Submitted URL: https://rbx24.shop.thewellnessdot.com/
Effective URL: https://rbx24.shop/
Submission Tags: phishingrod
Submission: On June 17 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 66.29.152.206, located in United States and belongs to NAMECHEAP-NET, US. The main domain is rbx24.shop.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time rbx24.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Roblox (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 20 66.29.152.206 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
21 3
Apex Domain
Subdomains
Transfer
19 rbx24.shop
rbx24.shop
2 MB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
250 B
1 thewellnessdot.com
rbx24.shop.thewellnessdot.com
393 B
21 3
Domain Requested by
19 rbx24.shop rbx24.shop
1 www.google-analytics.com rbx24.shop
1 rbx24.shop.thewellnessdot.com 1 redirects
21 3

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
*.rbx24.shop
R11
2024-06-16 -
2024-09-14
3 months crt.sh
*.google-analytics.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://rbx24.shop/
Frame ID: 6995899DCC04381E99C338ACA38E7A6A
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Free Robux - Roblox 24

Page URL History Show full URLs

  1. https://rbx24.shop.thewellnessdot.com/ HTTP 301
    https://rbx24.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Page Statistics

21
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2382 kB
Transfer

2747 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rbx24.shop.thewellnessdot.com/ HTTP 301
    https://rbx24.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rbx24.shop/
Redirect Chain
  • https://rbx24.shop.thewellnessdot.com/
  • https://rbx24.shop/
81 KB
21 KB
Document
General
Full URL
https://rbx24.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
8e1a08772d01e3cf2e34d1af20d987fd157e346224965f07a0289d18033a0869

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private, must-revalidate, public
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jun 2024 00:22:45 GMT
ETag
W/"14583-618e7119b7003"
Expires
Mon, 17 Jun 2024 00:22:45 GMT
Last-Modified
Mon, 20 May 2024 18:42:52 GMT
Link
</wp-content/cache/minify/d52ed.js>; rel=preload; as=script </wp-content/cache/minify/f5b9c.js>; rel=preload; as=script </wp-content/cache/minify/19979.js>; rel=preload; as=script </wp-content/cache/minify/69ec8.css>; rel=preload; as=style
Pragma
public
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding,Cookie

Redirect headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Jun 2024 00:22:44 GMT
Expires
Mon, 17 Jun 2024 01:22:44 GMT
Location
https://rbx24.shop/
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Vary
X-Forwarded-Proto,Accept-Encoding
X-Redirect-By
WordPress
d52ed.js
rbx24.shop/wp-content/cache/minify/
86 KB
35 KB
Script
General
Full URL
https://rbx24.shop/wp-content/cache/minify/d52ed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 11 May 2024 05:05:22 GMT
Server
nginx
ETag
W/"15601-618269974fd8f"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:45 GMT
f5b9c.js
rbx24.shop/wp-content/cache/minify/
307 KB
117 KB
Script
General
Full URL
https://rbx24.shop/wp-content/cache/minify/f5b9c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
d6566ab721cc5fb5c1b5615e399ac8ec76ebb930144a5319fbded050361ed928

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 11 May 2024 05:05:23 GMT
Server
nginx
ETag
W/"4ca2c-61826997eb6e1"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:45 GMT
19979.js
rbx24.shop/wp-content/cache/minify/
21 KB
7 KB
Script
General
Full URL
https://rbx24.shop/wp-content/cache/minify/19979.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
42b85c7084ed3e32f76b3a23755b48338606bd8e65c8acfa83bc599a3dad54fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 11 May 2024 05:05:23 GMT
Server
nginx
ETag
W/"55c5-618269982a335"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:45 GMT
69ec8.css
rbx24.shop/wp-content/cache/minify/
12 KB
3 KB
Stylesheet
General
Full URL
https://rbx24.shop/wp-content/cache/minify/69ec8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
199fa3b04a4a8de9a5dd741992c168af4c5a306ddddee84450e9d584168028f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 11 May 2024 08:58:17 GMT
Server
nginx
ETag
W/"318a-61829da6fc485"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
public, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:44 GMT
lazyload.min.js
rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/
6 KB
3 KB
Script
General
Full URL
https://rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 27 Apr 2024 02:23:55 GMT
Server
nginx
ETag
W/"1883-6170ab646f816"
Transfer-Encoding
chunked
Vary
Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:45 GMT
40dee4391224.google-fonts.css
rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/
15 KB
1 KB
Stylesheet
General
Full URL
https://rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/40dee4391224.google-fonts.css
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
a16e1b2beab3de777c2484f64f8ab7c2229d35cdfa804026df0e6dde52f2a87d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 27 Apr 2024 02:24:32 GMT
Server
nginx
ETag
W/"3bdb-6170ab87dba78"
Transfer-Encoding
chunked
Vary
Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
Content-Type
text/css
Cache-Control
public, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:44 GMT
7cd5dde5-c878-45fe-b4a7-aa2d9f3deafd
https://rbx24.shop/
1 KB
0
Other
General
Full URL
blob:https://rbx24.shop/7cd5dde5-c878-45fe-b4a7-aa2d9f3deafd
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9643fa64a4979f7742feca04bb71b1b9ea1328feb9e7f62f879dd4c71ae440b7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0eb1a28c692ef1b05f3d3c3ca20e8dc999b0dec94dffec3b3896ba5bea2a17a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf69f969c85107828b863ad90f70534c60fc64cbb1a7f3e28d78692d8854db5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
body-bg.jpg
rbx24.shop/wp-content/uploads/2024/04/
435 KB
436 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/body-bg.jpg
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/wp-content/cache/minify/69ec8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/wp-content/cache/minify/69ec8.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 17 Apr 2024 03:43:14 GMT
Server
nginx
ETag
"6cca2-61642a77f6ed7"
Vary
X-Forwarded-Proto,Accept
Content-Type
image/jpeg
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
445602
Expires
Tue, 17 Jun 2025 00:22:45 GMT
wp-emoji-release.min.js
rbx24.shop/wp-includes/js/
18 KB
6 KB
Script
General
Full URL
https://rbx24.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 13 Feb 2024 20:06:08 GMT
Server
nginx
ETag
W/"4926-61148ecc64c00"
Transfer-Encoding
chunked
Vary
Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, public
Connection
keep-alive
Expires
Tue, 17 Jun 2025 00:22:45 GMT
40dee4391224.google-fonts.css
rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/
15 KB
0
Stylesheet
General
Full URL
https://rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/40dee4391224.google-fonts.css
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
a16e1b2beab3de777c2484f64f8ab7c2229d35cdfa804026df0e6dde52f2a87d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:45 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 27 Apr 2024 02:24:32 GMT
Server
nginx
ETag
W/"3bdb-6170ab87dba78"
Vary
Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
Content-Type
text/css
Cache-Control
public, public
Expires
Tue, 17 Jun 2025 00:22:44 GMT
collect
www.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DQZL4CVEFC&gtm=45je4580v9183781306za200&_p=1718583765869&gcd=13l3l3l3l1&npa=0&dma=0&cid=955571209.1718583766&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718583766&sct=1&seg=0&dl=https%3A%2F%2Frbx24.shop%2F&dt=Free%20Robux%20-%20Roblox%2024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3302
Requested by
Host: rbx24.shop
URL: https://rbx24.shop/wp-content/cache/minify/f5b9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 00:22:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rbx24.shop
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
roblox-free-robux-logo-02-02-02.png
rbx24.shop/wp-content/uploads/2024/04/
5 KB
5 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/roblox-free-robux-logo-02-02-02.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
0689bc07f3ebb04f21f50f7c7ad61c48e47c71792d90725e31dd9b4323508ad7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 17 Apr 2024 05:04:26 GMT
Server
nginx
ETag
"1233-61643c9f1f9a1"
Vary
X-Forwarded-Proto,Accept
Content-Type
image/png
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4659
Expires
Tue, 17 Jun 2025 00:22:45 GMT
robux-coins1.png
rbx24.shop/wp-content/uploads/2024/04/
376 KB
376 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/robux-coins1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
29f1089e204095ce116fe339f942b77f319e8d4334a559dd55a9248d98d22521

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 17 Apr 2024 04:26:38 GMT
Server
nginx
ETag
"5dedc-6164342b643c1"
Vary
X-Forwarded-Proto,Accept
Content-Type
image/png
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
384732
Expires
Tue, 17 Jun 2025 00:22:45 GMT
blox-fruits.webp
rbx24.shop/wp-content/uploads/2024/05/
67 KB
67 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/05/blox-fruits.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
f6b688a625c27a4dc1e94d7af2a9d0d1315976bc855042d4c16af07e73c84ffa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 20 May 2024 17:48:18 GMT
Server
nginx
ETag
"10b0e-618e64e81414e"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68366
Expires
Tue, 17 Jun 2025 00:22:45 GMT
Robux-for-Cheap.webp
rbx24.shop/wp-content/uploads/2024/04/
254 KB
254 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/Robux-for-Cheap.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
ae0748e4c760de4ea992541a1c4f9ac7cd7b5da6e2a55542975b4e6bad7fef65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 26 Apr 2024 18:48:53 GMT
Server
nginx
ETag
"3f844-617045af7cd58"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
260164
Expires
Tue, 17 Jun 2025 00:22:45 GMT
how-to-get-free-robux-easyv.webp
rbx24.shop/wp-content/uploads/2024/04/
228 KB
228 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/how-to-get-free-robux-easyv.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
7c91b19d6ddf763205b220003c87c913eb7a0326796af3e4d1248a53f088dcca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 21 Apr 2024 04:26:30 GMT
Server
nginx
ETag
"38e60-61693b9a1af9f"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
233056
Expires
Tue, 17 Jun 2025 00:22:45 GMT
discounted-robux.webp
rbx24.shop/wp-content/uploads/2024/04/
296 KB
297 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/discounted-robux.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
c70539ae9fee01aa36ca10b23ea8f8d32d816c0f97ef401e8f2d38e4f41c9e34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 21 Apr 2024 04:02:28 GMT
Server
nginx
ETag
"4a1fa-6169363ae0514"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
303610
Expires
Tue, 17 Jun 2025 00:22:46 GMT
roblox-com-for-free.webp
rbx24.shop/wp-content/uploads/2024/04/
310 KB
311 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/roblox-com-for-free.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
f80a22122de0449f98158f6291cd53dbe5a5e4fe09110c0a6da3ce05dbde553f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 21 Apr 2024 03:03:47 GMT
Server
nginx
ETag
"4d8a8-6169291cee99b"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
317608
Expires
Tue, 17 Jun 2025 00:22:46 GMT
robux-website.webp
rbx24.shop/wp-content/uploads/2024/04/
213 KB
213 KB
Image
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/robux-website.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
81d49f0befe25968e3debbbf415768aaaff460634828e3d18a4be19ae69ba0ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:47 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 19 Apr 2024 05:59:16 GMT
Server
nginx
ETag
"35222-6166cc9b8f5d1"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
image/webp
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217634
Expires
Tue, 17 Jun 2025 00:22:46 GMT
cropped-roblox-free-robux-logo-02-02-02-1-32x32.png
rbx24.shop/wp-content/uploads/2024/04/
1 KB
2 KB
Other
General
Full URL
https://rbx24.shop/wp-content/uploads/2024/04/cropped-roblox-free-robux-logo-02-02-02-1-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.comparetextbook.com
Software
nginx /
Resource Hash
61677804477e9c42fc846c8413a3eb9844349969dd909f4bc5fb448db0b65134

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rbx24.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 00:22:46 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 17 Apr 2024 05:34:50 GMT
Server
nginx
ETag
"4d4-61644369f7774"
Vary
X-Forwarded-Proto,Accept
Content-Type
image/png
Cache-Control
public, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1236
Expires
Tue, 17 Jun 2025 00:22:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Roblox (Gaming)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| gpSmoothScroll object| generatepressMenu object| jh_disabled_options_data boolean| pmDOMLoaded string| pmClickTarget function| pmTriggerDOMListener function| pmTriggerDelayedScripts function| pmDelayEventListeners function| pmDelayJQueryReady function| pmProcessDocumentWrite function| pmSortDelayedScripts function| pmPreloadDelayedScripts function| pmLoadDelayedScripts function| pmReplaceScript function| pmTriggerEventListeners function| pmNextFrame function| pmClickHandler function| pmReplayClicks function| pmTouchStartHandler function| pmTouchMoveHandler function| pmTouchEndHandler function| pmRenameDOMAttribute number| w3tc_lazyload object| lazyLoadOptions object| gpscroll function| SmoothScroll object| twemoji object| wp function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof object| google_tag_manager object| google_tag_data function| LazyLoad function| onYouTubeIframeAPIReady object| gaGlobal boolean| pmPersisted

2 Cookies

Domain/Path Name / Value
.rbx24.shop/ Name: _ga_DQZL4CVEFC
Value: GS1.1.1718583766.1.0.1718583766.0.0.0
.rbx24.shop/ Name: _ga
Value: GA1.1.955571209.1718583766

1 Console Messages

Source Level URL
Text
javascript warning URL: https://rbx24.shop/
Message:
The resource https://rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rbx24.shop
rbx24.shop.thewellnessdot.com
www.google-analytics.com
2a00:1450:4001:82b::200e
66.29.152.206
0689bc07f3ebb04f21f50f7c7ad61c48e47c71792d90725e31dd9b4323508ad7
199fa3b04a4a8de9a5dd741992c168af4c5a306ddddee84450e9d584168028f9
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
29f1089e204095ce116fe339f942b77f319e8d4334a559dd55a9248d98d22521
42b85c7084ed3e32f76b3a23755b48338606bd8e65c8acfa83bc599a3dad54fd
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61677804477e9c42fc846c8413a3eb9844349969dd909f4bc5fb448db0b65134
7c91b19d6ddf763205b220003c87c913eb7a0326796af3e4d1248a53f088dcca
81d49f0befe25968e3debbbf415768aaaff460634828e3d18a4be19ae69ba0ff
8e1a08772d01e3cf2e34d1af20d987fd157e346224965f07a0289d18033a0869
9643fa64a4979f7742feca04bb71b1b9ea1328feb9e7f62f879dd4c71ae440b7
a16e1b2beab3de777c2484f64f8ab7c2229d35cdfa804026df0e6dde52f2a87d
aaf69f969c85107828b863ad90f70534c60fc64cbb1a7f3e28d78692d8854db5
ae0748e4c760de4ea992541a1c4f9ac7cd7b5da6e2a55542975b4e6bad7fef65
c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e
c70539ae9fee01aa36ca10b23ea8f8d32d816c0f97ef401e8f2d38e4f41c9e34
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d6566ab721cc5fb5c1b5615e399ac8ec76ebb930144a5319fbded050361ed928
e0eb1a28c692ef1b05f3d3c3ca20e8dc999b0dec94dffec3b3896ba5bea2a17a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6b688a625c27a4dc1e94d7af2a9d0d1315976bc855042d4c16af07e73c84ffa
f80a22122de0449f98158f6291cd53dbe5a5e4fe09110c0a6da3ce05dbde553f