welcome.at.robloxlabs.com Open in urlscan Pro
18.164.96.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://welcome.at.robloxlabs.com/
Submission Tags: phish-stream
Submission: On October 19 via api (October 19th 2022, 6:46:38 am UTC) from CA — Scanned from CA

Summary HTTP 7 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 18.164.96.72, located in United States and belongs to AMAZON-02, US. The main domain is welcome.at.robloxlabs.com.
TLS certificate: Issued by Amazon on November 18th 2021. Valid for: a year.

This is the only time welcome.at.robloxlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	18.164.96.72 18.164.96.72		16509 (AMAZON-02) (AMAZON-02)
7	2

7 18.164.96.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-72.jfk50.r.cloudfront.net

welcome.at.robloxlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	robloxlabs.com welcome.at.robloxlabs.com	427 KB
7	1

	Domain	Requested by
7	welcome.at.robloxlabs.com	welcome.at.robloxlabs.com
7	1

This site contains links to these domains. Also see Links.

Domain
support.at.robloxlabs.com

Subject Issuer	Validity	Valid
welcome.at.robloxlabs.com Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://welcome.at.robloxlabs.com/
Frame ID: B9AF5BD6086B004EEC869479BC7E0AFD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Assessment

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

427 kB
Transfer

1284 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://support.at.robloxlabs.com/
Title: assessment support center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response welcome.at.robloxlabs.com/	563 B 921 B	181ms 77ms	Document text/html	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `3ed0a76eceee9aadf65b6a172e3211beaca15cef4402148ad44298324a05776b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 563 content-type text/html date Wed, 19 Oct 2022 06:46:34 GMT etag "3426350cd9573918833cc003f7ec0f0b" last-modified Wed, 12 Oct 2022 21:08:09 GMT server AmazonS3 vary Accept-Encoding via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) x-amz-cf-id nwrnClVXQfrBLJEzFJKUp1tJD-QOxBdgkEjPrC3b3kcboFjqR7-dvQ== x-amz-cf-pop JFK50-P5 x-cache RefreshHit from cloudfront
GET H2	200	fonts.css welcome.at.robloxlabs.com/fonts/	4 KB 1 KB	21ms 20ms	Stylesheet text/css	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/fonts.css Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `1f81d7d13886c07f4027748241c3afbdf4a2516f581202db6c2174ed81d1071c` Request headers accept-language en-CA,en;q=0.9 Referer https://welcome.at.robloxlabs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:19 GMT content-encoding gzip via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:07 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1455 etag W/"a4a366168fd7455b9be37c561ccdcb64" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id GI4S6ooH35t9Kc_cwVAhMQ-t5uY5S14Byw8qmJUgo3EExFLkZnXk4Q==
GET H2	200	index.52c61537.js Show response welcome.at.robloxlabs.com/assets/	89 KB 34 KB	23ms 22ms	Script application/javascript	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/index.52c61537.js Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `1d87626348810ebe4aaa57315bd100af1def167f3bb7f606c5876e15ad16a96d` Request headers Referer https://welcome.at.robloxlabs.com/ Origin https://welcome.at.robloxlabs.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:19 GMT content-encoding gzip via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:07 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1455 etag W/"903502c536d9667b0e5ff5d708699a38" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id IdXxXdceEF00jxKUH3C-GqvDG-oI3hf84aShgefiyzDoFLhDyqLgNg==
GET H2	200	vendor.130ab0ae.js Show response welcome.at.robloxlabs.com/assets/	1 MB 303 KB	22ms 21ms	Script application/javascript	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/vendor.130ab0ae.js Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `0322d745010df3871ee552e382fbfbe866eb875008311deb3d05b7f25154dd71` Request headers Referer https://welcome.at.robloxlabs.com/ Origin https://welcome.at.robloxlabs.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:19 GMT content-encoding gzip via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:07 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1455 etag W/"9954675c7bbe9b952e6d6ec8ea552d0f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id jzap7fty-qZQ3SZpCXFFTUywCJVpVXPqmdFMI74wgIPXhqiVUy60Qw==
GET H2	200	index.93d99af8.css welcome.at.robloxlabs.com/assets/	24 KB 6 KB	21ms 21ms	Stylesheet text/css	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/assets/index.93d99af8.css Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `14abc4b214314b2c45c8b9b576e82a981061f0502916723d6380be3cc3c07e65` Request headers accept-language en-CA,en;q=0.9 Referer https://welcome.at.robloxlabs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:19 GMT content-encoding gzip via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:07 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1455 etag W/"c3a1ee2d7a9965e7be249b0b6aa14a13" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id k4LyHiVpEVWI_1vvwtMOxQ81P3_v4Cp9wDaBj1QMeELnQqkRwID1oQ==
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `89f0110174267f0fe854a15d9f8d0b640392f0a70ac597e8dd6d75edaca2fc48` Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Gotham-Black_Web.woff2 welcome.at.robloxlabs.com/fonts/woff2/	41 KB 41 KB	20ms 20ms	Font binary/octet-stream	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/woff2/Gotham-Black_Web.woff2 Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `a99144051ae16129c4b4d7205db3efa1caab9a403f75a4e5ae32e445d50ce373` Request headers Referer https://welcome.at.robloxlabs.com/fonts/fonts.css Origin https://welcome.at.robloxlabs.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:23 GMT via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:08 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1451 etag "9588e53a15b71ad9ce86d778ac1826ef" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 41988 x-amz-cf-id 3ywxHABV6FRjDFb6Qt2IWFRd6EJcX70y1W6IEI6S_bYE6DU8-9GBxA==
GET H2	200	Gotham-Book_Web.woff2 welcome.at.robloxlabs.com/fonts/woff2/	41 KB 41 KB	21ms 20ms	Font binary/octet-stream	18.164.96.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://welcome.at.robloxlabs.com/fonts/woff2/Gotham-Book_Web.woff2 Requested by Host: welcome.at.robloxlabs.com URL: https://welcome.at.robloxlabs.com/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-72.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e` Request headers Referer https://welcome.at.robloxlabs.com/fonts/fonts.css Origin https://welcome.at.robloxlabs.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:22:22 GMT via 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 21:08:08 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1452 etag "d838b98f75e3cb9574f9b8b796eb1e8f" x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 41728 x-amz-cf-id ei-hXNq1orYw0yAgDjtwj_hSCLEwF4CDd6Bf2I6V0x5A-j8LSkLSZQ==

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

welcome.at.robloxlabs.com
18.164.96.72
0322d745010df3871ee552e382fbfbe866eb875008311deb3d05b7f25154dd71
14abc4b214314b2c45c8b9b576e82a981061f0502916723d6380be3cc3c07e65
1d87626348810ebe4aaa57315bd100af1def167f3bb7f606c5876e15ad16a96d
1f81d7d13886c07f4027748241c3afbdf4a2516f581202db6c2174ed81d1071c
3ed0a76eceee9aadf65b6a172e3211beaca15cef4402148ad44298324a05776b
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
89f0110174267f0fe854a15d9f8d0b640392f0a70ac597e8dd6d75edaca2fc48
a99144051ae16129c4b4d7205db3efa1caab9a403f75a4e5ae32e445d50ce373

welcome.at.robloxlabs.com Open in urlscan Pro 18.164.96.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

427 kBTransfer

1284 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

welcome.at.robloxlabs.com Open in urlscan Pro
18.164.96.72 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

427 kB
Transfer

1284 kB
Size

0
Cookies

7 HTTP transactions
1 data transactions