![](/screenshots/a9bffe57-9cf0-48c0-9ce3-4b56e0489a36.png)
roblox.com.kz
Open in
urlscan Pro
185.17.0.88
Public Scan
Submission Tags: @phish_report
Submission: On September 04 via api from FI — Scanned from FI
Summary
This is the only time roblox.com.kz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 185.17.0.88 185.17.0.88 | 210644 (AEZA-AS) (AEZA-AS) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3030::ac43:d3b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 185.56.234.205 185.56.234.205 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
3 | 2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
17 | 11 |
ASN210644 (AEZA-AS, RU)
PTR: posh-cream.aeza.network
roblox.com.kz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
roblox.com.kz
roblox.com.kz |
6 KB |
2 |
xngqoc.com
xngqoc.com — Cisco Umbrella Rank: 91065 |
|
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
23 KB |
1 |
qcsuoq.com
qcsuoq.com — Cisco Umbrella Rank: 426829 |
143 B |
1 |
kxshyo.com
kxshyo.com — Cisco Umbrella Rank: 284017 |
4 KB |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
ajfnee.com
ajfnee.com — Cisco Umbrella Rank: 135822 |
5 KB |
1 |
zvwhrc.com
zvwhrc.com — Cisco Umbrella Rank: 380159 |
7 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 733 |
30 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
1002 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033 |
25 KB |
17 | 11 |
Domain | Requested by | |
---|---|---|
3 | roblox.com.kz |
roblox.com.kz
|
2 | xngqoc.com |
ajfnee.com
|
2 | cdn.jsdelivr.net |
roblox.com.kz
|
1 | qcsuoq.com |
zvwhrc.com
|
1 | kxshyo.com |
roblox.com.kz
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | ajfnee.com |
roblox.com.kz
|
1 | zvwhrc.com |
roblox.com.kz
|
1 | code.jquery.com |
roblox.com.kz
|
1 | fonts.googleapis.com |
roblox.com.kz
|
1 | maxcdn.bootstrapcdn.com |
roblox.com.kz
|
17 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
zvwhrc.com GTS CA 1P5 |
2023-07-13 - 2023-10-11 |
3 months | crt.sh |
*.ajfnee.com GTS CA 1P5 |
2023-09-04 - 2023-12-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
kxshyo.com R3 |
2023-07-09 - 2023-10-07 |
3 months | crt.sh |
xngqoc.com R3 |
2023-06-30 - 2023-09-28 |
3 months | crt.sh |
qcsuoq.com R3 |
2023-06-30 - 2023-09-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://roblox.com.kz/create/chopbeamers
Frame ID: BD8DDD00E8854E571A0C44608EED85CF
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/a9bffe57-9cf0-48c0-9ce3-4b56e0489a36.png)
Page Title
CHOP BEAM - Link CreatorDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/SweetAlert2.png)
Detected patterns
- <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
- sweetalert2(?:\.all)?(?:\.min)?\.js
- /npm/sweetalert2@([\d.]+)
- sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
chopbeamers
roblox.com.kz/create/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 1002 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
roblox.com.kz/assets/createdual/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@11.1.2/dist/ |
63 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
roblox.com.kz/assets/createdual/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjExNjQyNzAsInNpZCI6MTI2Mzc1Niwid2lkIjo0ODA5MzQsInNyYyI6Mn0=eyJ.js
zvwhrc.com/na/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjExNjQyNzAsInNpZCI6MTI2Mzc1Niwid2lkIjo0ODA5MzMsInNyYyI6Mn0=eyJ.js
ajfnee.com/p/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
native.js
kxshyo.com/code/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
er
xngqoc.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cuload
xngqoc.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c9a202d1-48e6-456a-b8cb-72fa791834c0
http://roblox.com.kz/ |
91 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ntload
qcsuoq.com/ |
0 143 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trt
xngqoc.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- xngqoc.com
- URL
- https://xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNjQyNzAsInNpZCI6MTI2Mzc1Niwid2lkIjo0ODA5MzMsImQiOiJyb2Jsb3guY29tLnBzIiwibGkiOjF9&tz=3&if=0&u=aHR0cDovL3JvYmxveC5jb20ua3ovY3JlYXRlL2Nob3BiZWFtZXJz
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| $ function| jQuery function| _0x28a5 function| _0x115d2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
roblox.com.kz/ | Name: PHPSESSID Value: 4cm9n3l3rokjaflk5gg6gqg819 |
|
roblox.com.kz/ | Name: wxr_cookie Value: 4paR4paI4paI4pWX4paR4paR4paR4paR4paR4paR4paR4paI4paI4pWX4paI4paI4pWX4paR4paR4paI4paI4pWX4paI4paI4paI4paI4paI4paI4pWX4paR4oCD4oCD4paR4paI4paI4paI4paI4paI4pWX4paR4paI4paI4paI4pWX4paR4paR4paI4paI4pWX4oCD4oCD4paI4paI4paI4paI4paI4paI4paI4paI4pWX4paR4paI4paI4paI4paI4paI4pWX4paR4paI4paI4paI4paI4paI4paI4pWX4paRCuKWkeKWiOKWiOKVkeKWkeKWkeKWiOKWiOKVl+KWkeKWkeKWiOKWiOKVkeKVmuKWiOKWiOKVl+KWiOKWiOKVlOKVneKWiOKWiOKVlOKVkOKVkOKWiOKWiOKVl+KAg+KAg+KWiOKWiOKVlOKVkOKVkOKWiOKWiOKVl+KWiOKWiOKWiOKWiOKVl+KWkeKWiOKWiOKVkeKAg+KAg+KVmuKVkOKVkOKWiOKWiOKVlOKVkOKVkOKVneKWiOKWiOKVlOKVkOKVkOKWiOKWiOKVl+KWiOKWiOKVlOKVkOKVkOKWiOKWiOKVlwrilpHilZrilojilojilZfilojilojilojilojilZfilojilojilZTilZ3ilpHilZrilojilojilojilZTilZ3ilpHilojilojilojilojilojilojilZTilZ3igIPigIPilojilojilZHilpHilpHilojilojilZHilojilojilZTilojilojilZfilojilojilZHigIPigIPilpHilpHilpHilojilojilZHilpHilpHilpHilojilojilZHilpHilpHilojilojilZHilojilojilojilojilojilojilZTilZ0K4paR4paR4paI4paI4paI4paI4pWU4pWQ4paI4paI4paI4paI4pWR4paR4paR4paI4paI4pWU4paI4paI4pWX4paR4paI4paI4pWU4pWQ4pWQ4paI4paI4pWX4oCD4oCD4paI4paI4pWR4paR4paR4paI4paI4pWR4paI4paI4pWR4pWa4paI4paI4paI4paI4pWR4oCD4oCD4paR4paR4paR4paI4paI4pWR4paR4paR4paR4paI4paI4pWR4paR4paR4paI4paI4pWR4paI4paI4pWU4pWQ4pWQ4pWQ4pWd4paRCuKWkeKWkeKVmuKWiOKWiOKVlOKVneKWkeKVmuKWiOKWiOKVlOKVneKWkeKWiOKWiOKVlOKVneKVmuKWiOKWiOKVl+KWiOKWiOKVkeKWkeKWkeKWiOKWiOKVkeKAg+KAg+KVmuKWiOKWiOKWiOKWiOKWiOKVlOKVneKWiOKWiOKVkeKWkeKVmuKWiOKWiOKWiOKVkeKAg+KAg+KWkeKWkeKWkeKWiOKWiOKVkeKWkeKWkeKWkeKVmuKWiOKWiOKWiOKWiOKWiOKVlOKVneKWiOKWiOKVkeKWkeKWkeKWkeKWkeKWkQrilpHilpHilpHilZrilZDilZ3ilpHilpHilpHilZrilZDilZ3ilpHilpHilZrilZDilZ3ilpHilpHilZrilZDilZ3ilZrilZDilZ3ilpHilpHilZrilZDilZ3igIPigIPilpHilZrilZDilZDilZDilZDilZ3ilpHilZrilZDilZ3ilpHilpHilZrilZDilZDilZ3igIPigIPilpHilpHilpHilZrilZDilZ3ilpHilpHilpHilpHilZrilZDilZDilZDilZDilZ3ilpHilZrilZDilZ3ilpHilpHilpHilpHilpE= |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajfnee.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
kxshyo.com
maxcdn.bootstrapcdn.com
qcsuoq.com
roblox.com.kz
xngqoc.com
zvwhrc.com
xngqoc.com
185.17.0.88
185.56.234.205
2001:4de0:ac18::1:a:2a
2606:4700:3030::ac43:d3b9
2606:4700::6810:5814
2606:4700::6812:acf
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
2a02:b4a:1:7::9274:1
2a06:98c1:3120::3
13dae7e9197d0d076bc6f5d6ac61a50120273ddbecf767328c0f92f278e27e03
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
5848f66b6538bc8fc2aeba307e00c5cc31717d8480d4c892dbbb9b9628d93967
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c555a50242cf7b2e70331638398d375687607a25e1083703c6902d35e7cf026
79fa5bac8d8baa2dac2f92f9913ef0b7a9bb0763acc65ac7e2c0be7b56c1124e
91f97f690e8cd188a289614dd9c611567220796c84b91433de70999b39b4a1db
a4d9ae3c52fd786d0882fc6864f51296514fee49d56270d02621134959559645
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0ec89025105eca3ada6c3b70cd87bf663b08d0eda217b795266fab91f227678
c27f93755ed5378f912cc91c577c981c81804ea27f09ef1007bf65a0c3c59db9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66f0f10ac757cfcb01e5b21799b034ea361f87966d83d3ffae587ea5bf03b06
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e