gamehata.net
Open in
urlscan Pro
104.168.234.39
Malicious Activity!
Public Scan
Effective URL: https://gamehata.net/kinks/
Submission: On May 06 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on March 16th 2022. Valid for: 3 months.
This is the only time gamehata.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::ac43:1e1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.168.234.39 104.168.234.39 | 54290 (HOSTWINDS) (HOSTWINDS) | |
1 | 2a04:4e42:400... 2a04:4e42:400::729 | 54113 (FASTLY) (FASTLY) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700:303... 2606:4700:3033::6815:3f36 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2600:9000:21a... 2600:9000:21a2:7a00:1c:b3e3:eb40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:809::2016 | 15169 (GOOGLE) (GOOGLE) | |
2 | 146.75.32.193 146.75.32.193 | 54113 (FASTLY) (FASTLY) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:21a... 2600:9000:21a2:9a00:3:b5aa:ad80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2607:f8b0:400... 2607:f8b0:4006:824::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2600:9000:21a... 2600:9000:21a2:5800:13:652b:c180:21 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 12 |
ASN54290 (HOSTWINDS, US)
PTR: hwsrv-652601.hostwindsdns.com
gamehata.net |
ASN15169 (GOOGLE, US)
fonts.googleapis.com |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
ASN16509 (AMAZON-02, US)
d13nu0oomnx5ti.cloudfront.net |
ASN16509 (AMAZON-02, US)
dgu9g3a2kzqx2.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
cloudfront.net
d13pxqgp3ixdbh.cloudfront.net d13nu0oomnx5ti.cloudfront.net dgu9g3a2kzqx2.cloudfront.net |
237 KB |
5 |
gstatic.com
fonts.gstatic.com Failed |
239 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432 |
32 KB |
2 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 4686 |
14 KB |
2 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1448 |
75 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102 |
17 KB |
1 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4447 |
21 KB |
1 |
gamehata.net
gamehata.net |
16 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com — Cisco Umbrella Rank: 22833 |
416 B |
25 | 9 |
Domain | Requested by | |
---|---|---|
5 | dgu9g3a2kzqx2.cloudfront.net |
d13nu0oomnx5ti.cloudfront.net
|
5 | fonts.gstatic.com |
gamehata.net
fonts.googleapis.com |
3 | d13pxqgp3ixdbh.cloudfront.net |
gamehata.net
|
2 | i.imgur.com |
gamehata.net
|
2 | use.fontawesome.com |
gamehata.net
use.fontawesome.com |
2 | fonts.googleapis.com |
gamehata.net
|
1 | d13nu0oomnx5ti.cloudfront.net |
gamehata.net
|
1 | ajax.googleapis.com |
gamehata.net
|
1 | i.ytimg.com |
gamehata.net
|
1 | browser.sentry-cdn.com |
gamehata.net
|
1 | gamehata.net | |
1 | tinyurl.com | 1 redirects |
25 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gamehata.net R3 |
2022-03-16 - 2022-06-14 |
3 months | crt.sh |
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-11-26 - 2022-12-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-07 - 2022-07-06 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
edgestatic.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gamehata.net/kinks/
Frame ID: C0D0942F7C255E296747B08155FF6F1C
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
King of Kinks GeneratorPage URL History Show full URLs
-
http://tinyurl.com/2p8b7pe3
HTTP 307
https://tinyurl.com/2p8b7pe3 HTTP 301
https://gamehata.net/kinks/ Page URL
Detected technologies
Sentry (Issue Trackers) ExpandDetected patterns
- <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
- browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tinyurl.com/2p8b7pe3
HTTP 307
https://tinyurl.com/2p8b7pe3 HTTP 301
https://gamehata.net/kinks/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
gamehata.net/kinks/ Redirect Chain
|
67 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/6.4.1/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
1 KB 495 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.3.1/css/ |
48 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1563298961d7e11a0c316ea6a189a4b4e2bd1ad627.css
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
138 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15632989585b40da5bd6314d160701458ac2c4a7d1.css
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
51 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mqdefault.jpg
i.ytimg.com/vi/vdfMdA24g3M/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8l1cL62.png
i.imgur.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kZetz72.png
i.imgur.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3e7a446.js
d13nu0oomnx5ti.cloudfront.net/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15607272053787c9f516c16e5a1a9288d97413bdb2.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/roboto/v15/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hESh6WRmNCxEqUmNyh3JDeGxjVVyMg4tHGctNCu0.woff2
fonts.gstatic.com/s/materialiconstwotone/v106/ |
207 KB 208 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ |
64 KB 64 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ |
7 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2291980.87bed.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
dgu9g3a2kzqx2.cloudfront.net/public/ |
0 287 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
78 B 371 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Sentry object| __SENTRY__ function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| rng function| Random function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS string| message function| defeatIE function| defeatNS object| shortcut string| cstm_1 string| cstm_2 string| cstm_3 string| cstm_4 string| cstm_5 string| cstm_6 string| cstm_7 string| rv1_1 string| rv1_2 string| rv1_3 string| rv1_4 string| rn1 string| rv2_1 string| rv2_2 string| rv2_3 string| rv2_4 string| rn21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gamehata.net/ | Name: _cpguid Value: dvd88nsgi |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
browser.sentry-cdn.com
d13nu0oomnx5ti.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gamehata.net
i.imgur.com
i.ytimg.com
tinyurl.com
use.fontawesome.com
fonts.gstatic.com
104.168.234.39
146.75.32.193
2600:9000:21a2:5800:13:652b:c180:21
2600:9000:21a2:7a00:1c:b3e3:eb40:21
2600:9000:21a2:9a00:3:b5aa:ad80:21
2606:4700:10::ac43:1e1
2606:4700:3033::6815:3f36
2607:f8b0:4006:809::2016
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:824::2003
2a04:4e42:400::729
00619814b3b256720a9ffd9408397d0ffe5559ff301d608eb66f585343fd83a2
040e28f87fd186f1700f7e2013c756a2b22e6fa3de95a2f444a390be8084deeb
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1762d06d3b37829fc9532962c4f306bb52fe9c972b94323d591f8bc2264d4131
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
5e019680950c6b3cab463e1435e99af28c3f48e14d87de03aa6be5d00e8f1f83
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a1382bb94cd395504c548109457dfcf059ab9c621988629ed39df3b6aafe1510
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b487e691f36ea1e53481e90a526d69170f7e34e5bc8be93cdc08d794871ebc54
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
dc01cb6d525ec77fed202252c9983af603664986198b8ebd45c1a2b94e4331ff
de44e46a52f596b1a08a689d9a800810384271e344bb9edde622bfeb3b52b010
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484d06143828d00699ea9d0656f513cbac30f72a212c79562434d8e54c1d368
f5447334feff96823ccccac69954d0000815dd1975207aa36d242b32e64a4b38
f7f99fd57fb66e1a8d694922a1bd57fe33b5cbe049eaf2e4c5539f41ae92e450