urlscan.io logo urlscan.io
SecurityTrails logo

rbgen.com Open in urlscan Pro
172.67.190.62  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://rbgen.com/
Submission: On August 16 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 172.67.190.62, located in United States and belongs to CLOUDFLARENET, US. The main domain is rbgen.com.
TLS certificate: Issued by WE1 on August 11th 2024. Valid for: 3 months.
This is the only time rbgen.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Roblox (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 7 172.67.190.62 13335 (CLOUDFLAR...)
1 2600:9000:220... 16509 (AMAZON-02)
1 2600:1401:d00... 20940 (AKAMAI-ASN1)
8 3
Apex Domain
Subdomains		 Transfer
7 rbgen.com
rbgen.com
8 KB
1 rbxcdn.com
images.rbxcdn.com — Cisco Umbrella Rank: 15227
436 KB
1 cloudfront.net
d266key948fg17.cloudfront.net
15 KB
8 3
Domain Requested by
7 rbgen.com 1 redirects rbgen.com
1 images.rbxcdn.com rbgen.com
1 d266key948fg17.cloudfront.net rbgen.com
8 3

This site contains no links.

Subject Issuer Validity Valid
rbgen.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.rbxcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-07-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rbgen.com/
Frame ID: 2A51A185923A91CC6F3D3A2D649538D7
Requests: 6 HTTP requests in this frame

Frame: https://rbgen.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js
Frame ID: D82C3105A29DC8D37DB8B9202386CE04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roblox

Page Statistics

8
Requests

88 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

459 kB
Transfer

462 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://rbgen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://rbgen.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rbgen.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ffd7db8a64c91a5373d6003b05203812164f52ea60a4a04657963792ae7cb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b42803feb8636d2-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Aug 2024 15:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoT60VqPHLszTRnxiA1iFeNaoJxqW0mtqsTGVqmYJwn9l%2BSHsuJvkJfCegO%2FV5jaRlyHvIKjF%2FBcoyjDWA84VfXXghRwSaHxWbytMkU7qGKzM7lokeyWN0jlJ8w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
styles.css
rbgen.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/styles.css
Requested by
Host: rbgen.com
URL: https://rbgen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://rbgen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 15:36:38 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoJU577wPAg8e7lEfBlxtSzpkd3wTYpqjxwCZWZZEHXFRW5kUM7mLEgOZIjJ3X%2BpT602aQlXh%2FYqs7txb3ct1tvs78BEWultKR%2BJzI9JP36%2FEDxS1Q5OuAsBSAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
8b428047fa6a36d2-YYZ
alt-svc
h3=":443"; ma=86400
162668224932d745224966b28470dd34f3adf9c16b.jpg
d266key948fg17.cloudfront.net/uploads/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d266key948fg17.cloudfront.net/uploads/162668224932d745224966b28470dd34f3adf9c16b.jpg
Requested by
Host: rbgen.com
URL: https://rbgen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:3600:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2984f54d729ef3d5fc2e1cf54b1eb321f2edf9f1910267ada7eb50657a7a7cb6

Request headers

Referer
https://rbgen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
jngTf.DHQKTybzySfm.kWaQKBe4iUTsJ
date
Fri, 16 Aug 2024 15:28:28 GMT
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 08:10:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
491
etag
"facf8b62e186ce9d19bc93eda1c563cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpg
accept-ranges
bytes
content-length
14913
x-amz-cf-id
N73SoiSUvZ8o5fT5kR5vRtriKPie63hXEZ6eOnn1UxjHy9hNBZHsaw==
scripts.js
rbgen.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/scripts.js
Requested by
Host: rbgen.com
URL: https://rbgen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://rbgen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 15:36:38 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s0DuuaaQtRUeF4sWVigo2YQfz4kp%2BxV2xrDO%2BmkA6SN2LUfuXcd3tHKWVUSMghlkIrheHI3RkyGgy%2BZm697Zxivh%2BZHpgDdMUDZzpqRAijxJnR0%2FzfA9gMHh8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
8b428047fa6d36d2-YYZ
alt-svc
h3=":443"; ma=86400
782b7fc18a24ee997efd9a7f02fa4bf9-bg_08072019.jpg
images.rbxcdn.com/ 		435 KB
436 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.rbxcdn.com/782b7fc18a24ee997efd9a7f02fa4bf9-bg_08072019.jpg
Requested by
Host: rbgen.com
URL: https://rbgen.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1401:d000:5::17c9:22c5 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e

Request headers

Referer
https://rbgen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TdbpQdhtcEFlPB5uZ7cnbI7.cIZ.kWh3
date
Fri, 16 Aug 2024 15:36:39 GMT
last-modified
Fri, 23 Aug 2019 01:04:23 GMT
server
AmazonS3
x-amz-request-id
DWJ12XFJB1VAJVXH
etag
"782b7fc18a24ee997efd9a7f02fa4bf9"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0,"failure_fraction":0.05}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
content-type
image/jpeg
cache-control
public, max-age=30850598
accept-ranges
bytes
akamai-request-bc
[a=23.198.9.197,b=230610954,c=g,n=US_MA_BILLERICA,o=20940]
content-length
445602
x-amz-id-2
u1WXXmHLHTdmORRB/AAK7J7sRUX+hua0ls6XrUakl72pVoGGYunaF1HK494Y6VuyKNyFACKAzqM=
rbx-cdn-provider
ak
main.js
rbgen.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/ Frame D82C
Redirect Chain
  • https://rbgen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://rbgen.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
Requested by
Host: rbgen.com
URL: https://rbgen.com/
Protocol
H3
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d58b005d19a00cd4ae02bf203debf77c6538a50494f7991133dc966e00c2559
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 15:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pet1LXpKBNg7J5HFvh6n6INUsnx9Rg0FHxOx32hOELDf6xKcxf33ajZFRdtdlaaJldsf6w7TrWBAQ1dYwWC82RSTegPaBEHPqAtfS0PbOA2hlWG2NreAO%2BdcDpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b42804b5dca36d2-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 16 Aug 2024 15:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqs12OXf%2FX2Erw1v%2B%2BKiHfsvn5hyU1r6DwxrsoNI04XOoer2VMPtVtJhT%2BFBXdedWRomabnC1qWdFzQYahDSHo3VXUixB0QbxsNPxZGE3khv2OXwdNA3K0D4Gdw%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ba7376691753/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b42804aed4a36d2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
8b42803feb8636d2
rbgen.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D82C 		0
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b42803feb8636d2
Requested by
Host: rbgen.com
URL: https://rbgen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 15:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MbAPb%2FXKQ0ck5ePYWoESDy5FKmJ%2BmbmxaBdO6NQTvGr3vMiNGAHAezDjwbx4TrVz%2FYqlDi0wE6nPrb90%2FTTAXatY%2FNRs6177UrHwWKaqz%2F3J1f0x6phwgJtEDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8b42804faa1436d2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
rbgen.com/ 		525 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rbgen.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb7faf06f9d66b671a030ad6a5927119bddfc43fa473b9b9dae463f8175da43

Request headers

Referer
https://rbgen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 15:36:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 Feb 2020 16:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
64030
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFTzchS%2BJmjwXnYpNM4On7NHZoE9ozYUBHKQJUq94g3%2F17BRBC5d4boIaCSFxvhE7TxRiT7PGmyItROTrHX3aWZh66Vh%2FO%2B4OPZGcGGCnN3kzjSE49DRwg8I2Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8b42804fca3136d2-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Aug 2024 21:49:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Roblox (Gaming)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.rbgen.com/ Name: cf_clearance
Value: xCXjcH8N8JFcVCcjiE6BvMXN049ZrnOr.ETyfaW6xjc-1723822599-1.0.1.1-rU8tvopqAdB5H4hsVZQkF22oKi18UUA2cv3NDHAk9jles4KLFZUlhhNG.SLQnQWirGzT_A0CUQsYlEvn_TUTFA

2 Console Messages

Source Level URL
Text
network error URL: https://rbgen.com/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rbgen.com/scripts.js
Message:
Failed to load resource: the server responded with a status of 404 ()