www.robloxxexx.ml Open in urlscan Pro
199.36.158.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://robloxxexx.ga/
Effective URL:
https://www.robloxxexx.ml/
Submission Tags: phishingrod
Submission: On May 17 via api (May 17th 2023, 12:47:34 pm UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is www.robloxxexx.ml.
TLS certificate: Issued by GTS CA 1D4 on May 16th 2023. Valid for: 3 months.

This is the only time www.robloxxexx.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:2250:d000:7:68d6:a080:21	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:223... 2600:9000:223d:3800:15:7da0:ecc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	52.219.113.48 52.219.113.48	() ()
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	8

3 199.36.158.100 (United States) 1 redirects

ASN54113 (FASTLY, US)

robloxxexx.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.robloxxexx.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.robloxxexx.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d000:7:68d6:a080:21 (United States)

ASN16509 (AMAZON-02, US)

d1j9qsxe04m2ki.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223d:3800:15:7da0:ecc0:21 (United States)

ASN16509 (AMAZON-02, US)

d3ikgzh4osba2b.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.219.113.48 (None, )

ASN- ()

s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudfront.net d1j9qsxe04m2ki.cloudfront.net d3ikgzh4osba2b.cloudfront.net	99 KB
4	amazonaws.com s3.us-west-1.amazonaws.com	31 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	52 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com — Cisco Umbrella Rank: 35	31 KB
2	robloxxexx.ga 1 redirects robloxxexx.ga www.robloxxexx.ga	702 B
1	robloxxexx.ml www.robloxxexx.ml	617 B
22	6

	Domain	Requested by
5	d3ikgzh4osba2b.cloudfront.net	d1j9qsxe04m2ki.cloudfront.net d3ikgzh4osba2b.cloudfront.net
4	s3.us-west-1.amazonaws.com	d3ikgzh4osba2b.cloudfront.net
3	cdnjs.cloudflare.com	d3ikgzh4osba2b.cloudfront.net
1	fonts.googleapis.com	d3ikgzh4osba2b.cloudfront.net
1	ajax.googleapis.com	d3ikgzh4osba2b.cloudfront.net
1	d1j9qsxe04m2ki.cloudfront.net	www.robloxxexx.ml
1	www.robloxxexx.ml
1	www.robloxxexx.ga
1	robloxxexx.ga	1 redirects
22	9

This site contains no links.

Subject Issuer	Validity	Valid
zelara.uk GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
www.attine.com GTS CA 1D4	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.s3-us-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-21`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.robloxxexx.ml/
Frame ID: DF40A4719BAE45B115FA9E5AD4A17710
Requests: 9 HTTP requests in this frame

Frame: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Frame ID: 63426B544A7367A4B13965166901DF37
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Locked

Page URL History Show full URLs

https://robloxxexx.ga/ HTTP 301
https://www.robloxxexx.ga/ Page URL
https://www.robloxxexx.ml/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

77 %
HTTPS

71 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

214 kB
Transfer

527 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://robloxxexx.ga/ HTTP 301
https://www.robloxxexx.ga/ Page URL
https://www.robloxxexx.ml/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://robloxxexx.ga/ HTTP 301
https://www.robloxxexx.ga/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.robloxxexx.ga/
Redirect Chain

https://robloxxexx.ga/
https://www.robloxxexx.ga/

143 B
443 B

735ms
8ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.robloxxexx.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6b7bcdd25e6d02721c70dbee3b8fef73fab10dc9ceb751887c63d4f40500a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 96
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 12:47:28 GMT
etag: "c1c3af7d1fad5fb0c02f1fe11ebd687ff3f6c40c82435510ea8dac5fb0148cf4-br"
last-modified: Sun, 04 Dec 2022 14:15:11 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230128-FRA
x-timer: S1684327649.512140,VS0,VE1

Redirect headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41
content-type: text/plain; charset=utf-8
date: Wed, 17 May 2023 12:47:27 GMT
location: https://www.robloxxexx.ga/
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230034-FRA
x-timer: S1684327648.776065,VS0,VE1

GET
H2 200 Primary Request / Show response
www.robloxxexx.ml/ 546 B
617 B 828ms
9ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.robloxxexx.ml/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2174a842a277d5d453202f3e93c0daaa2a063b264798f249c262aae198eea559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.robloxxexx.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 268
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 12:47:31 GMT
etag: "fade9e8c560fc77e0851f56f7fe8b67cfc468b04603d37e7e758f63d9a867ede-br"
last-modified: Sun, 04 Dec 2022 11:43:06 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230058-FRA
x-timer: S1684327651.346980,VS0,VE1

GET
H2 200 yIufBn.js Show response
d1j9qsxe04m2ki.cloudfront.net/ 24 KB
7 KB 393ms
350ms Script
application/javascript 2600:9000:2250:d000:7:68d6:a080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Requested by: Host: www.robloxxexx.ml
URL: https://www.robloxxexx.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:7:68d6:a080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.robloxxexx.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:31 GMT
content-encoding: gzip
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Sat, 13 May 2023 22:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 91
etag: W/"2bfd2a5b8ac2dbc95efed9f39bf259ff"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-id: bK_CMAtiEx5WOIC5XoIk31AXm2s0-beNonkIbPGwjzNWOx3ipN8o_w==

GET
H2 200 html.3266384.d67e9.0.js Show response
d3ikgzh4osba2b.cloudfront.net/public/external/v2/ 26 KB
26 KB 349ms
321ms Script
application/javascript 2600:9000:223d:3800:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/v2/html.3266384.d67e9.0.js
Requested by: Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 24a5a101c055741a9469d4f1cb0670a46c34d72589802e31a98b977a4907a83b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.robloxxexx.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:32 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA56-P3
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: sSbHMfjoYCfxS8YjM4mMdnX8CoeKn3QW1eZqe0_G5NnQzVG4sF2yMg==

GET
H2 200 css_front.css
d3ikgzh4osba2b.cloudfront.net/public/external/ 6 KB
7 KB 187ms
160ms Stylesheet
text/css 2600:9000:223d:3800:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/css_front.css
Requested by: Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.robloxxexx.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:31 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA56-P3
etag: "19c4-5a8c5e62e9d0a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: C8VEoJDvACz4sAjfyeRaJ8jeLTnCVIEplz_uoF5CydHQABrpe14elg==

GET
H2 200 css.css
d3ikgzh4osba2b.cloudfront.net/public/clockers/PrimeApps/ 1010 B
1 KB 311ms
311ms Stylesheet
text/css 2600:9000:223d:3800:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by: Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.robloxxexx.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:32 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA56-P3
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: aOuHHlgDqljvEBUU8OgRrNkpD8_Utxw5wzrGDeFjNh8-Z2Kz0US3OA==

GET
H2 200 guid Show response
d3ikgzh4osba2b.cloudfront.net/public/ 0
277 B 312ms
311ms Script
text/html 2600:9000:223d:3800:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/guid?cpguid=c4jbeixy7&e=ll&t=1684327652763
Requested by: Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.robloxxexx.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:32 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA56-P3
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: t8Ko-zxjnN3Ozxq-LgHrTK7YrURq-X6lIV4WbLVT2gmijcKSgT_eOQ==

GET
H2 200 ct Show response
d3ikgzh4osba2b.cloudfront.net/public/ Frame 6342 56 KB
57 KB 370ms
368ms Document
text/html 2600:9000:223d:3800:15:7da0:ecc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Requested by: Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/yIufBn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:15:7da0:ecc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: ca89209e8cd9af2ff818a793c3ec660d24fe6bfeb320369cba59f388362d9b6d

Request headers

Referer: https://www.robloxxexx.ml/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-transform
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 12:47:33 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-id: lOmTvRdmLroYLmvF4r01L6UZsHCLO1eB5-xtckD0kjXsohVti1CJ2w==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-powered-by: PHP/7.4.11

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 6342 84 KB
30 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 12:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 12:04:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6342 13 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:400,700|Roboto:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddd652ec33cdb740350e85217b58c6abf7986b215301964a11489dd1e4a7c706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 12:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 12:29:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 12:47:33 GMT

GET
H/1.1 200
OK font-awesome.min.css
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/font-awesome/ Frame 6342 27 KB
27 KB 483ms
162ms Stylesheet
text/css 52.219.113.48

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/font-awesome/font-awesome.min.css
Requested by: Host: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.113.48 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 12:47:34 GMT
x-amz-version-id: ePIWjfMKtCaP4bDE.eZHRaP_PF6hOabL
Last-Modified: Mon, 20 Jul 2020 19:18:06 GMT
Server: AmazonS3
x-amz-request-id: 7SRVA6DT5BEH94MG
ETag: "8f6faef8ee84c7d1bad83516f21d84a7"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 27502
x-amz-id-2: mivtvMd5IE3l1jBCWIvFfBevlpeeBRkBW3ia0SgezWJcyi58PQdgdGyhGDkPxGzEyEOlhvQNPco=

GET
H2 200 sweetalert2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/ Frame 6342 22 KB
7 KB 31ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/sweetalert2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341326dbaf8c5609cfa4147f8dd98cd28ad17af3fb8f6e87a070b720f5bf4fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 54338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6413
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-586e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVbhHKOLqTJlMnAabOYkdcyenj%2Bm9bhNtMgTCNF22wg64ifnlKzqqsfFRzzRvqrLqIQOZxWf2yNKYWBf5zWe2NDs3NTh%2BvOFxWgOt34rNKouWDdd%2BzDSDViH6MM%2FmCIBsZ0GBWkiTsEh4xaX4FHTBvco"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c8bf8384c4191ea-FRA
expires: Mon, 06 May 2024 12:47:33 GMT

GET
H2 200 sweetalert2.min.css
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/ Frame 6342 15 KB
3 KB 29ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.6.6/sweetalert2.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce068a9212a95f34ab3f25d57dccc787281c3d21f28470fe3d25a7ab72d91c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1614359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2411
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-3a93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFCo9FzCZ08sf2vQf%2BIUtZiCWCP61%2BSGXm2ngVq1ZGUHC3%2B5bRdwBtzD64bs5QWc8aXa2mHhKrkk9OAES5nGuCwfKaPigN%2B1GGkcdDbQiJopcp7ofiDXFwSeCzLh9CamlHhuHMWhCq%2Fsoo0%2F%2BO2CirNW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c8bf8384c3f91ea-FRA
expires: Mon, 06 May 2024 12:47:33 GMT

GET
H2 200 core.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ Frame 6342 232 KB
42 KB 32ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 12:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 576431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42723
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3a1e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL7lOkeHd6ttumGNALJPEHS%2F5WDThwdSbMaUVwKFmJbeASl8TJIYSbrTyi809ciDZdlwQYfJGvrLj0czlHd0mLD8VOTjlTPI%2FaQNaO%2F6SL5y5KtvIfto%2BiaA%2BP4M%2BhpIITECptpmsDkkKXeCz5zyau%2BN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c8bf8384c4391ea-FRA
expires: Mon, 06 May 2024 12:47:33 GMT

GET
H/1.1 200
OK colorpicker.js
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/js/ Frame 6342 8 KB
0 498ms
168ms Script
text/javascript 52.219.113.48

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/js/colorpicker.js
Requested by: Host: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.113.48 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 12:47:34 GMT
x-amz-version-id: qFIBPe4Zod1AureDpJG1XaQIW1Qq766s
Last-Modified: Mon, 20 Jul 2020 19:18:06 GMT
Server: AmazonS3
x-amz-request-id: 7SRJ7XGNWWA5A4T1
ETag: "96e6db8dd2c341f8aee73603eccea3b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 17175
x-amz-id-2: 3cXLDEBeQtxD7BZ4m6CXy8Tqd8ynp0TS4wQM4yoKkxQN7Rr9jC5gbG38u6Xca0GUAerS2B5o5xk=

GET
H/1.1 200
OK colorpicker.css
s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/css/ Frame 6342 3 KB
4 KB 488ms
166ms Stylesheet
text/css 52.219.113.48

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/themes/startui/css/lib/colorpicker/css/colorpicker.css
Requested by: Host: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.113.48 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8157923832e020c3a4ed7ef85ad7d032d7b1b03b02e5502dce8ac9af9cedea53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 12:47:34 GMT
x-amz-version-id: hOb.o1RIbFLjoUZHs0hFqKqWfq13uMQ1
Last-Modified: Mon, 20 Jul 2020 19:18:06 GMT
Server: AmazonS3
x-amz-request-id: 7SRZZW0HZVD3NCQP
ETag: "88ad8a6ad0054fcfa70e25a6c2474272"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3181
x-amz-id-2: C4c6IYe2ruHznsosUlmHdTnKcVATm0V90XCByLfuRxyeuVoLSdG0XC7Fi7A8jacZSN02tQkoTrM=

GET
H/1.1 200
OK 151981978211ad81ad9b8c843e4b3c3052a8d6138c.css
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/ Frame 6342 8 KB
0 493ms
167ms Stylesheet
text/css 52.219.113.48

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/151981978211ad81ad9b8c843e4b3c3052a8d6138c.css
Requested by: Host: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/ct?cpguid=c4jbeixy7&it=3266384&w=1600&h=1200&key=d67e9&m=0&r=%1D%01%01%05%06OZZ%02%02%02%5B%07%1A%17%19%1A%0D%0D%10%0D%0D%5B%12%14Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.113.48 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3ikgzh4osba2b.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 12:47:34 GMT
x-amz-version-id: mEuybZeBqZEWEnAJn0ikiMLlTy4658dV
Last-Modified: Mon, 20 Jul 2020 19:44:07 GMT
Server: AmazonS3
x-amz-request-id: 7SRZYTDGYSFMK857
ETag: "4ee41ce0944001dd398a94528668aa9b"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 22376
x-amz-id-2: yZOIXE1rDgqPU/yy6MF0yypGZj/yaQ4bgwCtozWGZpflpMKNqfopABSXsEn1t0rhn71fliAU6GI=

GET 151999678694833b4c5a49a55ef7f9224b286820f0.js
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/ Frame 6342 0
0

GET 150170764295f591d2e1daeb4fda0985149aa31c04.png
s3.us-west-1.amazonaws.com/cloudfls.co/uploads/ Frame 6342 0
0

GET guid.js
d3ikgzh4osba2b.cloudfront.net/public/external/ Frame 6342 0
0

GET impression.php
d3ikgzh4osba2b.cloudfront.net/public/external/ 0
0

GET guid
d3ikgzh4osba2b.cloudfront.net/public/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.us-west-1.amazonaws.com
URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/assets/151999678694833b4c5a49a55ef7f9224b286820f0.js

Domain: s3.us-west-1.amazonaws.com
URL: https://s3.us-west-1.amazonaws.com/cloudfls.co/uploads/150170764295f591d2e1daeb4fda0985149aa31c04.png

Domain: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/guid.js

Domain: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/external/impression.php?it=3266384&time=1684327653767

Domain: d3ikgzh4osba2b.cloudfront.net
URL: https://d3ikgzh4osba2b.cloudfront.net/public/guid?cpguid=c4jbeixy7&e=opl&t=1684327653767

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.robloxxexx.ml/	1970-01-20 12:06:31	Name: _cpguid Value: c4jbeixy7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
d1j9qsxe04m2ki.cloudfront.net
d3ikgzh4osba2b.cloudfront.net
fonts.googleapis.com
robloxxexx.ga
s3.us-west-1.amazonaws.com
www.robloxxexx.ga
www.robloxxexx.ml
d3ikgzh4osba2b.cloudfront.net
s3.us-west-1.amazonaws.com
199.36.158.100
2600:9000:223d:3800:15:7da0:ecc0:21
2600:9000:2250:d000:7:68d6:a080:21
2606:4700::6811:190e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
52.219.113.48
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2174a842a277d5d453202f3e93c0daaa2a063b264798f249c262aae198eea559
24a5a101c055741a9469d4f1cb0670a46c34d72589802e31a98b977a4907a83b
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
341326dbaf8c5609cfa4147f8dd98cd28ad17af3fb8f6e87a070b720f5bf4fe9
8157923832e020c3a4ed7ef85ad7d032d7b1b03b02e5502dce8ac9af9cedea53
a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ca89209e8cd9af2ff818a793c3ec660d24fe6bfeb320369cba59f388362d9b6d
ce068a9212a95f34ab3f25d57dccc787281c3d21f28470fe3d25a7ab72d91c7b
ddd652ec33cdb740350e85217b58c6abf7986b215301964a11489dd1e4a7c706
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6b7bcdd25e6d02721c70dbee3b8fef73fab10dc9ceb751887c63d4f40500a5e

www.robloxxexx.ml Open in urlscan Pro 199.36.158.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

77 %HTTPS

71 %IPv6

6 Domains

9 Subdomains

8 IPs

2 Countries

214 kBTransfer

527 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.robloxxexx.ml Open in urlscan Pro
199.36.158.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

77 %
HTTPS

71 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

214 kB
Transfer

527 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!