now.gg Open in urlscan Pro
13.225.223.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fredboat.com/play-roblox
Effective URL:
https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
Submission: On August 07 via manual (August 7th 2023, 9:46:35 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 13.225.223.23, located in United States and belongs to AMAZON-02, US. The main domain is now.gg. The Cisco Umbrella rank of the primary domain is 30581.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 21st 2023. Valid for: a year.

This is the only time now.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	144.172.70.23 144.172.70.23	397031 (GALAXYGATE) (GALAXYGATE)
1	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:251... 2600:9000:2514:b200:1c:4298:2140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.223.23 13.225.223.23	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
19	7

9 144.172.70.23 (Staten Island, United States)

ASN397031 (GALAXYGATE, US)

fredboat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:b200:1c:4298:2140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

v3.now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.223.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-23.jfk51.r.cloudfront.net

now.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	fredboat.com fredboat.com	114 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	21 KB
3	now.gg 1 redirects v3.now.gg now.gg — Cisco Umbrella Rank: 30581	16 KB
1	gstatic.com fonts.gstatic.com	29 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	932 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	65 KB
19	6

	Domain	Requested by
9	fredboat.com	fredboat.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	now.gg	fredboat.com now.gg
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	now.gg
1	v3.now.gg	1 redirects
1	www.googletagmanager.com	fredboat.com www.googletagmanager.com
19	7

This site contains no links.

Subject Issuer	Validity	Valid
fredboat.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
now.gg Amazon RSA 2048 M01	`2023-01-21` - `2024-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
Frame ID: 69E3B4FC3D8D1BF55E50DF476E8EB93C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proxy

Page URL History Show full URLs

https://fredboat.com/play-roblox Page URL
https://v3.now.gg/play/5349?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat HTTP 302
https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

19
Requests

89 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

246 kB
Transfer

675 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fredboat.com/play-roblox Page URL
https://v3.now.gg/play/5349?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat HTTP 302
https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK play-roblox Show response
fredboat.com/ 11 KB
2 KB 63ms
8ms Document
text/html 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Next.js
Resource Hash: f3bf263dfbbea2e01f1aa14860b821e33697a4e65704127cd897a1463989d8c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Aug 2023 21:46:29 GMT
ETag: "vdqdn3smn78n5"
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Next.js

GET
H2 200 js
www.googletagmanager.com/gtag/ 179 KB
65 KB 95ms
54ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-25845175-7

Requested by

Host: fredboat.com
URL: https://fredboat.com/play-roblox

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:46:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 21:46:29 GMT

GET
H/1.1 200
OK c3ba162ca63bb63f.css
fredboat.com/_next/static/css/ 7 KB
2 KB 6ms
6ms Stylesheet
text/css 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/css/c3ba162ca63bb63f.css
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e9560dfb8fc073d72ff6c99bdf9e60d7c6196491dece6177d87d7b2d0fb1ffcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"1c18-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK webpack-02d44588496aa8a6.js Show response
fredboat.com/_next/static/chunks/ 5 KB
3 KB 7ms
6ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/chunks/webpack-02d44588496aa8a6.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ba3a882e80c6061796b8c7cbd94e1c6aa08fb266040c2a4524f198734d6abb02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"1344-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK framework-5f4595e5518b5600.js Show response
fredboat.com/_next/static/chunks/ 127 KB
42 KB 31ms
24ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/chunks/framework-5f4595e5518b5600.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"1fbbb-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main-59561adcfeaafd7c.js Show response
fredboat.com/_next/static/chunks/ 117 KB
35 KB 34ms
27ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/chunks/main-59561adcfeaafd7c.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9c9f554a15c7b8a3e651a782e08b09d3f687120f2638edf1e703eff086a2168

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"1d5cf-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-bf3070a041b58d9f.js Show response
fredboat.com/_next/static/chunks/pages/ 94 KB
28 KB 36ms
28ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/chunks/pages/_app-bf3070a041b58d9f.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 82d6463e3cf1a2e083df7ed16fe34482dae894f1476cc7f09d87f169e08a1451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"17798-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK play-roblox-3bb1793101a4472d.js Show response
fredboat.com/_next/static/chunks/pages/ 621 B
976 B 26ms
19ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/chunks/pages/play-roblox-3bb1793101a4472d.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a86c2e9e7cc8a15cc0822df591fb19ddbc0b0836cc75e9b82482c19581bf2915

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"26d-189ab45b6a0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 621

GET
H/1.1 200
OK _buildManifest.js Show response
fredboat.com/_next/static/JdhdieaS6m00Vy948eiue/ 2 KB
1 KB 31ms
23ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/JdhdieaS6m00Vy948eiue/_buildManifest.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a178605d63bc49524b1dc3c67b2e6a971cf7086e6bd4156124da795eed91affc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"68c-189ab45b6a0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK _ssgManifest.js Show response
fredboat.com/_next/static/JdhdieaS6m00Vy948eiue/ 77 B
430 B 23ms
22ms Script
application/javascript 144.172.70.23
GALAXYGATE

General

Check archive.org

Show headers Download Go to

Full URL: https://fredboat.com/_next/static/JdhdieaS6m00Vy948eiue/_ssgManifest.js
Requested by: Host: fredboat.com
URL: https://fredboat.com/play-roblox
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.172.70.23 Staten Island, United States, ASN397031 (GALAXYGATE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/play-roblox
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 21:46:29 GMT
Last-Modified: Mon, 31 Jul 2023 09:27:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"4d-189ab45b6a0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77

GET
H2

200

Primary Request roblox Show response
now.gg/play/roblox-corporation/5349/
Redirect Chain

https://v3.now.gg/play/5349?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat

24 KB
8 KB

23ms
5ms

Document
text/html

13.225.223.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
Requested by: Host: fredboat.com
URL: https://fredboat.com/_next/static/chunks/pages/play-roblox-3bb1793101a4472d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-23.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ec60f578cf7018cdb196586ed39ead4f82dbcf3289eea69f3e034d7ef3e59d1

Request headers

Referer: https://fredboat.com/play-roblox
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-methods: GET
access-control-allow-origin: *
age: 32557
content-encoding: br
content-type: text/html
date: Mon, 07 Aug 2023 12:47:24 GMT
etag: W/"210f0bb2096cb9b7918336c464b1d242"
last-modified: Tue, 18 Jul 2023 10:30:05 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-id: KnvFL0UNUwTB_ehXgr0crq4dQbMUJKuIHIcjwQM1QYGCe1Wli6qOmQ==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: BbuM23.QBzMfnijcFgbJXNQrpzpND33h
x-cache: Error from cloudfront

Redirect headers

age: 55253
content-length: 0
date: Mon, 07 Aug 2023 06:25:37 GMT
location: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
server: CloudFront
via: 1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
x-amz-cf-id: VNqmb74ce9aZKQmq4wObu3hGoXL5bCLp1TtrW7bAf4U3RvnXqdK28A==
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 23ms
4ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-25845175-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Aug 2023 20:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3935
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 07 Aug 2023 22:40:55 GMT

POST collect
www.google-analytics.com/j/ 0
0

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 4ms
4ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=699375913&t=event&_s=2&dl=https%3A%2F%2Ffredboat.com%2Fplay-roblox&dp=%2Fplay-roblox&ul=en-us&de=UTF-8&dt=FredBoat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=now-gg-game-new-tab&ea=bot-redirect-url-open&el=&ev=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=226014309.1691444790&tid=UA-25845175-7&_gid=812721491.1691444790&gtm=457e3820&z=1829723889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82938
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 5ms
4ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=699375913&t=event&_s=3&dl=https%3A%2F%2Ffredboat.com%2Fplay-roblox&dp=%2Fplay-roblox&ul=en-us&de=UTF-8&dt=FredBoat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=open-app&ea=UTM_source%3DNONE&el=%2Fplay-roblox&ev=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=226014309.1691444790&tid=UA-25845175-7&_gid=812721491.1691444790&gtm=457e3820&z=1432029831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fredboat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 22:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82938
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
932 B 90ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fredoka:wght@400;500;600;700&display=swap

Requested by

Host: now.gg
URL: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a34cd9197ab48301e493dbfa9d0cea7ddee5f89c8a60d6698a32817f191fd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://now.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 21:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 21:46:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 21:46:30 GMT

POST
H2 200 reportEvent Show response
now.gg/api/play/v1/ 24 KB
8 KB 5ms
5ms Fetch
text/html 13.225.223.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://now.gg/api/play/v1/reportEvent
Requested by: Host: now.gg
URL: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-23.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ec60f578cf7018cdb196586ed39ead4f82dbcf3289eea69f3e034d7ef3e59d1

Request headers

Referer: https://now.gg/play/roblox-corporation/5349/roblox?utm_source=now.gg-partner&utm_medium=bot&utm_campaign=fredboat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: BbuM23.QBzMfnijcFgbJXNQrpzpND33h
content-encoding: br
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
date: Mon, 07 Aug 2023 13:28:42 GMT
x-amz-cf-pop: JFK51-C1
age: 32557
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
last-modified: Tue, 18 Jul 2023 10:30:05 GMT
server: AmazonS3
etag: W/"210f0bb2096cb9b7918336c464b1d242"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-id: LUpzWF1QDKfQ_P33WfyZ9bRgBKpPxE267_A8Cl0YcRx-vL7JLBj8yA==

GET
H2 200 X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2
fonts.gstatic.com/s/fredoka/v14/ 28 KB
29 KB 21ms
5ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredoka/v14/X7n64b87HvSqjb_WIi2yDCRwoQ_k7367_DWu89U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fredoka:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5acd18c3fcaab27993b4702c2631653014bb733877d87f99a0d4a0c9a20606de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://now.gg
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:04:21 GMT
x-content-type-options: nosniff
age: 470529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28976
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Aug 2024 11:04:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2W4E480YW&l=dataLayer&cx=c

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&a=699375913&t=pageview&_s=1&dl=https%3A%2F%2Ffredboat.com%2Fplay-roblox&dp=%2Fplay-roblox&ul=en-us&de=UTF-8&dt=FredBoat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1239077537&gjid=940380593&cid=226014309.1691444790&tid=UA-25845175-7&_gid=812721491.1691444790&_r=1&gtm=457e3820&z=1516159221

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isMobileComputed

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fredboat.com/	1970-01-20 22:36:20	Name: persist%3AuserDetails Value: {%22isLoggedIn%22:%22false%22%2C%22accessToken%22:%22null%22%2C%22tokenType%22:%22null%22%2C%22refreshToken%22:%22null%22%2C%22expiresAt%22:%22null%22%2C%22_persist%22:%22{%5C%22version%5C%22:-1%2C%5C%22rehydrated%5C%22:true}%22}
fredboat.com/	1970-01-20 22:36:20	Name: reduxPersistIndex Value: [%22persist:userDetails%22]
.fredboat.com/	1970-01-20 23:26:44	Name: _ga Value: GA1.2.226014309.1691444790
.fredboat.com/	1970-01-20 13:52:11	Name: _gid Value: GA1.2.812721491.1691444790
.fredboat.com/	1970-01-20 13:50:44	Name: _gat_gtag_UA_25845175_7 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fredboat.com
now.gg
v3.now.gg
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
www.googletagmanager.com
13.225.223.23
144.172.70.23
2001:4860:4802:34::178
2600:9000:2514:b200:1c:4298:2140:93a1
2607:f8b0:4006:824::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:807::200a
0a34cd9197ab48301e493dbfa9d0cea7ddee5f89c8a60d6698a32817f191fd0f
1ec60f578cf7018cdb196586ed39ead4f82dbcf3289eea69f3e034d7ef3e59d1
5acd18c3fcaab27993b4702c2631653014bb733877d87f99a0d4a0c9a20606de
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
82d6463e3cf1a2e083df7ed16fe34482dae894f1476cc7f09d87f169e08a1451
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
a178605d63bc49524b1dc3c67b2e6a971cf7086e6bd4156124da795eed91affc
a86c2e9e7cc8a15cc0822df591fb19ddbc0b0836cc75e9b82482c19581bf2915
ba3a882e80c6061796b8c7cbd94e1c6aa08fb266040c2a4524f198734d6abb02
e9560dfb8fc073d72ff6c99bdf9e60d7c6196491dece6177d87d7b2d0fb1ffcc
f3bf263dfbbea2e01f1aa14860b821e33697a4e65704127cd897a1463989d8c0
f9c9f554a15c7b8a3e651a782e08b09d3f687120f2638edf1e703eff086a2168

now.gg Open in urlscan Pro 13.225.223.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

246 kBTransfer

675 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

now.gg Open in urlscan Pro
13.225.223.23 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

246 kB
Transfer

675 kB
Size

5
Cookies

19 HTTP transactions
0 data transactions