welcome.at.robloxlabs.com Open in urlscan Pro
13.224.189.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://welcome.at.robloxlabs.com/
Submission Tags: phishingrod
Submission: On November 08 via api (November 8th 2023, 9:15:29 am UTC) from DE — Scanned from AT

Summary HTTP 7 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 13.224.189.7, located in United States and belongs to AMAZON-02, US. The main domain is welcome.at.robloxlabs.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: 9 months.

This is the only time welcome.at.robloxlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	13.224.189.7 13.224.189.7		16509 (AMAZON-02) (AMAZON-02)
7	2

7 13.224.189.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-7.fra2.r.cloudfront.net

welcome.at.robloxlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	robloxlabs.com welcome.at.robloxlabs.com	430 KB
7	1

	Domain	Requested by
7	welcome.at.robloxlabs.com	welcome.at.robloxlabs.com
7	1

This site contains links to these domains. Also see Links.

Domain
support.at.robloxlabs.com

Subject Issuer	Validity	Valid
welcome.at.robloxlabs.com Amazon RSA 2048 M01	`2023-02-28` - `2023-11-17`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://welcome.at.robloxlabs.com/
Frame ID: 73F66774269C5FABE19A10BD09D6ABB2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Assessment

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

430 kB
Transfer

1295 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://support.at.robloxlabs.com/
Title: assessment support center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response welcome.at.robloxlabs.com/	563 B 949 B	740ms 442ms	Document text/html	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `08a12d7dc3321df7ff6a35c08fa2c6eb58680511e75be52edd3fead51005e41e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 563 content-type text/html date Wed, 08 Nov 2023 09:15:25 GMT etag "150352085d6a29d04770fe3d7a550fd1" last-modified Wed, 11 Oct 2023 22:01:12 GMT server AmazonS3 vary Accept-Encoding via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) x-amz-cf-id qYXUWCz3S8BMVfaJW3kk1vM2IpygyQe1hHVrjbW5xWTWZpfB6kNaUw== x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront
GET H2	200	fonts.css welcome.at.robloxlabs.com/fonts/	4 KB 1 KB	426ms 426ms	Stylesheet text/css	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/fonts.css Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `1f81d7d13886c07f4027748241c3afbdf4a2516f581202db6c2174ed81d1071c` Request headers accept-language de-AT,de;q=0.9 Referer https://welcome.at.robloxlabs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT content-encoding gzip via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag W/"a4a366168fd7455b9be37c561ccdcb64" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css x-amz-cf-id uuY2rhxtX0P8Nk63aN5ico7zK-ALcIEL8NDQuBLJ96pOIF9lI3LArA==
GET H2	200	index.91a6c9ba.js Show response welcome.at.robloxlabs.com/assets/	97 KB 36 KB	468ms 468ms	Script application/javascript	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/index.91a6c9ba.js Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `67b749fd9ad418d885138860bd68fb679fce3dc24a61d9a7d25d12522aaeb54e` Request headers Referer https://welcome.at.robloxlabs.com/ Origin https://welcome.at.robloxlabs.com accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT content-encoding gzip via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag W/"5ff06a2bfc7cbcf41a42339d217deceb" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript x-amz-cf-id 7bHWjsJnfAcBO36_n8SlS7c7GujCkb_nJwhImXWFz8G42RrV3EZM5w==
GET H2	200	vendor.130ab0ae.js Show response welcome.at.robloxlabs.com/assets/	1 MB 303 KB	442ms 441ms	Script application/javascript	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/vendor.130ab0ae.js Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `0322d745010df3871ee552e382fbfbe866eb875008311deb3d05b7f25154dd71` Request headers Referer https://welcome.at.robloxlabs.com/ Origin https://welcome.at.robloxlabs.com accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT content-encoding gzip via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag W/"9954675c7bbe9b952e6d6ec8ea552d0f" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript x-amz-cf-id 5DqnL8F5RLIZQEm5ao95aDWGG_jRLaRvGrEWFXDOa6qRQHwHZrBIvw==
GET H2	200	index.b623cba8.css welcome.at.robloxlabs.com/assets/	26 KB 6 KB	491ms 491ms	Stylesheet text/css	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/index.b623cba8.css Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `27cefcb3cec93f588e7a917e98006ada120bdfef5273f0e24a794bffdf1bf63a` Request headers accept-language de-AT,de;q=0.9 Referer https://welcome.at.robloxlabs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT content-encoding gzip via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag W/"cadd0be6b7f7118eaa598da819e14ee9" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css x-amz-cf-id 7phcXM8IbVwXsuraXxJICxUFC47i5pvg1DDifXlU_JzYC_8BZsUO7A==
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `89f0110174267f0fe854a15d9f8d0b640392f0a70ac597e8dd6d75edaca2fc48` Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Gotham-Black_Web.woff2 welcome.at.robloxlabs.com/fonts/woff2/	41 KB 41 KB	434ms 433ms	Font font/woff2	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/woff2/Gotham-Black_Web.woff2 Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `a99144051ae16129c4b4d7205db3efa1caab9a403f75a4e5ae32e445d50ce373` Request headers Referer https://welcome.at.robloxlabs.com/fonts/fonts.css Origin https://welcome.at.robloxlabs.com accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag "9588e53a15b71ad9ce86d778ac1826ef" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type font/woff2 accept-ranges bytes content-length 41988 x-amz-cf-id TxWN7tOvoeJL7QwYfAfYjZdala9j9hfyP82BQWFXmghBRE0iXEf8QQ==
GET H2	200	Gotham-Book_Web.woff2 welcome.at.robloxlabs.com/fonts/woff2/	41 KB 41 KB	446ms 446ms	Font font/woff2	13.224.189.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/woff2/Gotham-Book_Web.woff2 Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-7.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e` Request headers Referer https://welcome.at.robloxlabs.com/fonts/fonts.css Origin https://welcome.at.robloxlabs.com accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 09:15:26 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 22:01:11 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 x-amz-server-side-encryption AES256 etag "d838b98f75e3cb9574f9b8b796eb1e8f" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type font/woff2 accept-ranges bytes content-length 41728 x-amz-cf-id oZYc9VfUPKCas8ZWGqPbDxoMUfLRP4MEv5LMrQNY7lowYQtZ2FFfNw==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

welcome.at.robloxlabs.com
13.224.189.7
0322d745010df3871ee552e382fbfbe866eb875008311deb3d05b7f25154dd71
08a12d7dc3321df7ff6a35c08fa2c6eb58680511e75be52edd3fead51005e41e
1f81d7d13886c07f4027748241c3afbdf4a2516f581202db6c2174ed81d1071c
27cefcb3cec93f588e7a917e98006ada120bdfef5273f0e24a794bffdf1bf63a
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
67b749fd9ad418d885138860bd68fb679fce3dc24a61d9a7d25d12522aaeb54e
89f0110174267f0fe854a15d9f8d0b640392f0a70ac597e8dd6d75edaca2fc48
a99144051ae16129c4b4d7205db3efa1caab9a403f75a4e5ae32e445d50ce373

welcome.at.robloxlabs.com Open in urlscan Pro 13.224.189.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

430 kBTransfer

1295 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

welcome.at.robloxlabs.com Open in urlscan Pro
13.224.189.7 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

430 kB
Transfer

1295 kB
Size

0
Cookies

7 HTTP transactions
1 data transactions