd5c0fcb4c8e666150
efb1608309a4a0bcc45012c9739ec62475d8e35a
2345537cc70a40cb1129bcb5db1c0ca9136dc7dd7c1ce0557c8df7afa7d068a5

HTTP Headers

GET /releases/v6.6.0/css/free-v4-font-face.min.css?token=57f8be95f1 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.kg/
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Oct 2024 08:05:18 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pVLzS3Rs-I4ktsSntpPkhMzG1gp401ZEBrCdmboYQXJlvRQ_GvcI7A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nf0k5mnnT8VMdiovJagz8txtSem7N4%2Blq25ERLwFoJbU9kqjvnXbBSowAoyEemf2vT9Puh43KilyFHLhHmPAukaN10wGXlmXWuNhCXBb8caPBE%2B1B6Lo1VWhzFrwYOxYDOkKQ%2FRgqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cec62a4ece1b505-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap

142.250.74.106

200 OK

3.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:48:CD:9D:CD:36:2C:BF:35:F8:E0:82:73:2B:F8:79:64:BB:AE:F7
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
ASCII text, with very long lines (3140), with no line terminators
Size
3.1 kB (3068 bytes)
Hash
ee245902afd9b396d86e288b6789aaf2
af50bd3a7dcbd224e0b53d5f3b249647d15cd367
9b50ea58e08c611673f2ef27188071265fc6816fa6734d148c46a6769831dec9

HTTP Headers

GET /css?family=Lato:300,400,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Oct 2024 08:05:17 GMT
date: Mon, 07 Oct 2024 08:05:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit.fontawesome.com/57f8be95f1.js

104.18.40.68

200 OK

13 kB

URL GET HTTP/2
kit.fontawesome.com/57f8be95f1.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
FingerprintB1:69:23:88:5E:EA:EA:76:BC:90:A2:CE:D9:3B:3F:5D:FE:5F:13:09
ValidityTue, 30 Jul 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12736)
Size
13 kB (13165 bytes)
Hash
7cd272090c34e7302b63b1e4b62af41d
ec60d67b4173107773d9426f94f18ea89e650344
3e26adc98f31ccabe55fd5c5556b700eb6698f54a9fd6376b2603a698beb2efd

HTTP Headers

GET /57f8be95f1.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Referer: https://roblox.com.kg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Oct 2024 08:05:18 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F_wPVLCzZy-Yn2sCGp_B
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8cec62a30a6c568f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=57f8be95f1

104.21.26.223

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=57f8be95f1
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://roblox.com.kg/games/15101393044/Dress-To-Impress?isAd=false&nativeAdData=&numberOfLoadedTiles=5&page=gameDetailPage&placeId=15101393044&position=0&universeId=5203828273
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintB8:0E:B4:BD:5D:51:E9:6A:20:8E:72:31:7F:AF:18:85:61:54:95:94
ValidityThu, 29 Aug 2024 15:54:38 GMT - Wed, 27 Nov 2024 15:54:37 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
fb9dcf42b13b002eb756d92083218c5e
73cb71731332cec64a28af69b4099666b460e411
8700d0e4f6eac31ca35d1655c14b21126e8e825b2a58738bdc8595d362e0066d

HTTP Headers

GET /releases/v6.6.0/css/free-v5-font-face.min.css?token=57f8be95f1 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://roblox.com.kg/
Origin: https://roblox.com.kg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Oct 2024 08:05:18 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
etag: W/"8972ae5004bc634ffa6641be3960e78a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 70GyDzb3QYRagslXQcVA6xPMiUKZW0p1d7Vmzf9yLqtlv0siYAsr9w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ww1wNUjhaVnGoahiup0sEhDRn5s3QApuP15q3VJkvAL98xfNdXSx4PrKGRtkuY2SUIvt1kETMowo%2BgkXXYNEa3l%2BibWUUSFR%2F2ZlOtj4jl%2FUlww7xYKAge5%2Ftv%2FQlk%2FNM8D2IB2yBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cec62a4eceab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (31)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN