rbx24.shop Open in urlscan Pro
66.29.152.206 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rbx24.shop.thewellnessdot.com/
Effective URL:
https://rbx24.shop/
Submission Tags: phishingrod
Submission: On June 17 via api (June 17th 2024, 12:56:41 pm UTC) from DE — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 66.29.152.206, located in United States and belongs to NAMECHEAP-NET, US. The main domain is rbx24.shop.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.

This is the only time rbx24.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Roblox (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1 19	66.29.152.206 66.29.152.206	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
20	3

19 66.29.152.206 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.comparetextbook.com

rbx24.shop.thewellnessdot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rbx24.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	rbx24.shop rbx24.shop	2 MB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	250 B
1	thewellnessdot.com 1 redirects rbx24.shop.thewellnessdot.com	393 B
20	3

	Domain	Requested by
18	rbx24.shop	rbx24.shop
1	www.google-analytics.com	rbx24.shop
1	rbx24.shop.thewellnessdot.com	1 redirects
20	3

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
*.rbx24.shop R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rbx24.shop/
Frame ID: EE6F3020D36DBD3F9557A8D403188A37
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Robux - Roblox 24

Page URL History Show full URLs

https://rbx24.shop.thewellnessdot.com/ HTTP 301
https://rbx24.shop/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

2382 kB
Transfer

2732 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rbx24.shop.thewellnessdot.com/ HTTP 301
https://rbx24.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rbx24.shop/ Redirect Chain https://rbx24.shop.thewellnessdot.com/ https://rbx24.shop/	81 KB 21 KB	1245ms 377ms	Document text/html	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `8e1a08772d01e3cf2e34d1af20d987fd157e346224965f07a0289d18033a0869` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control private, must-revalidate, public Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 17 Jun 2024 12:56:33 GMT ETag W/"14583-618e7119b7003" Expires Mon, 17 Jun 2024 12:56:33 GMT Last-Modified Mon, 20 May 2024 18:42:52 GMT Link </wp-content/cache/minify/d52ed.js>; rel=preload; as=script </wp-content/cache/minify/f5b9c.js>; rel=preload; as=script </wp-content/cache/minify/19979.js>; rel=preload; as=script </wp-content/cache/minify/69ec8.css>; rel=preload; as=style Pragma public Referrer-Policy no-referrer-when-downgrade Server nginx Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding,Cookie Redirect headers Cache-Control private, must-revalidate Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 17 Jun 2024 12:56:32 GMT Expires Mon, 17 Jun 2024 13:56:32 GMT Location https://rbx24.shop/ Referrer-Policy no-referrer-when-downgrade Server nginx Vary X-Forwarded-Proto,Accept-Encoding X-Redirect-By WordPress
GET H/1.1	200 OK	d52ed.js Show response rbx24.shop/wp-content/cache/minify/	86 KB 35 KB	194ms 193ms	Script application/x-javascript	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/cache/minify/d52ed.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:33 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 11 May 2024 05:05:22 GMT Server nginx ETag W/"15601-618269974fd8f" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	f5b9c.js Show response rbx24.shop/wp-content/cache/minify/	307 KB 117 KB	753ms 380ms	Script application/x-javascript	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/cache/minify/f5b9c.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `d6566ab721cc5fb5c1b5615e399ac8ec76ebb930144a5319fbded050361ed928` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 11 May 2024 05:05:23 GMT Server nginx ETag W/"4ca2c-61826997eb6e1" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:34 GMT
GET H/1.1	200 OK	19979.js Show response rbx24.shop/wp-content/cache/minify/	21 KB 7 KB	570ms 197ms	Script application/x-javascript	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/cache/minify/19979.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `42b85c7084ed3e32f76b3a23755b48338606bd8e65c8acfa83bc599a3dad54fd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 11 May 2024 05:05:23 GMT Server nginx ETag W/"55c5-618269982a335" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:34 GMT
GET H/1.1	200 OK	69ec8.css rbx24.shop/wp-content/cache/minify/	12 KB 3 KB	559ms 187ms	Stylesheet text/css	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/cache/minify/69ec8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `199fa3b04a4a8de9a5dd741992c168af4c5a306ddddee84450e9d584168028f9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 11 May 2024 08:58:17 GMT Server nginx ETag W/"318a-61829da6fc485" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type text/css Cache-Control public, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	lazyload.min.js Show response rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/	6 KB 3 KB	572ms 198ms	Script application/x-javascript	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 27 Apr 2024 02:23:55 GMT Server nginx ETag W/"1883-6170ab646f816" Transfer-Encoding chunked Vary Accept-Encoding, X-Forwarded-Proto,Accept-Encoding Content-Type application/x-javascript Cache-Control private, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:34 GMT
GET H/1.1	200 OK	40dee4391224.google-fonts.css rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/	15 KB 1 KB	185ms 185ms	Stylesheet text/css	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/cache/perfmatters/rbx24.shop/fonts/40dee4391224.google-fonts.css Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `a16e1b2beab3de777c2484f64f8ab7c2229d35cdfa804026df0e6dde52f2a87d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Sat, 27 Apr 2024 02:24:32 GMT Server nginx ETag W/"3bdb-6170ab87dba78" Transfer-Encoding chunked Vary Accept-Encoding, X-Forwarded-Proto,Accept-Encoding Content-Type text/css Cache-Control public, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:33 GMT
GET BLOB	200 OK	fb116b23-0e19-4c95-9194-aae6d71fb378 https://rbx24.shop/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://rbx24.shop/fb116b23-0e19-4c95-9194-aae6d71fb378 Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9643fa64a4979f7742feca04bb71b1b9ea1328feb9e7f62f879dd4c71ae440b7` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e0eb1a28c692ef1b05f3d3c3ca20e8dc999b0dec94dffec3b3896ba5bea2a17a` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `aaf69f969c85107828b863ad90f70534c60fc64cbb1a7f3e28d78692d8854db5` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	body-bg.jpg rbx24.shop/wp-content/uploads/2024/04/	435 KB 436 KB	185ms 185ms	Image image/jpeg	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/body-bg.jpg Requested by Host: rbx24.shop URL: https://rbx24.shop/wp-content/cache/minify/69ec8.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/wp-content/cache/minify/69ec8.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 03:43:14 GMT Server nginx ETag "6cca2-61642a77f6ed7" Vary X-Forwarded-Proto,Accept Content-Type image/jpeg Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 445602 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response rbx24.shop/wp-includes/js/	18 KB 6 KB	187ms 187ms	Script application/x-javascript	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:34 GMT Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Last-Modified Tue, 13 Feb 2024 20:06:08 GMT Server nginx ETag W/"4926-61148ecc64c00" Transfer-Encoding chunked Vary Accept-Encoding, X-Forwarded-Proto,Accept-Encoding Content-Type application/x-javascript Cache-Control private, public Connection keep-alive Expires Tue, 17 Jun 2025 12:56:34 GMT
POST H2	204	collect www.google-analytics.com/g/	0 250 B	137ms 47ms	Ping text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DQZL4CVEFC&gtm=45je4580v9183781306za200&_p=1718628994460&gcd=13l3l3l3l1&npa=0&dma=0&cid=492575247.1718628995&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718628995&sct=1&seg=0&dl=https%3A%2F%2Frbx24.shop%2F&dt=Free%20Robux%20-%20Roblox%2024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3639 Requested by Host: rbx24.shop URL: https://rbx24.shop/wp-content/cache/minify/f5b9c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 17 Jun 2024 12:56:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://rbx24.shop cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	roblox-free-robux-logo-02-02-02.png rbx24.shop/wp-content/uploads/2024/04/	5 KB 5 KB	207ms 207ms	Image image/png	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/roblox-free-robux-logo-02-02-02.png Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `0689bc07f3ebb04f21f50f7c7ad61c48e47c71792d90725e31dd9b4323508ad7` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 05:04:26 GMT Server nginx ETag "1233-61643c9f1f9a1" Vary X-Forwarded-Proto,Accept Content-Type image/png Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 4659 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	robux-coins1.png rbx24.shop/wp-content/uploads/2024/04/	376 KB 376 KB	409ms 409ms	Image image/png	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/robux-coins1.png Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `29f1089e204095ce116fe339f942b77f319e8d4334a559dd55a9248d98d22521` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 04:26:38 GMT Server nginx ETag "5dedc-6164342b643c1" Vary X-Forwarded-Proto,Accept Content-Type image/png Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 384732 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	blox-fruits.webp rbx24.shop/wp-content/uploads/2024/05/	67 KB 67 KB	411ms 410ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/05/blox-fruits.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `f6b688a625c27a4dc1e94d7af2a9d0d1315976bc855042d4c16af07e73c84ffa` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Mon, 20 May 2024 17:48:18 GMT Server nginx ETag "10b0e-618e64e81414e" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 68366 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	Robux-for-Cheap.webp rbx24.shop/wp-content/uploads/2024/04/	254 KB 254 KB	206ms 206ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/Robux-for-Cheap.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `ae0748e4c760de4ea992541a1c4f9ac7cd7b5da6e2a55542975b4e6bad7fef65` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 26 Apr 2024 18:48:53 GMT Server nginx ETag "3f844-617045af7cd58" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 260164 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	how-to-get-free-robux-easyv.webp rbx24.shop/wp-content/uploads/2024/04/	228 KB 228 KB	412ms 204ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/how-to-get-free-robux-easyv.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `7c91b19d6ddf763205b220003c87c913eb7a0326796af3e4d1248a53f088dcca` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sun, 21 Apr 2024 04:26:30 GMT Server nginx ETag "38e60-61693b9a1af9f" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 233056 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	discounted-robux.webp rbx24.shop/wp-content/uploads/2024/04/	296 KB 297 KB	614ms 413ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/discounted-robux.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `c70539ae9fee01aa36ca10b23ea8f8d32d816c0f97ef401e8f2d38e4f41c9e34` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sun, 21 Apr 2024 04:02:28 GMT Server nginx ETag "4a1fa-6169363ae0514" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 303610 Expires Tue, 17 Jun 2025 12:56:33 GMT
GET H/1.1	200 OK	roblox-com-for-free.webp rbx24.shop/wp-content/uploads/2024/04/	310 KB 311 KB	197ms 197ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/roblox-com-for-free.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `f80a22122de0449f98158f6291cd53dbe5a5e4fe09110c0a6da3ce05dbde553f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Sun, 21 Apr 2024 03:03:47 GMT Server nginx ETag "4d8a8-6169291cee99b" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 317608 Expires Tue, 17 Jun 2025 12:56:34 GMT
GET H/1.1	200 OK	robux-website.webp rbx24.shop/wp-content/uploads/2024/04/	213 KB 213 KB	199ms 199ms	Image image/webp	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://rbx24.shop/wp-content/uploads/2024/04/robux-website.webp Requested by Host: rbx24.shop URL: https://rbx24.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `81d49f0befe25968e3debbbf415768aaaff460634828e3d18a4be19ae69ba0ff` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:35 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 19 Apr 2024 05:59:16 GMT Server nginx ETag "35222-6166cc9b8f5d1" Vary X-Forwarded-Proto,Accept-Encoding Content-Type image/webp Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 217634 Expires Tue, 17 Jun 2025 12:56:34 GMT
GET H/1.1	200 OK	cropped-roblox-free-robux-logo-02-02-02-1-32x32.png rbx24.shop/wp-content/uploads/2024/04/	1 KB 2 KB	186ms 185ms	Other image/png	66.29.152.206 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://rbx24.shop/wp-content/uploads/2024/04/cropped-roblox-free-robux-logo-02-02-02-1-32x32.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 66.29.152.206 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server1.comparetextbook.com Software nginx / Resource Hash `61677804477e9c42fc846c8413a3eb9844349969dd909f4bc5fb448db0b65134` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://rbx24.shop/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma public Date Mon, 17 Jun 2024 12:56:36 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 05:34:50 GMT Server nginx ETag "4d4-61644369f7774" Vary X-Forwarded-Proto,Accept Content-Type image/png Cache-Control public, public Connection keep-alive Accept-Ranges bytes Content-Length 1236 Expires Tue, 17 Jun 2025 12:56:34 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Roblox (Gaming)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rbx24.shop/	1970-01-21 06:59:48	Name: _ga_DQZL4CVEFC Value: GS1.1.1718628995.1.0.1718628995.0.0.0
			.rbx24.shop/	1970-01-21 06:59:48	Name: _ga Value: GA1.1.492575247.1718628995

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://rbx24.shop/ Message: The resource https://rbx24.shop/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rbx24.shop
rbx24.shop.thewellnessdot.com
www.google-analytics.com
2001:4860:4802:36::178
66.29.152.206
0689bc07f3ebb04f21f50f7c7ad61c48e47c71792d90725e31dd9b4323508ad7
199fa3b04a4a8de9a5dd741992c168af4c5a306ddddee84450e9d584168028f9
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
29f1089e204095ce116fe339f942b77f319e8d4334a559dd55a9248d98d22521
42b85c7084ed3e32f76b3a23755b48338606bd8e65c8acfa83bc599a3dad54fd
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61677804477e9c42fc846c8413a3eb9844349969dd909f4bc5fb448db0b65134
7c91b19d6ddf763205b220003c87c913eb7a0326796af3e4d1248a53f088dcca
81d49f0befe25968e3debbbf415768aaaff460634828e3d18a4be19ae69ba0ff
8e1a08772d01e3cf2e34d1af20d987fd157e346224965f07a0289d18033a0869
9643fa64a4979f7742feca04bb71b1b9ea1328feb9e7f62f879dd4c71ae440b7
a16e1b2beab3de777c2484f64f8ab7c2229d35cdfa804026df0e6dde52f2a87d
aaf69f969c85107828b863ad90f70534c60fc64cbb1a7f3e28d78692d8854db5
ae0748e4c760de4ea992541a1c4f9ac7cd7b5da6e2a55542975b4e6bad7fef65
c45388c0937dde58151ba6f3d2225751b8b89ac001be1ef1f40134c61d391b8e
c70539ae9fee01aa36ca10b23ea8f8d32d816c0f97ef401e8f2d38e4f41c9e34
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d6566ab721cc5fb5c1b5615e399ac8ec76ebb930144a5319fbded050361ed928
e0eb1a28c692ef1b05f3d3c3ca20e8dc999b0dec94dffec3b3896ba5bea2a17a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6b688a625c27a4dc1e94d7af2a9d0d1315976bc855042d4c16af07e73c84ffa
f80a22122de0449f98158f6291cd53dbe5a5e4fe09110c0a6da3ce05dbde553f

rbx24.shop Open in urlscan Pro 66.29.152.206 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

2382 kBTransfer

2732 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

48 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

rbx24.shop Open in urlscan Pro
66.29.152.206 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

2382 kB
Transfer

2732 kB
Size

2
Cookies

20 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!