![](/screenshots/40c59d31-8364-4f3c-8aae-dd9d76b750d8.png)
bloxfruits.pro
Open in
urlscan Pro
35.198.80.163
Malicious Activity!
Public Scan
Submission Tags: phishingrod
Submission: On May 05 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.
This is the only time bloxfruits.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 35.198.80.163 35.198.80.163 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2600:9000:224... 2600:9000:2247:c200:d:e9c:2500:21 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2600:9000:223... 2600:9000:223e:dc00:1c:b3e3:eb40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:251... 2600:9000:2511:d200:1a:bf70:d500:21 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 163.80.198.35.bc.googleusercontent.com
bloxfruits.pro |
ASN16509 (AMAZON-02, US)
d2bb5k76l7oivo.cloudfront.net |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
ASN16509 (AMAZON-02, US)
d1bkis4ydqgspg.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
bloxfruits.pro
bloxfruits.pro |
1 MB |
9 |
cloudfront.net
d2bb5k76l7oivo.cloudfront.net d13pxqgp3ixdbh.cloudfront.net d1bkis4ydqgspg.cloudfront.net |
227 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
16 | bloxfruits.pro |
bloxfruits.pro
|
5 | d1bkis4ydqgspg.cloudfront.net |
d2bb5k76l7oivo.cloudfront.net
|
3 | d13pxqgp3ixdbh.cloudfront.net |
bloxfruits.pro
|
1 | d2bb5k76l7oivo.cloudfront.net |
bloxfruits.pro
|
25 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bloxfruits.pro R3 |
2023-05-05 - 2023-08-03 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bloxfruits.pro/
Frame ID: E8DFB594090A4970C637A43015FF3168
Requests: 25 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bloxfruits.pro/ |
27 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo3.webp
bloxfruits.pro/img/ |
31 KB 32 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba2ebed.js
d2bb5k76l7oivo.cloudfront.net/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14859274931dd77b79350953c8e835afaced491210.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
94 KB 94 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
159640775091fa61d506ec8c69e211d0b2f6326472.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
87 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Blox-Fruits-Background.jpg
bloxfruits.pro/img/ |
161 KB 161 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1596408323b852e5921ab31e8c3a9444aa245f0cc5.woff2
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.3558240.bfde2.0.js
d1bkis4ydqgspg.cloudfront.net/public/external/v2/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d1bkis4ydqgspg.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Leopard.png
bloxfruits.pro/img/Bloxfruit/ |
110 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dragon.png
bloxfruits.pro/img/Bloxfruit/ |
106 KB 106 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Shadow.png
bloxfruits.pro/img/Bloxfruit/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Venom.png
bloxfruits.pro/img/Bloxfruit/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Buddha.png
bloxfruits.pro/img/Bloxfruit/ |
61 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Soul.png
bloxfruits.pro/img/Bloxfruit/ |
110 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rumble.png
bloxfruits.pro/img/Bloxfruit/ |
75 KB 76 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dough.png
bloxfruits.pro/img/Bloxfruit/ |
60 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spirite.png
bloxfruits.pro/img/Bloxfruit/ |
98 KB 98 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Control.png
bloxfruits.pro/img/Bloxfruit/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dark.png
bloxfruits.pro/img/Bloxfruit/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Quake.png
bloxfruits.pro/img/Bloxfruit/ |
84 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Magma.png
bloxfruits.pro/img/Bloxfruit/ |
84 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d1bkis4ydqgspg.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d1bkis4ydqgspg.cloudfront.net/public/ |
0 277 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d1bkis4ydqgspg.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| addListeners function| changeMessages1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bloxfruits.pro/ | Name: _cpguid Value: uoo6r5my4 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bloxfruits.pro
d13pxqgp3ixdbh.cloudfront.net
d1bkis4ydqgspg.cloudfront.net
d2bb5k76l7oivo.cloudfront.net
2600:9000:223e:dc00:1c:b3e3:eb40:21
2600:9000:2247:c200:d:e9c:2500:21
2600:9000:2511:d200:1a:bf70:d500:21
35.198.80.163
210f28248609e7f844b0195b32e1684e30eb249b37f5b0258b816ab5a16f2c06
257a3aec104d87c4a845a2cdd0a67dd9c5c62936b0a3f594230d4fa3adfb499a
281109dbe793324b1ec548e934b36d1c80f94095aaa2671e59c2c05867f5e808
2ad770d14d59393ee30b61a703a4a21b9b00cc95d76bcfe3077d7190614875ed
338b81984fdacb6af899c845bad22219ef99e19a94b8f4209c8b1bc5f9ed281d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6a28a7ad59c7a74933a1a71343b19495b3fca7a782108db580c53640ed73bb8c
73d2179792625d9a14167d596c7d7498e5b3cb3af4bef2dcb1f26756067b72c5
81f51c8c2e58ba1aee5fe1844c85413710295b850c4485badf6ff98af4e03105
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a3ca7909db97485fd3a2c4bfe0a168e933f313afd42d07bb2f21996bcc62c380
a6c0cb6085faabfb8163e0a94ba7f0aea78e72b6ba04a831bf3254f2e4279067
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c0e2128cbf3e036e25c1a932536a88a9e9b48027bfc6de8eb7186fd7343f98db
c2fc4f0c9d5a938adb04318afec3f52a75482f49eb7bdfa8f6cac4db6097bd32
c7e198a12c6b870117c5db6404afd395b94d7472a63a93cc9a582f26f6521e70
ca5dfd7bf2b65b859f0fa8f8f0d7f7c89a9b5a26e1a8515ec07d39a60e5c6f9e
cd51962b5a55d210b9e341657e9ce31e9668b00d7f43f4b076e6f7aeac7ac57f
d03ef099af60823192c1e49ea7ef0953c40168eb412f6997d04c5011365acc25
da6f53885338d8245e78e346cf562c7d04ee3fcd245a455696e2ce7d73ade32c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf648dd3276d2d642e45f5a9932d30fcebd70f799af9b3fc6db7985fec092e2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f986226a58e87c5108b3fa07a854f11a84052a289f90e326164e3a19b5dade38